This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft File: aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft (raw, json) Hash identifier: gmHwL5G0De2UtLhc9MX7uZ3+1EUR1bcnBvErNZWY8G8= Subject key identifier: 1A:D3:95:6F:E9:CF:AD:95:CF:92:D2:9B:67:A3:9B:F1:E2:A1:DF:F1 Authority key identifier: 68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55 Certificate issuer: /CN=689c68a45661f90a4059bd8c29a3c967bf92e855 Certificate serial: 019AF1D1EC2D897AA563048AC1E2C529DBD8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft Manifest number: 0724 Signing time: Sat 06 Dec 2025 04:00:57 +0000 Manifest this update: Sat 06 Dec 2025 04:00:57 +0000 Manifest next update: Sun 07 Dec 2025 04:00:57 +0000 Files and hashes: 1: VftZMAe-HTAVpMfwxes2FDGztqs.roa (hash: KKajIYpdkVhXrGRISoXddoe+7uEBtFz7JC2M/TbIWjs=) 2: aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl (hash: kT6noYXes5dDympfJP1w4CkYhLrJPb4+hC11a+3Yfg0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:ec:2d:89:7a:a5:63:04:8a:c1:e2:c5:29:db:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=689c68a45661f90a4059bd8c29a3c967bf92e855 Validity Not Before: Dec 6 04:00:57 2025 GMT Not After : Dec 7 04:00:57 2025 GMT Subject: CN=1ad3956fe9cfad95cf92d29b67a39bf1e2a1dff1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:30:c4:21:6c:fe:e0:96:99:10:98:c5:ac:1c: 62:3f:a7:25:e0:26:2f:43:05:5b:27:94:aa:c3:50: be:b3:60:23:c9:80:40:87:74:36:e1:ae:44:75:0d: 58:52:af:5f:5c:df:13:da:17:98:cf:ee:b3:b3:8f: cc:20:1f:ab:91:4c:60:b6:1c:70:ca:f7:20:37:46: 5c:7c:5b:d5:d4:16:b4:c3:73:6f:3f:55:6e:91:07: 3a:45:34:d8:5e:3f:a7:8a:35:90:3b:f1:8b:bb:fd: 96:f1:7a:1c:cf:f9:ce:fa:37:dd:50:32:50:e7:25: d1:b2:ce:c1:63:16:99:5f:64:17:d2:2e:f9:be:3c: 64:9c:c7:3c:cd:50:25:87:9d:b9:3c:5e:83:c9:15: da:78:fa:93:3a:b0:84:da:72:36:3d:44:16:4d:20: 9d:30:0e:6d:46:5f:90:7a:35:8b:b0:b4:8f:bd:c9: 74:cd:c3:c0:50:61:a9:20:12:2d:4b:08:57:f8:40: 18:a4:eb:97:76:d2:72:e5:f0:ae:e7:1b:3e:a8:cc: 39:92:1c:b1:46:c4:ae:c5:03:46:28:89:5b:a1:73: 05:18:58:41:bf:ca:93:83:84:ef:8a:33:a1:f7:d7: 69:8b:cc:92:91:94:64:d3:35:04:8a:d7:67:16:38: 11:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:D3:95:6F:E9:CF:AD:95:CF:92:D2:9B:67:A3:9B:F1:E2:A1:DF:F1 X509v3 Authority Key Identifier: keyid:68:9C:68:A4:56:61:F9:0A:40:59:BD:8C:29:A3:C9:67:BF:92:E8:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJxopFZh-QpAWb2MKaPJZ7-S6FU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/39dacc-1c57-4deb-a225-b6207f755267/1/aJxopFZh-QpAWb2MKaPJZ7-S6FU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:fb:3c:70:03:43:ba:bf:8b:72:93:ce:46:bd:84:85:7d:d1: 