This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft File: AY9TOgxHePOMEstY3Xtq8l-MrOc.mft (raw, json) Hash identifier: Cd49k/H0ak4/uR7EPWnC7lFSplLBz3oB3tCF7MUDE2s= Subject key identifier: A9:98:32:06:2B:D1:2D:51:FC:AD:51:F7:E3:B8:02:CB:37:CA:27:31 Authority key identifier: 01:8F:53:3A:0C:47:78:F3:8C:12:CB:58:DD:7B:6A:F2:5F:8C:AC:E7 Certificate issuer: /CN=018f533a0c4778f38c12cb58dd7b6af25f8cace7 Certificate serial: 019AF164325B786B11EF4835B35131E083DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft Manifest number: 2A Signing time: Sat 06 Dec 2025 02:01:06 +0000 Manifest this update: Sat 06 Dec 2025 02:01:06 +0000 Manifest next update: Sun 07 Dec 2025 02:01:06 +0000 Files and hashes: 1: AY9TOgxHePOMEstY3Xtq8l-MrOc.crl (hash: VqCPNjb9th47/xMuI3OE3ExfTF+/Ic6BOoi1fu7B/UI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.crl rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:32:5b:78:6b:11:ef:48:35:b3:51:31:e0:83:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=018f533a0c4778f38c12cb58dd7b6af25f8cace7 Validity Not Before: Dec 6 02:01:06 2025 GMT Not After : Dec 7 02:01:06 2025 GMT Subject: CN=a99832062bd12d51fcad51f7e3b802cb37ca2731 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ce:27:f5:20:04:9e:5e:a5:51:91:33:6b:61: 26:c4:43:25:9a:c2:a2:6e:88:ce:1f:ce:39:f7:21: 74:4d:cb:3c:2b:4b:5f:44:b5:fe:0d:75:dd:7d:2e: 5e:9b:69:0c:81:c4:0e:16:db:71:74:00:df:4e:27: de:31:86:63:43:6b:2d:e4:c3:4d:b2:bb:ff:05:ac: de:ea:c1:db:94:3c:30:97:05:7d:18:16:f2:01:3f: f7:04:26:96:be:0d:d9:fb:8c:00:5f:c5:b1:66:20: 49:23:21:15:91:7a:26:3c:0a:68:e3:e4:a7:36:d1: 17:95:f0:96:31:43:bd:2a:a1:92:97:d8:c9:cb:ce: 0d:d4:d0:fd:86:9f:c0:3d:3f:15:a2:7e:84:7a:12: 14:f8:20:e2:7c:b7:ca:e0:5c:1c:fe:81:17:e9:90: ee:42:fe:46:dd:e9:43:a3:f7:1b:1f:0f:1f:d3:4c: 5a:24:d5:b0:07:05:ff:ea:d9:4b:8c:b9:27:27:0a: c2:9a:2c:bd:2e:8e:db:c8:62:c4:0f:8e:ce:34:19: 70:26:be:27:57:04:cf:47:68:9b:84:a9:4c:0b:dd: 94:ba:aa:49:83:bc:4b:be:87:80:f4:65:ff:8f:1e: 09:73:60:97:08:04:60:0a:a4:70:84:4f:38:ce:b0: c1:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:98:32:06:2B:D1:2D:51:FC:AD:51:F7:E3:B8:02:CB:37:CA:27:31 X509v3 Authority Key Identifier: keyid:01:8F:53:3A:0C:47:78:F3:8C:12:CB:58:DD:7B:6A:F2:5F:8C:AC:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:12:67:32:7b:6d:ff:24:56:ab:a8:bf:8f:72:16:ee:47:75: 