This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft File: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json) Hash identifier: FJtTPW/K24HiSJkwy9l7HaMS/WknWDVEWQeOysrh4HE= Subject key identifier: B2:C6:64:7D:3A:38:5A:34:0A:9B:13:A1:56:67:A0:A5:F3:64:29:48 Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0 Certificate issuer: /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0 Certificate serial: 019AF276A6D5319E64602B6A6B2CE5CE3E65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft Manifest number: 0CE4 Signing time: Sat 06 Dec 2025 07:00:53 +0000 Manifest this update: Sat 06 Dec 2025 07:00:53 +0000 Manifest next update: Sun 07 Dec 2025 07:00:53 +0000 Files and hashes: 1: E8EItKN2__9iKd7VUUHBehRVQCo.roa (hash: mIn23TrAWNsxopm3nGDSwuz19rtPaaB79Dzo0Qrhuqk=) 2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: c4zU/c6jQqoZyYzG4F6XeQD/wKhWcR6IJRw6uDHkM4Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:a6:d5:31:9e:64:60:2b:6a:6b:2c:e5:ce:3e:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0 Validity Not Before: Dec 6 07:00:53 2025 GMT Not After : Dec 7 07:00:53 2025 GMT Subject: CN=b2c6647d3a385a340a9b13a15667a0a5f3642948 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:48:c5:74:18:0a:34:a4:84:9c:b3:63:25:ad: d5:39:df:b5:a4:98:00:77:ef:bb:57:29:8f:52:bd: a9:4b:bc:84:67:a0:63:0b:0c:7b:4a:7f:d0:97:58: 3e:ba:85:be:44:70:f5:7d:24:e4:42:01:29:8c:70: bc:99:db:52:19:2a:45:b7:04:f5:14:7b:37:4e:2b: 0e:2e:cd:46:37:25:4c:0f:9b:59:23:9d:ae:e7:e7: 0d:b2:c7:5f:26:da:5d:9a:50:88:09:bd:37:4f:56: fc:08:76:f6:b9:fc:85:89:2c:5a:6a:00:fb:17:70: 15:12:c1:e0:53:26:02:20:9e:23:bc:b9:86:b4:8c: c0:f7:2e:a9:df:84:3d:ce:f0:12:75:79:4d:1b:25: cf:3c:1a:b0:8f:15:08:4e:57:4b:50:b4:c0:2e:79: ca:88:68:77:b1:a2:ef:6b:9f:73:63:a8:02:52:1b: 98:91:2e:b6:d0:bb:ff:23:7a:2c:c0:b2:4e:f5:dc: 31:a0:2a:eb:65:20:40:e6:ca:83:76:53:9c:da:c8: eb:03:86:b2:5a:97:49:df:29:9e:31:e9:b2:d3:2b: 0f:d6:26:b6:c6:7d:85:15:a2:bb:b5:27:82:07:93: 5a:da:b0:30:0f:3f:14:96:b3:61:26:a3:0d:e6:4a: ed:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:C6:64:7D:3A:38:5A:34:0A:9B:13:A1:56:67:A0:A5:F3:64:29:48 X509v3 Authority Key Identifier: keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:c4:c8:2c:36:67:b1:ed:66:54:97:3b:71:77:ee:6e:8e:67: 67:dd:8b:11:f7:b5:07:e7:ce:a4:56:9b:fb:93:9d:ba:10:a7: 68:e5:9f:0a:ff:10:40:d1:a5:7a:73:3e:b0:0b:41:3b:dd:80: 93:70:ed:3f:86:88:eb:89:a6:3b:70:8a:10:f6:a6:ef:96:22: 1b:7a:21:dd:43:36:3e:73:d1:3b:ce:95:39:bd:0a:73:10:b0: c8:30:f2:1c:61:f1:f2:05:00:42:1e:96:2b:49:60:08:f1:9a: 53:00:8c:2e:72:aa:d4:6d:3c:f6:79:8f:52:9e:d1:84:35:2b: 7f:d6:55:c4:94:e0:eb:0c:d2:e2:a8:b4:ed:9a:02:95:50:58: e0:75:13:1a:56:c0:07:88:04:f9:cd:64:a2:37:8a:02:b6:86: c8:56:09:61:ca:02:8d:b3:ac:fd:5a:df:61:19:6f:da:47:bb: b3:67:9e:fe:2a:de:07:1a:c9:26:94:4f:cc:a4:a6:96:2e:69: 82:bc:9c:62:ce:21:e4:d0:6f:45:87:24:8b:1d:d5:b5:4f:52: b7:78:66:04:b4:05:91:3b:05:35:35:99:cd:43:49:3f:9c:5f: 0c:4b:66:e9:94:f2:7e:12:27:01:1b:a2:e2:11:fa:94:97:52: 44:c5:7d:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydqbVMZ5kYCtqayzlzj5lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk NDNjZDAwHhcNMjUxMjA2MDcwMDUzWhcNMjUxMjA3MDcwMDUzWjAzMTEwLwYDVQQD EyhiMmM2NjQ3ZDNhMzg1YTM0MGE5YjEzYTE1NjY3YTBhNWYzNjQyOTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40jFdBgKNKSEnLNjJa3VOd+1pJgA d++7VymPUr2pS7yEZ6BjCwx7Sn/Ql1g+uoW+RHD1fSTkQgEpjHC8mdtSGSpFtwT1 FHs3TisOLs1GNyVMD5tZI52u5+cNssdfJtpdmlCICb03T1b8CHb2ufyFiSxaagD7 F3AVEsHgUyYCIJ4jvLmGtIzA9y6p34Q9zvASdXlNGyXPPBqwjxUITldLULTALnnK iGh3saLva59zY6gCUhuYkS620Lv/I3oswLJO9dwxoCrrZSBA5sqDdlOc2sjrA4ay WpdJ3ymeMemy0ysP1ia2xn2FFaK7tSeCB5Na2rAwDz8UlrNhJqMN5krtDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLGZH06OFo0CpsToVZnoKXzZClIMB8GA1UdIwQY MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQcTILDZn se1mVJc7cXfubo5nZ92LEfe1B+fOpFab+5OduhCnaOWfCv8QQNGlenM+sAtBO92A k3DtP4aI64mmO3CKEPam75YiG3oh3UM2PnPRO86VOb0KcxCwyDDyHGHx8gUAQh6W K0lgCPGaUwCMLnKq1G089nmPUp7RhDUrf9ZVxJTg6wzS4qi07ZoClVBY4HUTGlbA B4gE+c1kojeKAraGyFYJYcoCjbOs/VrfYRlv2ke7s2ee/ireBxrJJpRPzKSmli5p grycYs4h5NBvRYckix3VtU9St3hmBLQFkTsFNTWZzUNJP5xfDEtm6ZTyfhInARui 4hH6lJdSRMV90Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:26:02 2025 by rpki-client