84:2e:52:9d:24:ca:9e:7c:04:55:99:e7:70:9c:d6:71:b8:91: 89:b8:01:9d:33:5b:d6:79:10:dc:27:af:22:b0:b6:98:5c:2b: c9:0d:0a:56:00:1d:83:e5:52:c5:be:6c:5a:13:c6:6a:47:d6: 18:e6:ba:ff:84:85:46:56:17:eb:91:ea:dc:bc:c5:62:25:59: f2:88:fc:ef:b8:fa:76:22:a8:e3:c3:d4:e4:53:01:0f:1c:4f: f1:88:3c:f3:89:a1:f4:34:86:f2:45:d0:66:16:bd:64:86:e3: 34:e9:82:32:72:1d:7f:0c:ef:0d:bb:1e:f4:34:5b:92:1b:8c: 8a:23:a9:2d:03:b3:76:41:47:2a:a2:58:f4:1e:d9:15:e7:98: b8:1b:ea:ef:00:9b:1f:7c:5f:94:87:76:c7:84:91:7c:1e:42: c5:d6:0c:fc:f0:1c:06:ec:4c:58:3d:9b:2c:b1:40:86:9e:1c: 8d:e2:73:80:b0:61:6a:fd:df:8b:39:1a:19:3f:60:84:61:05: f1:b5:de:0e:b5:ee:e9:86:03:01:d7:fe:2d:c4:1a:21:b3:49: 7c:8f:e3:81:43:54:b9:6b:c6:6c:f2:99:65:69:bc:79:ca:9a: f9:98:01:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ewtiXqlYwSKweLFKdvYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4OWM2OGE0NTY2MWY5MGE0MDU5YmQ4YzI5YTNjOTY3YmY5 MmU4NTUwHhcNMjUxMjA2MDQwMDU3WhcNMjUxMjA3MDQwMDU3WjAzMTEwLwYDVQQD EygxYWQzOTU2ZmU5Y2ZhZDk1Y2Y5MmQyOWI2N2EzOWJmMWUyYTFkZmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzDEIWz+4JaZEJjFrBxiP6cl4CYv QwVbJ5Sqw1C+s2AjyYBAh3Q24a5EdQ1YUq9fXN8T2heYz+6zs4/MIB+rkUxgthxw yvcgN0ZcfFvV1Ba0w3NvP1VukQc6RTTYXj+nijWQO/GLu/2W8Xocz/nO+jfdUDJQ 5yXRss7BYxaZX2QX0i75vjxknMc8zVAlh525PF6DyRXaePqTOrCE2nI2PUQWTSCd MA5tRl+QejWLsLSPvcl0zcPAUGGpIBItSwhX+EAYpOuXdtJy5fCu5xs+qMw5khyx RsSuxQNGKIlboXMFGFhBv8qTg4TvijOh99dpi8ySkZRk0zUEitdnFjgRKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBrTlW/pz62Vz5LSm2ejm/Hiod/xMB8GA1UdIwQY MBaAFGicaKRWYfkKQFm9jCmjyWe/kuhVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUt YjYyMDdmNzU1MjY3LzEvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8zOWRhY2MtMWM1Ny00ZGViLWEyMjUtYjYyMDdmNzU1MjY3 LzEvYUp4b3BGWmgtUXBBV2IyTUthUEpaNy1TNkZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnvs8cAND ur+LcpPORr2EhX3RhC5SnSTKnnwEVZnncJzWcbiRibgBnTNb1nkQ3CevIrC2mFwr yQ0KVgAdg+VSxb5sWhPGakfWGOa6/4SFRlYX65Hq3LzFYiVZ8oj877j6diKo48PU 5FMBDxxP8Yg884mh9DSG8kXQZha9ZIbjNOmCMnIdfwzvDbse9DRbkhuMiiOpLQOz dkFHKqJY9B7ZFeeYuBvq7wCbH3xflId2x4SRfB5CxdYM/PAcBuxMWD2bLLFAhp4c jeJzgLBhav3fizkaGT9ghGEF8bXeDrXu6YYDAdf+LcQaIbNJfI/jgUNUuWvGbPKZ ZWm8ecqa+ZgBRg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:25 2025 by rpki-client