This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft File: 0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json) Hash identifier: TpuF60jU+JKYdIJYIto7t2U0JwXYnhHBBelF2mHkbuI= Subject key identifier: 06:7B:BD:33:B8:05:DF:B1:6D:21:68:94:F3:8F:9B:EC:28:61:C5:15 Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B Certificate issuer: /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b Certificate serial: 019AF3F7EFDA2BEE38E869B07EE60A13BEBC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft Manifest number: 1099 Signing time: Sat 06 Dec 2025 14:01:43 +0000 Manifest this update: Sat 06 Dec 2025 14:01:43 +0000 Manifest next update: Sun 07 Dec 2025 14:01:43 +0000 Files and hashes: 1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: hFHiA1ss2RtUrpRxE1l+fVTQi4gHFJoFl/T2G8foSlw=) 2: p1fyn5poKGi3v6udklaZLK6DaPs.roa (hash: ksuBLRSUua1zFmd4JmcnhcAsP8MWyD8OR/dcK6d/pkM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:ef:da:2b:ee:38:e8:69:b0:7e:e6:0a:13:be:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b Validity Not Before: Dec 6 14:01:43 2025 GMT Not After : Dec 7 14:01:43 2025 GMT Subject: CN=067bbd33b805dfb16d216894f38f9bec2861c515 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a9:ae:a6:09:6e:aa:66:78:f9:9b:9c:af:10: 24:c7:c1:f5:5b:d7:52:1c:49:ff:fe:a6:dc:ca:eb: b3:71:12:37:56:0a:ab:24:79:46:70:eb:44:75:16: 78:f0:be:0a:33:ef:6e:47:2e:64:bb:4b:d2:28:20: fd:22:c3:92:8a:20:de:a4:ab:70:c9:00:8a:ed:e7: 6b:4b:68:15:6d:99:99:71:3c:90:f2:4b:2d:76:dd: 1d:50:d7:a7:53:ff:eb:3c:5e:c9:60:c5:b0:a8:36: 82:9b:8b:20:1e:ff:9e:da:e1:63:9f:25:6a:5a:73: 96:f9:43:7f:5d:40:7b:bf:ea:25:09:5a:96:e8:ec: 14:7e:76:fa:32:c4:f6:fd:e0:03:0b:f5:c1:d4:5b: 00:46:ba:82:dc:59:0d:c9:3c:ed:68:46:97:8d:12: 0d:98:e1:55:19:61:3f:34:a8:c5:54:d6:fd:aa:01: f6:0c:d0:de:cd:ae:a1:67:63:23:8f:62:44:45:ab: ca:78:4c:c4:f0:32:ca:50:f0:e5:bc:f1:cf:6d:36: b8:13:69:92:79:1e:0f:20:5d:c6:6a:0f:25:33:7e: a0:40:4e:98:e5:5f:3b:f5:d2:03:e5:e1:f1:86:7a: 19:80:62:b8:d0:d3:f0:70:c2:c2:79:a4:05:37:42: d0:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:7B:BD:33:B8:05:DF:B1:6D:21:68:94:F3:8F:9B:EC:28:61:C5:15 X509v3 Authority Key Identifier: keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:8b:2a:cb:7f:ef:43:eb:a7:0d:bc:75:9a:81:2f:66:88:9a: 23:0a:ce:8e:2e:35:f0:0b:53:ce:a8:35:de:60:c2:20:69:2b: e6:58:50:a3:1c:1a:2e:57:4d:01:27:cf:fa:50:d1:95:c8:b5: 59:ae:d2:a8:df:7f:e0:20:9b:1d:41:72:1f:82:91:0c:e5:53: 97:bc:1a:91:c4:8d:16:ab:ff:e3:9d:2c:84:98:8d:c7:8f:73: 64:b1:09:6d:f3:76:0d:f9:03:d7:69:91:e5:ae:71:f0:88:13: 63:7d:da:79:9c:44:51:e3:23:6e:20:7b:4f:1a:99:0b:ba:49: d6:e7:c5:ae:c3:b2:f3:41:04:6e:ac:13:8e:b3:61:8f:81:98: 9c:a2:df:d5:c7:b3:cd:6f:71:bd:fa:3e:7e:c0:ee:97:40:18: b2:f4:c4:a8:54:4b:49:93:6e:80:3d:c5:dc:a4:8e:07:e5:c0: 7f:53:4a:00:52:74:d3:95:30:d1:a6:30:66:23:24:d6:c6:f1: a8:b9:e4:b4:c8:4d:7b:5c:0a:cb:64:ab:f1:e1:9c:94:7b:c4: 54:2a:a6:7a:6a:68:fb:a5:2d:fb:38:47:af:fa:4a:28:63:c3: 13:64:c2:73:84:03:f0:9e:33:b9:05:03:8b:94:73:6e:19:d3: fa:d4:3c:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9+/aK+446GmwfuYKE768MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0 OWE2MmIwHhcNMjUxMjA2MTQwMTQzWhcNMjUxMjA3MTQwMTQzWjAzMTEwLwYDVQQD EygwNjdiYmQzM2I4MDVkZmIxNmQyMTY4OTRmMzhmOWJlYzI4NjFjNTE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKmupgluqmZ4+ZucrxAkx8H1W9dS HEn//qbcyuuzcRI3VgqrJHlGcOtEdRZ48L4KM+9uRy5ku0vSKCD9IsOSiiDepKtw yQCK7edrS2gVbZmZcTyQ8kstdt0dUNenU//rPF7JYMWwqDaCm4sgHv+e2uFjnyVq WnOW+UN/XUB7v+olCVqW6OwUfnb6MsT2/eADC/XB1FsARrqC3FkNyTztaEaXjRIN mOFVGWE/NKjFVNb9qgH2DNDeza6hZ2Mjj2JERavKeEzE8DLKUPDlvPHPbTa4E2mS eR4PIF3Gag8lM36gQE6Y5V879dID5eHxhnoZgGK40NPwcMLCeaQFN0LQuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAZ7vTO4Bd+xbSFolPOPm+woYcUVMB8GA1UdIwQY MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2 LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYsqy3/v Q+unDbx1moEvZoiaIwrOji418AtTzqg13mDCIGkr5lhQoxwaLldNASfP+lDRlci1 Wa7SqN9/4CCbHUFyH4KRDOVTl7wakcSNFqv/450shJiNx49zZLEJbfN2DfkD12mR 5a5x8IgTY33aeZxEUeMjbiB7TxqZC7pJ1ufFrsOy80EEbqwTjrNhj4GYnKLf1cez zW9xvfo+fsDul0AYsvTEqFRLSZNugD3F3KSOB+XAf1NKAFJ005Uw0aYwZiMk1sbx qLnktMhNe1wKy2Sr8eGclHvEVCqmempo+6Ut+zhHr/pKKGPDE2TCc4QD8J4zuQUD i5RzbhnT+tQ8zw== -----END CERTIFICATE-----Generated at Sat Dec 6 19:12:07 2025 by rpki-client