This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft File: aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json) Hash identifier: pG7B8Oui5AYJGAJsUN0uVi1T1pDSU4PtMnCPjiDGa04= Subject key identifier: 4F:A2:AF:55:A9:B3:EB:72:43:14:0A:6E:C6:A0:DD:4D:18:F7:ED:A8 Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A Certificate issuer: /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Certificate serial: 019AF1D22B7EA1CEED0793B88E270BC790C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft Manifest number: 16F0 Signing time: Sat 06 Dec 2025 04:01:13 +0000 Manifest this update: Sat 06 Dec 2025 04:01:13 +0000 Manifest next update: Sun 07 Dec 2025 04:01:13 +0000 Files and hashes: 1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: koHO8MBWkgSj6ci2IzoPnrn1FHA4zeFkk7d2pmFwoYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:2b:7e:a1:ce:ed:07:93:b8:8e:27:0b:c7:90:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Validity Not Before: Dec 6 04:01:13 2025 GMT Not After : Dec 7 04:01:13 2025 GMT Subject: CN=4fa2af55a9b3eb7243140a6ec6a0dd4d18f7eda8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:84:5c:8d:6e:4b:58:45:db:79:f4:cb:15:58: 42:e3:74:90:e3:1e:d0:73:34:a4:33:ff:c2:1a:f3: d6:50:6f:ae:62:ba:ca:c5:f9:72:e6:c9:87:35:d8: 0e:0c:2a:4d:17:c7:6f:1e:61:f3:16:fb:8b:d9:cc: d5:8f:c4:bf:19:3c:ee:74:69:b8:db:39:36:ad:f2: 2d:b8:75:f1:db:5a:71:d1:9f:f1:ff:d2:dd:d7:95: a4:69:e7:6e:e8:c8:ad:85:13:83:1e:7b:55:76:47: 7e:bd:c7:f2:fe:c2:92:d3:ba:03:1f:a6:fe:af:5d: 2a:a7:db:d7:e0:43:76:29:b9:51:3e:6a:cd:56:05: cf:82:56:2d:06:0f:f5:d8:ba:2d:63:2c:fa:f2:1a: ae:c8:df:0e:de:46:0f:6e:79:b9:2e:aa:d0:53:1b: 60:72:99:5e:44:11:5d:b0:61:2f:06:49:16:c3:2d: b9:b0:e1:26:77:1b:46:78:f5:39:26:f9:52:fa:b4: 1a:db:5f:ae:a2:71:25:c7:3a:51:9e:5e:10:9b:9e: 22:3d:99:a8:00:2d:b1:c0:e3:1f:61:de:bf:fc:f9: 12:0f:4a:62:a4:b1:d4:aa:4b:c8:b2:06:4a:23:0b: fd:ee:ec:4b:78:ea:33:0d:c6:2c:96:aa:44:1c:41: a1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:A2:AF:55:A9:B3:EB:72:43:14:0A:6E:C6:A0:DD:4D:18:F7:ED:A8 X509v3 Authority Key Identifier: keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:d6:cd:86:c3:e8:fb:a5:11:0f:1b:49:2c:ac:f2:74:37:38: af:7f:2f:c6:63:2c:be:c1:c4:49:10:41:95:4d:55:8f:9c:a4: 5c:05:fd:bf:79:16:67:2e:2a:df:ac:ce:79:b2:95:c9:24:b5: a5:a7:ae:be:0b:ec:c9:61:b3:07:64:dd:fc:69:7f:18:11:c5: f5:f9:eb:da:27:e5:94:71:30:37:2f:53:a3:a7:a9:44:61:c8: 7d:f8:e5:94:09:9f:4e:03:17:d3:cc:c5:7d:25:6e:9a:a1:73: 59:29:f4:68:ff:29:14:a7:f5:e2:8c:a2:34:e9:17:4e:a4:9e: a5:b0:af:a8:46:37:8a:29:72:fa:5a:a5:7d:b4:65:fd:a0:38: 96:6a:bb:a6:d9:f6:20:30:72:f0:59:01:2e:88:d7:e8:59:ce: 80:4f:9a:4b:76:70:11:31:f0:40:e4:09:d4:7f:f7:74:5d:cd: 55:bc:47:18:66:95:f8:f6:d1:72:fd:0f:9f:f9:49:fb:94:99: fd:a9:cf:28:09:75:73:d1:36:be:bd:de:4a:aa:bc:6c:49:73: a5:90:b6:eb:c5:27:4e:10:d7:44:26:9b:70:b8:03:20:09:9b: 4f:7b:0c:3a:b9:44:72:e7:a6:4b:7b:2e:8f:63:49:06:7b:33: 7d:e4:5f:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0it+oc7tB5O4jicLx5DIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0 YjQ4MGEwHhcNMjUxMjA2MDQwMTEzWhcNMjUxMjA3MDQwMTEzWjAzMTEwLwYDVQQD Eyg0ZmEyYWY1NWE5YjNlYjcyNDMxNDBhNmVjNmEwZGQ0ZDE4ZjdlZGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIRcjW5LWEXbefTLFVhC43SQ4x7Q czSkM//CGvPWUG+uYrrKxfly5smHNdgODCpNF8dvHmHzFvuL2czVj8S/GTzudGm4 2zk2rfItuHXx21px0Z/x/9Ld15Wkaedu6MithRODHntVdkd+vcfy/sKS07oDH6b+ r10qp9vX4EN2KblRPmrNVgXPglYtBg/12LotYyz68hquyN8O3kYPbnm5LqrQUxtg cpleRBFdsGEvBkkWwy25sOEmdxtGePU5JvlS+rQa21+uonElxzpRnl4Qm54iPZmo AC2xwOMfYd6//PkSD0pipLHUqkvIsgZKIwv97uxLeOozDcYslqpEHEGhxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE+ir1Wps+tyQxQKbsag3U0Y9+2oMB8GA1UdIwQY MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAANbNhsPo +6URDxtJLKzydDc4r38vxmMsvsHESRBBlU1Vj5ykXAX9v3kWZy4q36zOebKVySS1 paeuvgvsyWGzB2Td/Gl/GBHF9fnr2ifllHEwNy9To6epRGHIffjllAmfTgMX08zF fSVumqFzWSn0aP8pFKf14oyiNOkXTqSepbCvqEY3iily+lqlfbRl/aA4lmq7ptn2 IDBy8FkBLojX6FnOgE+aS3ZwETHwQOQJ1H/3dF3NVbxHGGaV+PbRcv0Pn/lJ+5SZ /anPKAl1c9E2vr3eSqq8bElzpZC268UnThDXRCabcLgDIAmbT3sMOrlEcuemS3su j2NJBnszfeRfnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:33:11 2025 by rpki-client