This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft File: aCMaUAoKgQjcekNYsQArH9vweZU.mft (raw, json) Hash identifier: 0khYNLEx/GX/CivStIOmUg5sG+CxMvUBMupftI6XoPE= Subject key identifier: 3F:94:B3:07:D4:93:3A:72:BB:99:E3:BF:CC:37:B3:DC:90:3D:0A:B5 Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95 Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995 Certificate serial: 019AF352C85F3B64FF26D80382C937840ED3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 11:01:19 +0000 Manifest this update: Sat 06 Dec 2025 11:01:19 +0000 Manifest next update: Sun 07 Dec 2025 11:01:19 +0000 Files and hashes: 1: XSGE2n2dKWY3M_jq3MngIc3i_t8.roa (hash: pwMRSRLzn3jyPbMLShLv8HDNQd5Gm8ws1AjCFBEAHaU=) 2: aCMaUAoKgQjcekNYsQArH9vweZU.crl (hash: qNEQLWV7fRgcmulfnNGTkTWyp8TSURIbaPCPtySMu2U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:c8:5f:3b:64:ff:26:d8:03:82:c9:37:84:0e:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995 Validity Not Before: Dec 6 11:01:19 2025 GMT Not After : Dec 7 11:01:19 2025 GMT Subject: CN=3f94b307d4933a72bb99e3bfcc37b3dc903d0ab5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:89:47:7f:69:3e:cc:b6:4d:7f:0e:b0:ca:19: 99:18:47:bf:68:68:2c:4d:d4:68:09:bf:9a:d9:f5: bc:0b:1c:f2:b5:cb:19:1b:c3:19:c0:41:6c:98:c5: b8:b1:bc:cf:23:6d:90:4c:e8:be:33:00:00:9e:8b: 28:e6:7f:86:5d:1c:d6:82:4e:a6:6a:dd:27:b1:1e: 1a:96:27:32:dc:b3:38:30:5b:c0:8a:f4:a8:e9:00: 8a:79:69:44:c0:18:a5:b9:93:68:0c:7a:91:87:2a: 5f:24:70:d3:a1:99:95:4e:cc:cd:0e:cf:b9:14:69: 4a:d6:01:f5:64:9f:e6:f7:b2:50:30:1f:33:b1:19: 22:6b:62:9e:c5:db:09:59:ab:eb:29:2f:36:37:bc: ef:70:29:8c:af:15:91:0a:e5:62:5b:49:c6:a9:e9: bb:83:37:19:15:7e:b4:b9:55:78:cf:45:9a:88:de: 19:66:3d:f5:15:ea:35:93:30:f3:93:ee:8c:ce:7b: 5d:6f:25:8c:dd:64:0e:7f:9d:7e:4c:3c:54:3b:bf: ff:de:13:5b:91:35:0e:55:40:26:79:51:b1:56:82: e0:f9:7b:1e:1b:da:85:57:a5:5c:0e:72:16:bb:53: 33:b1:c7:ef:a3:b5:a2:04:15:af:a8:a0:2e:bd:f3: 23:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:94:B3:07:D4:93:3A:72:BB:99:E3:BF:CC:37:B3:DC:90:3D:0A:B5 X509v3 Authority Key Identifier: keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:e6:df:1e:fa:18:1e:c3:f2:c1:03:d5:c8:44:1d:45:e4:9d: 2e:7c:1e:2b:f4:f9:01:ce:fe:5f:1d:3e:4d:98:9b:6a:11:57: 35:36:01:dc:e2:ac:27:17:ea:41:d3:f2:8f:b1:46:e7:ea:02: 1d:82:9b:72:98:21:7e:d7:0c:14:a4:f8:6e:9c:c9:b5:71:28: bb:20:39:ee:d1:bd:a6:8f:0c:64:4a:e6:de:8d:1c:6c:76:01: 89:fe:20:76:30:fd:95:b8:ca:a5:70:67:de:81:d4:bd:c0:f6: a2:94:a8:2c:78:8f:5f:6c:ea:88:85:5d:be:40:08:68:6c:c1: 6a:1c:fa:bf:e9:01:5d:a0:9a:d5:3a:48:ed:07:a0:b0:2f:e1: eb:69:74:8f:9a:2a:5d:e3:cf:e1:3a:bb:66:13:49:65:7b:c0: fb:be:eb:63:cf:f2:6d:c8:63:0b:6d:a2:77:50:2a:e4:a0:8e: cd:ec:95:0f:2c:13:65:79:2a:b7:00:8b:af:cc:c8:fd:bb:36: ca:16:64:25:66:1e:09:9b:9f:6a:b9:71:7b:dc:2d:d7:40:d1: 76:11:9a:53:5a:90:a9:4e:79:f8:bb:ee:2e:de:eb:a2:c6:43: 01:7d:07:4f:1c:3b:25:8f:93:3c:c3:d9:73:52:fb:31:f8:56: 1a:dd:b3:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUshfO2T/JtgDgsk3hA7TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MjMxYTUwMGEwYTgxMDhkYzdhNDM1OGIxMDAyYjFmZGJm MDc5OTUwHhcNMjUxMjA2MTEwMTE5WhcNMjUxMjA3MTEwMTE5WjAzMTEwLwYDVQQD EygzZjk0YjMwN2Q0OTMzYTcyYmI5OWUzYmZjYzM3YjNkYzkwM2QwYWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYlHf2k+zLZNfw6wyhmZGEe/aGgs TdRoCb+a2fW8CxzytcsZG8MZwEFsmMW4sbzPI22QTOi+MwAAnoso5n+GXRzWgk6m at0nsR4alicy3LM4MFvAivSo6QCKeWlEwBiluZNoDHqRhypfJHDToZmVTszNDs+5 FGlK1gH1ZJ/m97JQMB8zsRkia2KexdsJWavrKS82N7zvcCmMrxWRCuViW0nGqem7 gzcZFX60uVV4z0WaiN4ZZj31Feo1kzDzk+6MzntdbyWM3WQOf51+TDxUO7//3hNb kTUOVUAmeVGxVoLg+XseG9qFV6VcDnIWu1Mzscfvo7WiBBWvqKAuvfMjiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD+UswfUkzpyu5njv8w3s9yQPQq1MB8GA1UdIwQY MBaAFGgjGlAKCoEI3HpDWLEAKx/b8HmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmIt N2YyM2IzNDY4NmMyLzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi8wMGIwODUtOTk2Ni00Mjc1LWE1MmItN2YyM2IzNDY4NmMy LzEvYUNNYVVBb0tnUWpjZWtOWXNRQXJIOXZ3ZVpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+bfHvoY HsPywQPVyEQdReSdLnweK/T5Ac7+Xx0+TZibahFXNTYB3OKsJxfqQdPyj7FG5+oC HYKbcpghftcMFKT4bpzJtXEouyA57tG9po8MZErm3o0cbHYBif4gdjD9lbjKpXBn 3oHUvcD2opSoLHiPX2zqiIVdvkAIaGzBahz6v+kBXaCa1TpI7QegsC/h62l0j5oq XePP4Tq7ZhNJZXvA+77rY8/ybchjC22id1Aq5KCOzeyVDywTZXkqtwCLr8zI/bs2 yhZkJWYeCZufarlxe9wt10DRdhGaU1qQqU55+LvuLt7rosZDAX0HTxw7JY+TPMPZ c1L7MfhWGt2zEg== -----END CERTIFICATE-----Generated at Sat Dec 6 15:52:15 2025 by rpki-client