This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft File: ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft (raw, json) Hash identifier: aWD3ZFGEXQ/1Nj4DJcXTY96S1QV1D+gBO1+lwJAqDNM= Subject key identifier: B7:93:82:01:0C:9C:93:0C:3F:D5:10:E4:7C:47:B4:02:23:E9:DE:8E Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74 Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974 Certificate serial: 019AF3C071D4E51B67A5C6F3E006BD593FCE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 13:01:06 +0000 Manifest this update: Sat 06 Dec 2025 13:01:06 +0000 Manifest next update: Sun 07 Dec 2025 13:01:06 +0000 Files and hashes: 1: ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl (hash: UF1G7ReqNBcdY2Js5Hy7cFjqaSnmrtJvpopJ+yJECJY=) 2: o_9E0nw7QGxoWCZk4QqgNmZyf9E.roa (hash: 1PmMo5WtlImsrpdUj9rWhTyVCZubOTGK5D/YW7g4Mss=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:71:d4:e5:1b:67:a5:c6:f3:e0:06:bd:59:3f:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974 Validity Not Before: Dec 6 13:01:06 2025 GMT Not After : Dec 7 13:01:06 2025 GMT Subject: CN=b79382010c9c930c3fd510e47c47b40223e9de8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8b:e2:69:99:d3:e5:6e:c9:26:18:10:05:fb: 36:8e:93:23:03:bb:67:74:a4:d7:e1:c2:df:65:2b: 8e:f7:d3:cf:5b:62:f3:7f:4d:91:62:81:dd:d0:c7: f5:19:bb:7a:9b:c7:45:d0:e4:5c:86:aa:e9:c6:75: d0:c5:c2:65:4d:d9:b5:04:bd:44:00:0b:ac:17:78: fd:43:bc:5d:62:6b:02:a8:80:75:cb:eb:9d:d9:43: 23:5f:8f:68:de:39:4a:7d:8f:46:e6:6b:48:ce:27: 4a:c8:47:2b:91:2f:82:c6:05:09:05:0c:2a:99:ee: 37:5e:02:af:ed:4e:80:e6:6d:0e:53:22:ca:af:81: 5f:a0:78:4f:48:ef:c1:c5:2c:91:e6:5f:1a:98:2d: 3c:36:da:ec:34:87:de:e2:31:4a:ad:bc:b0:62:86: 67:28:22:1a:c9:93:f4:d3:2b:5e:15:55:fc:35:b8: 3b:7c:eb:04:76:ad:a3:ae:7a:ab:4c:47:5f:3f:ca: f9:ca:fb:f2:87:dd:fc:24:21:cd:ca:19:de:1f:7e: 27:1d:8c:0a:62:70:c7:41:b3:f3:36:28:84:a5:8b: 04:7f:64:d0:a6:e5:0c:b5:4c:a6:cc:a0:1e:0a:c4: 60:51:f9:45:32:aa:62:61:7a:3e:c0:f0:8c:fa:39: ed:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:93:82:01:0C:9C:93:0C:3F:D5:10:E4:7C:47:B4:02:23:E9:DE:8E X509v3 Authority Key Identifier: keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:87:a0:1a:8a:0b:b4:77:6a:33:6a:16:8d:38:68:02:1d:2d: a7:4c:ac:3d:d5:2b:1c:53:24:3b:eb:59:b1:e0:07:c6:af:cd: 69:bc:30:ae:51:99:42:f5:94:32:93:d4:36:54:97:73:0c:5b: 84:26:ab:0d:05:1f:d3:60:15:9c:32:7c:df:58:23:5f:a0:d6: 29:ed:60:ee:29:46:3a:57:e2:c6:1d:69:eb:80:1c:9d:54:e6: ed:81:61:2f:f5:7a:ce:8c:3c:d5:f4:05:6e:75:fc:66:7b:45: 29:b4:e9:6f:55:ff:37:e8:04:b9:2c:7c:72:52:37:d1:6f:85: ea:6a:31:e2:a0:f1:72:7f:1f:ef:25:87:1f:c6:18:5c:85:c0: 68:89:db:a4:6c:a6:e0:15:65:cb:e3:4f:fd:a3:30:c7:2e:dd: 3f:8e:c9:dd:4a:ea:ef:8c:54:ca:cf:8d:1f:f2:b0:63:4e:15: fb:8b:e1:e8:82:a8:6c:41:98:af:99:4a:72:99:96:a8:62:40: ba:63:8a:61:1d:d0:59:1d:9b:9f:ee:b6:d5:89:5c:ff:88:fb: 32:dc:1e:72:34:ef:a3:ab:34:5e:b0:82:70:b9:8f:c9:e5:46: db:92:5f:b7:44:f5:2a:1b:f3:a1:cd:8e:e7:83:13:21:f2:03: aa:84:59:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwHHU5Rtnpcbz4Aa9WT/OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm ZTM5NzQwHhcNMjUxMjA2MTMwMTA2WhcNMjUxMjA3MTMwMTA2WjAzMTEwLwYDVQQD EyhiNzkzODIwMTBjOWM5MzBjM2ZkNTEwZTQ3YzQ3YjQwMjIzZTlkZThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IviaZnT5W7JJhgQBfs2jpMjA7tn dKTX4cLfZSuO99PPW2Lzf02RYoHd0Mf1Gbt6m8dF0ORchqrpxnXQxcJlTdm1BL1E AAusF3j9Q7xdYmsCqIB1y+ud2UMjX49o3jlKfY9G5mtIzidKyEcrkS+CxgUJBQwq me43XgKv7U6A5m0OUyLKr4FfoHhPSO/BxSyR5l8amC08NtrsNIfe4jFKrbywYoZn KCIayZP00yteFVX8Nbg7fOsEdq2jrnqrTEdfP8r5yvvyh938JCHNyhneH34nHYwK YnDHQbPzNiiEpYsEf2TQpuUMtUymzKAeCsRgUflFMqpiYXo+wPCM+jnt8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLeTggEMnJMMP9UQ5HxHtAIj6d6OMB8GA1UdIwQY MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct ZTVjOWMyZThlOWJmLzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYegGooL tHdqM2oWjThoAh0tp0ysPdUrHFMkO+tZseAHxq/NabwwrlGZQvWUMpPUNlSXcwxb hCarDQUf02AVnDJ831gjX6DWKe1g7ilGOlfixh1p64AcnVTm7YFhL/V6zow81fQF bnX8ZntFKbTpb1X/N+gEuSx8clI30W+F6mox4qDxcn8f7yWHH8YYXIXAaInbpGym 4BVly+NP/aMwxy7dP47J3Urq74xUys+NH/KwY04V+4vh6IKobEGYr5lKcpmWqGJA umOKYR3QWR2bn+621Ylc/4j7MtwecjTvo6s0XrCCcLmPyeVG25Jft0T1Khvzoc2O 54MTIfIDqoRZqg== -----END CERTIFICATE-----Generated at Sat Dec 6 15:42:16 2025 by rpki-client