84:43:13:b1:40:2b:d4:17:95:3e:b8:9d:44:68:fe:b6:ee:e6: 90:83:80:2f:7f:6c:84:57:a3:79:7e:8c:a4:d4:32:15:d8:05: 62:82:a5:54:12:a6:b6:f2:7d:f6:51:55:b6:51:33:8d:85:16: 0d:7d:d3:53:fa:61:dd:ec:50:84:96:1b:26:4c:98:c6:e3:4b: 51:4d:9d:9f:6e:89:4c:86:97:10:2d:a8:22:33:49:06:b7:f0: 28:ce:03:96:dd:7d:4b:0c:a8:29:b1:8d:ea:99:84:94:f1:93: 20:cd:83:d4:39:3c:65:7b:64:1d:ea:56:c9:99:0b:7c:7a:e5: 5b:94:30:6e:d6:6b:c1:7f:f5:e7:33:7f:62:91:7c:98:19:e6: e8:1a:e1:4b:0c:2d:c6:13:2a:71:01:a5:45:c7:39:11:8d:6f: 58:89:0a:ba:86:dc:46:ce:0c:6e:46:27:d1:9c:99:fa:26:ec: c7:1e:f0:3c:6c:58:6d:0e:01:0a:20:5a:5c:30:51:ba:c6:d1: eb:7f:e2:3c:ae:19:33:04:78:b5:50:77:a8:84:1c:36:29:eb: 80:f1:9f:a5:ae:e1:65:57:0f:ce:1f:2b:a1:8c:fd:dd:ab:f5: 36:67:4c:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZDJbeGsR70g1s1Ex4IPbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxOGY1MzNhMGM0Nzc4ZjM4YzEyY2I1OGRkN2I2YWYyNWY4 Y2FjZTcwHhcNMjUxMjA2MDIwMTA2WhcNMjUxMjA3MDIwMTA2WjAzMTEwLwYDVQQD EyhhOTk4MzIwNjJiZDEyZDUxZmNhZDUxZjdlM2I4MDJjYjM3Y2EyNzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s4n9SAEnl6lUZEza2EmxEMlmsKi bojOH8459yF0Tcs8K0tfRLX+DXXdfS5em2kMgcQOFttxdADfTifeMYZjQ2st5MNN srv/Baze6sHblDwwlwV9GBbyAT/3BCaWvg3Z+4wAX8WxZiBJIyEVkXomPApo4+Sn NtEXlfCWMUO9KqGSl9jJy84N1ND9hp/APT8Von6EehIU+CDifLfK4Fwc/oEX6ZDu Qv5G3elDo/cbHw8f00xaJNWwBwX/6tlLjLknJwrCmiy9Lo7byGLED47ONBlwJr4n VwTPR2ibhKlMC92UuqpJg7xLvoeA9GX/jx4Jc2CXCARgCqRwhE84zrDBqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmYMgYr0S1R/K1R9+O4Ass3yicxMB8GA1UdIwQY MBaAFAGPUzoMR3jzjBLLWN17avJfjKznMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lZDRiYWMtZTBlMi00ZTI5LTk4YTct ZWY4NjJlM2U3MTI4LzEvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9lZDRiYWMtZTBlMi00ZTI5LTk4YTctZWY4NjJlM2U3MTI4 LzEvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbxJnMntt /yRWq6i/j3IW7kd1hEMTsUAr1BeVPridRGj+tu7mkIOAL39shFejeX6MpNQyFdgF YoKlVBKmtvJ99lFVtlEzjYUWDX3TU/ph3exQhJYbJkyYxuNLUU2dn26JTIaXEC2o IjNJBrfwKM4Dlt19SwyoKbGN6pmElPGTIM2D1Dk8ZXtkHepWyZkLfHrlW5QwbtZr wX/15zN/YpF8mBnm6BrhSwwtxhMqcQGlRcc5EY1vWIkKuobcRs4MbkYn0ZyZ+ibs xx7wPGxYbQ4BCiBaXDBRusbR63/iPK4ZMwR4tVB3qIQcNinrgPGfpa7hZVcPzh8r oYz93av1NmdMlQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:57:43 2025 by rpki-client