This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft File: aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json) Hash identifier: ysmGogXAHQ6pgpIfa1oUz0vN42XAYItAt0W6e/qVYjE= Subject key identifier: 48:5C:92:5A:65:C3:6D:38:51:52:70:5A:FA:7F:29:5F:6B:C6:D2:24 Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3 Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3 Certificate serial: 019B32D640D4973D009BAFFC3F220E591389 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft Manifest number: 1786 Signing time: Thu 18 Dec 2025 19:01:00 +0000 Manifest this update: Thu 18 Dec 2025 19:01:00 +0000 Manifest next update: Fri 19 Dec 2025 19:01:00 +0000 Files and hashes: 1: K7Q4iSU5tGlQaFLDbZ74ga5u7QI.roa (hash: 4IoPifHHzLWAa9SoaMyYdsFHlPVY27b7G1cPfRmMmFw=) 2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: OkJvVuS+aSzkfaOqV4E5ZZOUyPujRqTQrMWEAN5IiRA=) 3: lZ9mN5xTttKw5Lu3kt5TBdxoI_c.roa (hash: oCvvxX98yWLH3kfCtYuDTFzL1eqlVEqmDIMPTij8zho=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:40:d4:97:3d:00:9b:af:fc:3f:22:0e:59:13:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3 Validity Not Before: Dec 18 19:01:00 2025 GMT Not After : Dec 19 19:01:00 2025 GMT Subject: CN=485c925a65c36d385152705afa7f295f6bc6d224 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:29:3c:45:11:8b:50:a6:76:18:0b:63:34:70: 32:84:9c:e1:9c:3e:bb:cc:ee:aa:ba:e1:35:af:86: b7:54:22:9a:c7:8e:5a:c9:10:12:05:1d:aa:68:db: 1b:3e:a3:79:85:0a:fb:72:7e:74:84:bc:bc:6c:4f: b9:f3:0d:66:81:24:c6:b2:b2:01:02:2d:01:d5:7a: 10:b0:86:14:cb:93:7f:ca:22:34:d1:b0:9d:67:7b: 0d:ce:24:1e:66:94:ca:26:00:ae:95:a1:e0:25:b2: 42:42:b0:04:b9:50:18:2b:1b:36:1b:8f:44:fa:f3: 8a:61:71:71:61:f8:0c:a5:fd:29:c1:d1:92:54:fc: dd:ac:5e:81:00:4e:61:4c:c4:5e:b9:b2:e3:fc:25: 51:07:1c:a2:d0:e5:1f:12:94:96:3a:2f:a2:ab:ad: 1b:96:9d:48:28:59:83:f9:c9:29:6a:1d:49:81:57: 70:58:55:de:df:79:fd:23:a9:83:b2:ea:2f:a0:62: ca:23:a3:1a:a0:9c:b2:0a:5a:4a:fb:2b:a7:a9:2e: 81:0e:7d:07:85:86:77:60:21:d7:bc:64:bc:d5:ca: e5:43:5d:ad:ea:72:76:d2:ae:20:4f:b4:0e:7b:1a: 68:dc:ed:aa:fc:f7:50:af:74:ac:60:af:b5:ca:f9: 5e:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:5C:92:5A:65:C3:6D:38:51:52:70:5A:FA:7F:29:5F:6B:C6:D2:24 X509v3 Authority Key Identifier: keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:4c:92:9c:61:59:e7:20:82:cd:a0:f5:1a:95:7a:f1:55:e2: 10:9a:b9:c5:0a:16:bb:5a:34:4c:aa:d6:e3:3e:69:3f:ff:d0: a1:5d:eb:15:a5:13:a7:02:2d:93:55:72:fe:2c:3f:bb:79:97: 2e:58:22:82:1b:29:b1:36:9f:3e:28:b9:8f:57:d1:87:a1:d2: c7:c1:f9:6b:82:33:95:17:6d:c3:b7:70:ba:39:39:fb:4f:f7: 92:21:a2:25:9c:8a:21:a3:0c:54:3e:2e:67:b3:78:f3:93:9f: 63:d6:29:5a:09:3a:f7:f4:e0:ae:00:00:74:28:7b:36:f9:5b: f9:85:bf:c2:38:07:22:e6:4b:32:c4:d7:15:6d:8d:75:0c:23: a3:7d:d6:b7:c4:71:db:1f:c5:a2:d0:c2:ff:57:15:86:e4:25: b9:df:ba:46:4d:f0:79:ae:8a:9b:aa:b2:35:bd:6c:e9:8c:44: 9e:0e:2b:3d:2a:85:6a:77:8d:4d:fc:40:2b:a6:3a:50:ff:45: c2:a6:34:9b:8f:0e:50:f6:6d:f0:e9:9e:67:7c:9c:9e:7e:6f: 11:a5:b3:bb:88:2f:37:25:43:bb:df:a7:ad:48:64:0d:1d:bd: ed:56:4f:57:ca:48:e5:f8:d0:4e:1e:6d:01:30:11:01:da:a4: 3e:8c:a9:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1kDUlz0Am6/8PyIOWROJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4 OTAwZTMwHhcNMjUxMjE4MTkwMTAwWhcNMjUxMjE5MTkwMTAwWjAzMTEwLwYDVQQD Eyg0ODVjOTI1YTY1YzM2ZDM4NTE1MjcwNWFmYTdmMjk1ZjZiYzZkMjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Sk8RRGLUKZ2GAtjNHAyhJzhnD67 zO6quuE1r4a3VCKax45ayRASBR2qaNsbPqN5hQr7cn50hLy8bE+58w1mgSTGsrIB Ai0B1XoQsIYUy5N/yiI00bCdZ3sNziQeZpTKJgCulaHgJbJCQrAEuVAYKxs2G49E +vOKYXFxYfgMpf0pwdGSVPzdrF6BAE5hTMReubLj/CVRBxyi0OUfEpSWOi+iq60b lp1IKFmD+ckpah1JgVdwWFXe33n9I6mDsuovoGLKI6MaoJyyClpK+yunqS6BDn0H hYZ3YCHXvGS81crlQ12t6nJ20q4gT7QOexpo3O2q/PdQr3SsYK+1yvlecwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEhcklplw204UVJwWvp/KV9rxtIkMB8GA1UdIwQY MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK0ySnGFZ 5yCCzaD1GpV68VXiEJq5xQoWu1o0TKrW4z5pP//QoV3rFaUTpwItk1Vy/iw/u3mX LlgighspsTafPii5j1fRh6HSx8H5a4IzlRdtw7dwujk5+0/3kiGiJZyKIaMMVD4u Z7N485OfY9YpWgk69/TgrgAAdCh7Nvlb+YW/wjgHIuZLMsTXFW2NdQwjo33Wt8Rx 2x/FotDC/1cVhuQlud+6Rk3wea6Km6qyNb1s6YxEng4rPSqFaneNTfxAK6Y6UP9F wqY0m48OUPZt8OmeZ3ycnn5vEaWzu4gvNyVDu9+nrUhkDR297VZPV8pI5fjQTh5t ATARAdqkPoyp8A== -----END CERTIFICATE-----Generated at Thu Dec 18 21:44:50 2025 by rpki-client