This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft File: aEZbnPs2jGnssOP-o7VCupxzAfQ.mft (raw, json) Hash identifier: DiJP0hchD57w20bMcoaFyla2mPv/0/zec7lonZY2lwA= Subject key identifier: 26:A9:F2:33:5D:8E:C9:E0:5D:8D:F3:73:8B:21:11:36:AE:24:65:EC Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Certificate serial: 019AF65388A7065B144478C285CED56361F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft Manifest number: 147C Signing time: Sun 07 Dec 2025 01:01:00 +0000 Manifest this update: Sun 07 Dec 2025 01:01:00 +0000 Manifest next update: Mon 08 Dec 2025 01:01:00 +0000 Files and hashes: 1: aEZbnPs2jGnssOP-o7VCupxzAfQ.crl (hash: CkKkuYtpC1KFk3GcDBMjsoK8Ay9834x+nfGo5d/UZ7U=) 2: s3MszUL2Sssrqjezj_btDkPTmQg.roa (hash: rgkSdfEiUESbKFQA8EcHOyD2UnXv2kAlPQ3EqnLhSNk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:53:88:a7:06:5b:14:44:78:c2:85:ce:d5:63:61:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Validity Not Before: Dec 7 01:01:00 2025 GMT Not After : Dec 8 01:01:00 2025 GMT Subject: CN=26a9f2335d8ec9e05d8df3738b211136ae2465ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:96:de:29:4f:f6:98:f9:d0:06:a8:2e:fe:d9: 76:92:a0:5e:71:78:00:92:0a:f5:4d:83:2c:79:16: d4:e3:06:ac:df:ed:0c:90:89:2f:03:40:78:1b:0b: 5d:c3:c2:c0:58:da:85:0d:70:40:f0:e3:57:90:ca: 96:3b:80:f7:c5:36:02:dc:a6:e1:de:07:a4:dc:2d: 49:10:c3:86:fe:54:f1:61:96:ab:b7:3a:d5:57:c4: 18:06:cc:34:4e:42:8a:99:5b:3f:b1:9a:15:5e:93: 6a:17:e0:25:82:53:76:fd:76:25:4e:ac:df:44:bd: d0:d3:6b:3e:e9:9c:7c:e9:b7:77:05:55:b0:89:be: c0:97:41:65:6c:70:90:b1:e5:3c:0f:c0:f2:0c:93: d2:5c:85:63:eb:20:be:f8:7d:d4:82:50:22:3b:1b: 88:89:62:ac:e2:9a:d1:fe:54:0c:e3:68:02:58:a4: c5:fb:29:3a:54:f3:59:09:a9:4d:b2:da:55:1f:56: a2:87:67:08:a0:9a:02:83:f0:54:f3:48:24:28:ac: 2d:e6:93:d1:5d:63:75:ea:e0:45:45:88:66:3b:5f: de:67:67:e2:2c:62:67:d8:ca:5f:95:da:fd:08:10: ec:29:83:75:05:f8:89:ed:d2:ed:4f:4d:42:d0:b5: a2:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:A9:F2:33:5D:8E:C9:E0:5D:8D:F3:73:8B:21:11:36:AE:24:65:EC X509v3 Authority Key Identifier: keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:86:a5:be:99:80:42:82:19:6d:d2:1d:98:57:38:0c:2a:ca: e3:7c:62:76:3f:30:29:51:ef:9c:d5:e4:29:6f:d8:44:fc:e3: 32:36:a7:46:97:f8:64:f6:a4:cd:f3:fe:2c:63:d6:e1:49:b5: fa:60:01:f2:89:b6:24:92:c8:a5:41:f4:9d:cb:91:07:7c:6f: ec:fc:77:0f:d9:66:a8:89:1c:41:27:8f:cc:a1:b7:ed:22:d1: 0f:43:fb:90:1a:d6:d5:8b:82:61:32:4c:3e:89:1c:4e:cc:b2: 3a:3a:a2:6e:61:e1:d0:e8:ff:76:ce:2c:75:e1:0f:26:88:ae: c7:23:7c:23:e7:b1:a6:15:3f:75:7d:3d:46:57:21:4a:fa:77: c7:ab:d3:eb:a1:fd:07:52:bc:ee:30:40:d1:2a:77:a6:57:c5: fe:69:7a:ec:b8:0a:40:f8:11:4c:c4:8c:2d:72:ad:17:94:2a: 1a:43:55:f8:2a:07:e4:6f:d4:9a:c3:e5:bd:7b:ef:70:68:b2: e7:a6:ae:d8:86:c8:74:2c:b0:42:dd:2a:8e:66:d1:02:7f:76: 23:63:d1:e4:21:60:7e:99:5d:de:91:14:85:3f:f3:51:4f:92: 2d:2f:a4:54:2e:58:fc:8d:c7:70:f1:1f:67:a6:6f:28:ec:b5: 2b:2a:cb:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2U4inBlsURHjChc7VY2HzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3 MzAxZjQwHhcNMjUxMjA3MDEwMTAwWhcNMjUxMjA4MDEwMTAwWjAzMTEwLwYDVQQD EygyNmE5ZjIzMzVkOGVjOWUwNWQ4ZGYzNzM4YjIxMTEzNmFlMjQ2NWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pbeKU/2mPnQBqgu/tl2kqBecXgA kgr1TYMseRbU4was3+0MkIkvA0B4Gwtdw8LAWNqFDXBA8ONXkMqWO4D3xTYC3Kbh 3gek3C1JEMOG/lTxYZartzrVV8QYBsw0TkKKmVs/sZoVXpNqF+AlglN2/XYlTqzf RL3Q02s+6Zx86bd3BVWwib7Al0FlbHCQseU8D8DyDJPSXIVj6yC++H3UglAiOxuI iWKs4prR/lQM42gCWKTF+yk6VPNZCalNstpVH1aih2cIoJoCg/BU80gkKKwt5pPR XWN16uBFRYhmO1/eZ2fiLGJn2Mpfldr9CBDsKYN1BfiJ7dLtT01C0LWiqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCap8jNdjsngXY3zc4shETauJGXsMB8GA1UdIwQY MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt MWFlYTViZTE1MGZhLzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYalvpmA QoIZbdIdmFc4DCrK43xidj8wKVHvnNXkKW/YRPzjMjanRpf4ZPakzfP+LGPW4Um1 +mAB8om2JJLIpUH0ncuRB3xv7Px3D9lmqIkcQSePzKG37SLRD0P7kBrW1YuCYTJM PokcTsyyOjqibmHh0Oj/ds4sdeEPJoiuxyN8I+exphU/dX09RlchSvp3x6vT66H9 B1K87jBA0Sp3plfF/ml67LgKQPgRTMSMLXKtF5QqGkNV+CoH5G/UmsPlvXvvcGiy 56au2IbIdCywQt0qjmbRAn92I2PR5CFgfpld3pEUhT/zUU+SLS+kVC5Y/I3HcPEf Z6ZvKOy1KyrLTg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:54:07 2025 by rpki-client