This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft File: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft (raw, json) Hash identifier: Dar06PMxcpqiKgn3UCJHQOnCpKzWRck+SCabCym2lDo= Subject key identifier: 3E:A4:DB:63:96:60:53:68:70:6E:59:58:D9:86:9A:22:34:F5:24:CE Authority key identifier: D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4 Certificate issuer: /CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4 Certificate serial: 019AF276DA2B4F160BDAFC2AE626FB5138DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft Manifest number: 0EAD Signing time: Sat 06 Dec 2025 07:01:06 +0000 Manifest this update: Sat 06 Dec 2025 07:01:06 +0000 Manifest next update: Sun 07 Dec 2025 07:01:06 +0000 Files and hashes: 1: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl (hash: 2t9d6eidkP8FROOA9K9Q9Qvk3EBxy1t9pvl9pzqLyqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:da:2b:4f:16:0b:da:fc:2a:e6:26:fb:51:38:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4 Validity Not Before: Dec 6 07:01:06 2025 GMT Not After : Dec 7 07:01:06 2025 GMT Subject: CN=3ea4db6396605368706e5958d9869a2234f524ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:20:31:fa:6e:38:c6:42:87:53:c3:79:ab:9b: ac:6d:8e:f4:8e:e3:0a:7c:57:a6:aa:50:91:e3:0c: d9:9b:79:57:80:5a:c0:a0:18:55:d7:ff:87:6a:77: 24:7f:6b:b3:f5:7f:95:ea:9a:9e:a6:9c:e7:cb:26: 1d:92:7a:fb:6a:af:d4:ab:79:52:f5:b2:a3:33:22: bc:f7:d1:cc:89:00:f0:13:88:df:ad:b1:39:81:1d: 63:b1:17:b0:59:35:a9:c2:56:a5:f2:61:45:cf:b4: 43:0c:bc:1e:5e:2e:c0:ed:c1:38:1a:68:05:fe:37: 10:87:f4:b4:10:a7:3f:0c:e4:54:db:76:28:39:cb: c1:ca:4b:70:e5:a5:7d:d8:11:2c:fb:be:a8:15:7b: c7:b5:a8:0a:55:08:96:56:e2:a6:d0:5b:60:b6:63: 21:65:ad:f1:ec:66:d8:17:6f:a2:26:14:93:12:ed: ad:ef:34:65:f0:62:b6:27:3f:8f:9f:7b:a7:94:32: 95:0e:e6:0b:27:48:24:cc:ef:25:10:f1:32:8f:e1: 96:36:52:e9:59:c7:59:e0:fd:1f:af:09:3b:22:a0: 1f:73:5b:96:e8:52:76:da:99:56:a2:8a:db:0a:c6: 6b:35:e1:53:86:84:9c:d5:79:36:21:b4:73:de:ca: b3:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:A4:DB:63:96:60:53:68:70:6E:59:58:D9:86:9A:22:34:F5:24:CE X509v3 Authority Key Identifier: keyid:D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:44:3c:31:82:46:25:73:1b:16:f1:91:22:e7:96:71:07:70: ec:6b:e6:5c:e3:93:76:2e:00:49:3e:50:1e:f1:a5:9d:bf:63: fa:31:ca:18:14:3e:68:ed:df:83:e4:7e:9a:c0:12:d9:f1:cc: 1c:6c:53:c9:c3:01:73:b1:2f:b1:15:82:72:15:30:de:ec:73: 67:80:db:77:bb:fc:1d:21:f3:91:c9:99:ec:e0:06:c5:54:dc: 6f:5b:45:ed:fe:d4:b2:de:8c:a3:94:f6:b1:08:9e:97:8b:b2: 1a:2d:85:72:c4:a3:e8:22:e5:8e:97:68:f0:10:d5:76:89:8d: 52:1c:31:4d:b5:0a:3c:d1:05:b4:b9:f4:1b:ab:ff:2b:ee:e5: 08:54:e8:26:d1:90:8f:f0:7d:0d:c8:10:f2:45:d0:c7:44:24: 47:ae:11:4d:f4:81:8a:4a:79:14:05:f2:a2:1e:b3:29:75:0b: 44:2c:5e:9f:6d:e1:a5:61:9c:81:a6:af:8f:de:8f:50:c2:2d: 65:1f:4f:16:1c:d5:82:cd:c0:6f:cc:61:37:14:73:9b:76:17: e2:66:29:a1:54:c5:8f:bd:6f:7d:89:52:d7:76:38:e1:19:48: cb:8e:f2:c3:ad:4f:c7:f2:7c:74:36:e8:5a:d1:80:f4:ef:84: 34:ab:36:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydtorTxYL2vwq5ib7UTjbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2M2Y4ZTQyZmI4NDQyYTQ4YTdkNDdlZjRjMGI2ZTE0NzUx NGJmYzQwHhcNMjUxMjA2MDcwMTA2WhcNMjUxMjA3MDcwMTA2WjAzMTEwLwYDVQQD EygzZWE0ZGI2Mzk2NjA1MzY4NzA2ZTU5NThkOTg2OWEyMjM0ZjUyNGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriAx+m44xkKHU8N5q5usbY70juMK fFemqlCR4wzZm3lXgFrAoBhV1/+Hanckf2uz9X+V6pqeppznyyYdknr7aq/Uq3lS 9bKjMyK899HMiQDwE4jfrbE5gR1jsRewWTWpwlal8mFFz7RDDLweXi7A7cE4GmgF /jcQh/S0EKc/DORU23YoOcvByktw5aV92BEs+76oFXvHtagKVQiWVuKm0FtgtmMh Za3x7GbYF2+iJhSTEu2t7zRl8GK2Jz+Pn3unlDKVDuYLJ0gkzO8lEPEyj+GWNlLp WcdZ4P0frwk7IqAfc1uW6FJ22plWoorbCsZrNeFThoSc1Xk2IbRz3sqzIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD6k22OWYFNocG5ZWNmGmiI09STOMB8GA1UdIwQY MBaAFNY/jkL7hEKkin1H70wLbhR1FL/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODct MmVkN2E3MTVmOGQ3LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODctMmVkN2E3MTVmOGQ3 LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0Q8MYJG JXMbFvGRIueWcQdw7GvmXOOTdi4AST5QHvGlnb9j+jHKGBQ+aO3fg+R+msAS2fHM HGxTycMBc7EvsRWCchUw3uxzZ4Dbd7v8HSHzkcmZ7OAGxVTcb1tF7f7Ust6Mo5T2 sQiel4uyGi2FcsSj6CLljpdo8BDVdomNUhwxTbUKPNEFtLn0G6v/K+7lCFToJtGQ j/B9DcgQ8kXQx0QkR64RTfSBikp5FAXyoh6zKXULRCxen23hpWGcgaavj96PUMIt ZR9PFhzVgs3Ab8xhNxRzm3YX4mYpoVTFj71vfYlS13Y44RlIy47yw61Px/J8dDbo WtGA9O+ENKs2PA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:59:44 2025 by rpki-client