This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft File: l_aXATQzuJHWRpfZKGY75zTbpOc.mft (raw, json) Hash identifier: 7C5B8WyCWBh97jzo1T6eFsuEgUQXG1L6XLyq29a/Ge8= Subject key identifier: AF:F8:7F:9C:EC:FE:2D:1B:74:56:20:E8:76:4A:2B:CB:43:52:2C:FE Authority key identifier: 97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7 Certificate issuer: /CN=97f697013433b891d64697d928663be734dba4e7 Certificate serial: 019B2E550EDEF28A2BCE263A22394142CCDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft Manifest number: 1781 Signing time: Wed 17 Dec 2025 22:01:24 +0000 Manifest this update: Wed 17 Dec 2025 22:01:24 +0000 Manifest next update: Thu 18 Dec 2025 22:01:24 +0000 Files and hashes: 1: Q01X85MGyHMF5rr2gbqyxSbVGJU.roa (hash: 3pLndBzBIS9IcjtzdUX4XacaMZCMolKRG+4KwxWHWEU=) 2: l_aXATQzuJHWRpfZKGY75zTbpOc.crl (hash: k7Z8ytvcztvBakX/Vq3AbMZxt3/k6aE2ohq33Xkogns=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:55:0e:de:f2:8a:2b:ce:26:3a:22:39:41:42:cc:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97f697013433b891d64697d928663be734dba4e7 Validity Not Before: Dec 17 22:01:24 2025 GMT Not After : Dec 18 22:01:24 2025 GMT Subject: CN=aff87f9cecfe2d1b745620e8764a2bcb43522cfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:27:44:15:ac:13:bc:2b:f9:46:8d:af:19:cf: 40:9c:f6:53:a0:f3:13:91:ae:b7:af:16:0c:78:73: 7c:ee:bb:01:7d:f3:98:a7:73:9c:4d:ba:c9:e5:96: cb:55:ba:61:6e:d2:0b:83:18:ac:1b:42:45:19:45: a4:0b:8c:e4:27:81:8d:2b:c2:04:79:22:8e:44:e1: e7:49:73:52:66:63:90:ef:db:19:94:4d:4d:5d:c7: e7:fb:a0:56:75:64:e7:e2:be:af:f6:fe:81:74:f4: c9:57:ee:7a:5c:9c:f1:07:4f:7c:26:c9:e1:c3:5a: f4:50:7e:d1:16:8b:f1:a9:86:0b:b4:44:5c:fd:52: 03:2f:2d:c5:45:d6:7c:91:39:50:a2:bc:1a:12:bf: 6b:96:4c:39:d8:7a:cd:e7:53:1a:f2:a9:4a:53:bd: f4:54:b4:e9:26:c6:65:f1:86:1e:01:d6:24:e6:b5: a6:3f:06:1b:dd:a0:36:e6:28:c0:e7:4d:4c:a6:8b: c6:8b:a4:e3:2d:bb:be:7a:0b:d3:d4:7e:44:48:36: 47:2c:c7:96:6f:47:04:2d:0c:32:92:f5:77:4d:1f: c2:d2:ea:41:58:27:7d:b6:4e:26:7b:3f:67:c6:f6: 48:44:d9:bf:80:8f:e7:e3:6f:75:3e:19:25:cd:ac: ce:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:F8:7F:9C:EC:FE:2D:1B:74:56:20:E8:76:4A:2B:CB:43:52:2C:FE X509v3 Authority Key Identifier: keyid:97:F6:97:01:34:33:B8:91:D6:46:97:D9:28:66:3B:E7:34:DB:A4:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_aXATQzuJHWRpfZKGY75zTbpOc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ae1166-d606-45b7-9a22-7bc83220fb62/1/l_aXATQzuJHWRpfZKGY75zTbpOc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:a6:eb:b4:e3:74:a3:88:da:8e:47:d7:5f:bb:44:60:77:82: 