This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft File: A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json) Hash identifier: dpNJuMtaqn92dF5ahxGziDmAOucchqK5Tu18X0EC86c= Subject key identifier: BF:71:AF:79:D0:86:65:F2:2A:D3:06:D9:F4:CC:37:A1:C9:B8:49:90 Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 Certificate issuer: /CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Certificate serial: 019AF3896AA9AE72D622960ADB945E646D58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft Manifest number: 0A39 Signing time: Sat 06 Dec 2025 12:01:00 +0000 Manifest this update: Sat 06 Dec 2025 12:01:00 +0000 Manifest next update: Sun 07 Dec 2025 12:01:00 +0000 Files and hashes: 1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: 8IhzFz7Ofu7Hflb+XNo1f0LWKhay/pISK8+fDA7VYSs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:6a:a9:ae:72:d6:22:96:0a:db:94:5e:64:6d:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Validity Not Before: Dec 6 12:01:00 2025 GMT Not After : Dec 7 12:01:00 2025 GMT Subject: CN=bf71af79d08665f22ad306d9f4cc37a1c9b84990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:47:48:ee:1c:ce:d6:fd:c9:0a:ad:7d:ba:ec: 19:7a:8f:f1:26:93:94:21:03:6e:7a:cc:45:56:bb: bc:45:e9:81:0e:b4:f4:33:88:2f:63:80:e3:b8:97: 4a:cb:f1:43:44:f8:3e:10:11:f3:f0:f1:06:8a:4d: 8e:3a:07:15:6a:4a:66:9a:6b:9b:ad:28:a7:01:d9: d1:bf:c5:1c:5f:dc:b6:dd:d8:6e:d0:ef:27:2c:0f: 3e:fd:e6:6e:3f:da:df:4a:11:4b:65:22:81:ba:3c: c0:1d:06:ef:06:de:94:ce:d5:03:04:e0:22:ea:82: 5c:34:1e:b3:17:4f:0b:c1:bf:d3:04:5f:63:25:df: 15:34:12:98:fe:47:17:59:06:80:ac:73:a4:d7:93: 4f:f9:4a:fa:7b:45:4c:4e:dc:f8:70:0d:09:a6:15: b9:b6:5c:89:79:e8:a6:10:0c:15:c3:3b:6b:d5:bd: e2:04:ce:aa:3f:43:c9:1b:71:2a:9c:60:ec:0a:b8: 7b:b4:99:21:f0:7b:c9:e5:22:bf:65:c3:f4:66:ef: b9:c1:c8:07:74:f8:f4:75:58:20:b8:f8:7a:7d:83: aa:64:f4:e8:bf:c2:8a:16:36:2f:6f:52:f4:07:c1: 57:5e:83:ee:ae:c9:64:ed:b8:66:ee:8f:8d:62:7f: 8a:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:71:AF:79:D0:86:65:F2:2A:D3:06:D9:F4:CC:37:A1:C9:B8:49:90 X509v3 Authority Key Identifier: keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:32:ba:cc:f9:a4:5b:91:af:bb:93:9a:4a:14:ff:e8:87:2b: 77:a0:43:1e:27:78:b5:36:7c:49:23:cc:24:ba:48:90:6f:30: 96:1f:a6:87:a5:28:7c:04:7c:c0:41:59:33:a2:e8:9a:15:04: 16:4a:ad:87:6f:85:b7:7e:47:57:fa:16:94:6c:b3:ab:09:75: f8:22:47:05:3f:ad:72:5f:70:04:ff:ab:a9:e4:e0:3e:02:80: a4:83:8e:4b:c0:24:e4:e6:43:47:87:4c:20:bb:86:91:99:23: ba:de:af:2d:98:a6:f7:e4:d9:7f:f1:c1:e5:34:4e:09:83:71: 2a:b8:4c:1e:0f:d5:d2:a0:ce:ca:67:45:eb:77:05:be:f6:48: ba:9b:90:ca:3f:2b:f6:f7:16:11:30:d2:b9:e7:7d:ca:af:70: 07:1d:99:e9:6a:3a:36:39:12:73:32:db:34:0d:92:a9:d3:7d: 99:19:b8:e5:c6:52:b9:31:37:12:c3:6b:b9:37:7f:53:c5:26: d6:5b:76:7f:96:66:6a:1e:9a:77:3b:43:fb:d6:98:3d:22:19: fb:ba:2f:08:c1:5f:49:0b:14:ef:29:40:2e:d1:42:ab:85:4d: af:eb:a6:66:86:d2:ea:67:4e:2c:50:18:43:bf:8f:f8:f1:d2: da:74:db:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziWqprnLWIpYK25ReZG1YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh OTIxMjkwHhcNMjUxMjA2MTIwMTAwWhcNMjUxMjA3MTIwMTAwWjAzMTEwLwYDVQQD EyhiZjcxYWY3OWQwODY2NWYyMmFkMzA2ZDlmNGNjMzdhMWM5Yjg0OTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UdI7hzO1v3JCq19uuwZeo/xJpOU IQNuesxFVru8RemBDrT0M4gvY4DjuJdKy/FDRPg+EBHz8PEGik2OOgcVakpmmmub rSinAdnRv8UcX9y23dhu0O8nLA8+/eZuP9rfShFLZSKBujzAHQbvBt6UztUDBOAi 6oJcNB6zF08Lwb/TBF9jJd8VNBKY/kcXWQaArHOk15NP+Ur6e0VMTtz4cA0JphW5 tlyJeeimEAwVwztr1b3iBM6qP0PJG3EqnGDsCrh7tJkh8HvJ5SK/ZcP0Zu+5wcgH dPj0dVgguPh6fYOqZPTov8KKFjYvb1L0B8FXXoPurslk7bhm7o+NYn+K8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9xr3nQhmXyKtMG2fTMN6HJuEmQMB8GA1UdIwQY MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4 LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXjK6zPmk W5Gvu5OaShT/6Icrd6BDHid4tTZ8SSPMJLpIkG8wlh+mh6UofAR8wEFZM6LomhUE Fkqth2+Ft35HV/oWlGyzqwl1+CJHBT+tcl9wBP+rqeTgPgKApIOOS8Ak5OZDR4dM ILuGkZkjut6vLZim9+TZf/HB5TROCYNxKrhMHg/V0qDOymdF63cFvvZIupuQyj8r 9vcWETDSued9yq9wBx2Z6Wo6NjkSczLbNA2SqdN9mRm45cZSuTE3EsNruTd/U8Um 1lt2f5Zmah6adztD+9aYPSIZ+7ovCMFfSQsU7ylALtFCq4VNr+umZobS6mdOLFAY Q7+P+PHS2nTbrA== -----END CERTIFICATE-----Generated at Sat Dec 6 19:29:49 2025 by rpki-client