This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft File: AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft (raw, json) Hash identifier: bPk8JmO9hCC8oArcfg43clbw0wAF6KTzAaVgw8PuHVU= Subject key identifier: CE:A0:E2:2E:7A:C8:7B:E8:25:75:52:35:B4:AA:0C:F9:5E:31:19:06 Authority key identifier: 01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B Certificate issuer: /CN=010d68a876cf5793fd00876254253d382779027b Certificate serial: 019A9B8F97096BA8607A550F2F326F24909C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft Manifest number: 049B Signing time: Wed 19 Nov 2025 10:01:10 +0000 Manifest this update: Wed 19 Nov 2025 10:01:10 +0000 Manifest next update: Thu 20 Nov 2025 10:01:10 +0000 Files and hashes: 1: AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl (hash: HEBZlhNc2av+zujeSA+Ed+5En3y3TjnZ5bTkpY4L/MM=) Validation: Failed, unable to get local issuer certificate Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:8f:97:09:6b:a8:60:7a:55:0f:2f:32:6f:24:90:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=010d68a876cf5793fd00876254253d382779027b Validity Not Before: Nov 19 10:01:10 2025 GMT Not After : Nov 20 10:01:10 2025 GMT Subject: CN=cea0e22e7ac87be825755235b4aa0cf95e311906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:fc:67:07:40:2e:5c:ca:a1:33:1c:92:10:ce: 4b:6d:fa:a7:2b:3d:b4:3b:03:a5:b0:8b:d9:d2:08: e2:fe:99:42:d5:eb:2b:98:c6:42:52:38:9e:32:03: 19:0b:54:64:49:5d:0a:98:02:9f:d6:85:c5:cd:ac: f5:34:8c:66:ab:3f:4b:c6:74:82:84:9a:a2:ee:64: 5b:76:4b:49:1e:e2:0c:00:e6:15:72:43:98:09:e1: b5:fd:da:43:99:1e:89:3c:53:0a:15:d0:12:26:95: 33:6f:39:89:fb:88:73:13:f5:8c:fb:d7:0a:63:8d: 03:48:b7:82:49:1a:ef:87:e2:25:bd:39:ed:e7:74: ef:55:d1:c4:cd:62:c4:25:3d:4c:f8:dd:dd:33:bc: c7:26:5a:ff:80:58:e8:41:e9:8d:0b:2a:9a:64:bb: ca:1a:fd:73:fc:a0:0d:78:a1:a1:fb:30:ba:a6:16: ef:cd:4f:09:5c:21:64:13:37:04:77:a9:65:0a:b4: c7:5e:1c:5c:13:48:6e:53:df:58:59:21:bc:17:e7: 71:d1:4c:6d:3b:1c:b4:ee:4e:12:bd:a2:66:9e:92: e4:ff:86:67:45:48:e4:7e:ef:ba:92:37:b3:40:95: 6a:2e:3d:2e:ca:35:bf:d0:91:3c:fb:5c:fa:62:d7: e2:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:A0:E2:2E:7A:C8:7B:E8:25:75:52:35:B4:AA:0C:F9:5E:31:19:06 X509v3 Authority Key Identifier: keyid:01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:b6:26:92:0e:52:c8:2a:a6:7d:e8:b7:17:e3:a0:5b:87:0e: 35:2e:af:42:05:4a:f6:5d:4a:c5:66:a8:3f:87:fc:14:32:5a: 79:4a:a5:1d:bf:47:e1:d0:35:6c:f9:5e:73:1f:41:a2:cb:ab: 16:c6:90:f5:3e:41:af:5c:f1:5d:29:b6:02:18:80:33:9d:16: e1:50:f1:1a:59:81:9e:af:bb:67:b3:32:b6:4d:d5:9f:07:04: 24:03:60:ea:5b:82:7a:f4:d4:9f:5d:e7:73:16:7d:ef:8d:3e: 9f:74:f5:68:91:cf:b4:d1:6d:f3:06:f1:c7:07:0f:25:05:e4: f0:75:d9:07:6c:d0:6b:d4:a1:70:0c:c4:01:61:d0:b7:80:09: de:dc:a7:49:27:ac:20:4d:56:b5:e5:de:72:44:2c:48:1a:3c: 51:eb:62:d4:a9:1c:4c:d1:e0:a6:83:90:09:5b:9d:bb:6c:9c: 73:f0:46:81:7d:0c:05:d9:4e:c0:17:29:6c:52:6c:21:c0:93: 6f:8d:46:9f:af:5a:2b:97:3a:f8:2e:03:03:e1:15:29:88:df: c8:4d:c9:b7:62:42:f4:72:e9:6f:ca:cc:a7:75:a8:7a:fe:e3: 76:47:63:67:53:8c:b6:c3:e5:f6:4f:39:f4:09:11:4d:40:1c: 28:9d:ba:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqbj5cJa6hgelUPLzJvJJCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxMGQ2OGE4NzZjZjU3OTNmZDAwODc2MjU0MjUzZDM4Mjc3 OTAyN2IwHhcNMjUxMTE5MTAwMTEwWhcNMjUxMTIwMTAwMTEwWjAzMTEwLwYDVQQD EyhjZWEwZTIyZTdhYzg3YmU4MjU3NTUyMzViNGFhMGNmOTVlMzExOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PxnB0AuXMqhMxySEM5LbfqnKz20 OwOlsIvZ0gji/plC1esrmMZCUjieMgMZC1RkSV0KmAKf1oXFzaz1NIxmqz9LxnSC hJqi7mRbdktJHuIMAOYVckOYCeG1/dpDmR6JPFMKFdASJpUzbzmJ+4hzE/WM+9cK Y40DSLeCSRrvh+IlvTnt53TvVdHEzWLEJT1M+N3dM7zHJlr/gFjoQemNCyqaZLvK Gv1z/KANeKGh+zC6phbvzU8JXCFkEzcEd6llCrTHXhxcE0huU99YWSG8F+dx0Uxt Oxy07k4SvaJmnpLk/4ZnRUjkfu+6kjezQJVqLj0uyjW/0JE8+1z6YtfirwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM6g4i56yHvoJXVSNbSqDPleMRkGMB8GA1UdIwQY MBaAFAENaKh2z1eT/QCHYlQlPTgneQJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAt ZDY1NzI5YmIyZGFjLzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAtZDY1NzI5YmIyZGFj LzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7Ymkg5S yCqmfei3F+OgW4cONS6vQgVK9l1KxWaoP4f8FDJaeUqlHb9H4dA1bPlecx9Bosur FsaQ9T5Br1zxXSm2AhiAM50W4VDxGlmBnq+7Z7Mytk3VnwcEJANg6luCevTUn13n cxZ9740+n3T1aJHPtNFt8wbxxwcPJQXk8HXZB2zQa9ShcAzEAWHQt4AJ3tynSSes IE1WteXeckQsSBo8Ueti1KkcTNHgpoOQCVudu2ycc/BGgX0MBdlOwBcpbFJsIcCT b41Gn69aK5c6+C4DA+EVKYjfyE3Jt2JC9HLpb8rMp3Woev7jdkdjZ1OMtsPl9k85 9AkRTUAcKJ26LA== -----END CERTIFICATE-----Generated at Mon Dec 15 15:34:33 2025 by rpki-client