24:58:70:e5:e1:82:f5:ce:e2:87:bb:7b:d2:1f:54:04:de:e2: d5:7a:f4:98:0c:04:f2:60:6e:85:30:a4:85:05:23:6d:a2:64: ad:d3:12:8c:85:c6:e2:01:39:77:6b:d3:76:5e:8c:f4:c2:eb: ff:aa:f6:fd:7c:df:5e:93:e6:73:06:d8:ee:6a:0e:38:92:93: 9b:c0:e3:fc:78:e9:7c:6f:08:86:6c:d5:51:39:af:f4:0b:06: 88:0d:6a:ba:d1:ef:0e:9d:66:d6:8f:b9:3f:0c:66:67:a0:d5: fa:76:aa:97:ff:48:d5:7b:96:01:71:ca:31:1d:0b:a1:54:7b: 87:2e:1a:3b:d5:e3:55:df:ce:a8:2f:67:23:af:45:46:df:de: 1a:87:32:e7:d8:54:21:36:9b:f0:39:a3:76:f0:4a:76:0d:72: 32:71:d0:d6:23:42:36:db:e0:59:24:49:af:de:b1:56:37:9c: cb:4c:89:03:75:34:5e:e8:de:f2:65:57:61:7e:95:a7:3a:d5: de:db:0e:84:4f:1a:b4:d3:26:fc:20:03:98:96:02:f2:1a:01: b3:94:41:db:aa:1a:12:c5:51:bf:6d:dc:da:20:d3:56:bd:ce: 35:02:c5:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsuVQ7e8oorziY6IjlBQszcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ZjY5NzAxMzQzM2I4OTFkNjQ2OTdkOTI4NjYzYmU3MzRk YmE0ZTcwHhcNMjUxMjE3MjIwMTI0WhcNMjUxMjE4MjIwMTI0WjAzMTEwLwYDVQQD EyhhZmY4N2Y5Y2VjZmUyZDFiNzQ1NjIwZTg3NjRhMmJjYjQzNTIyY2ZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApydEFawTvCv5Ro2vGc9AnPZToPMT ka63rxYMeHN87rsBffOYp3OcTbrJ5ZbLVbphbtILgxisG0JFGUWkC4zkJ4GNK8IE eSKOROHnSXNSZmOQ79sZlE1NXcfn+6BWdWTn4r6v9v6BdPTJV+56XJzxB098Jsnh w1r0UH7RFovxqYYLtERc/VIDLy3FRdZ8kTlQorwaEr9rlkw52HrN51Ma8qlKU730 VLTpJsZl8YYeAdYk5rWmPwYb3aA25ijA501MpovGi6TjLbu+egvT1H5ESDZHLMeW b0cELQwykvV3TR/C0upBWCd9tk4mez9nxvZIRNm/gI/n4291PhklzazOPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK/4f5zs/i0bdFYg6HZKK8tDUiz+MB8GA1UdIwQY MBaAFJf2lwE0M7iR1kaX2ShmO+c026TnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjIt N2JjODMyMjBmYjYyLzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hZTExNjYtZDYwNi00NWI3LTlhMjItN2JjODMyMjBmYjYy LzEvbF9hWEFUUXp1SkhXUnBmWktHWTc1elRicE9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkabrtON0 o4jajkfXX7tEYHeCJFhw5eGC9c7ih7t70h9UBN7i1Xr0mAwE8mBuhTCkhQUjbaJk rdMSjIXG4gE5d2vTdl6M9MLr/6r2/XzfXpPmcwbY7moOOJKTm8Dj/HjpfG8IhmzV UTmv9AsGiA1qutHvDp1m1o+5PwxmZ6DV+naql/9I1XuWAXHKMR0LoVR7hy4aO9Xj Vd/OqC9nI69FRt/eGocy59hUITab8DmjdvBKdg1yMnHQ1iNCNtvgWSRJr96xVjec y0yJA3U0Xuje8mVXYX6VpzrV3tsOhE8atNMm/CADmJYC8hoBs5RB26oaEsVRv23c 2iDTVr3ONQLFmQ== -----END CERTIFICATE-----Generated at Thu Dec 18 00:12:28 2025 by rpki-client