This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft File: aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json) Hash identifier: 8gOrsVlA/vj73FNb8trxSb/2Ku195laI+4/cjQbGX88= Subject key identifier: C9:57:96:1C:1D:49:D9:07:0E:2B:F6:57:A3:AE:3E:CD:EF:28:13:17 Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0 Certificate issuer: /CN=69a10a129558c8380bc13d9ac45401d21dab9df0 Certificate serial: 019B3C7E1241CA8BDEDEAA0FF39F29353995 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft Manifest number: 1785 Signing time: Sat 20 Dec 2025 16:00:53 +0000 Manifest this update: Sat 20 Dec 2025 16:00:53 +0000 Manifest next update: Sun 21 Dec 2025 16:00:53 +0000 Files and hashes: 1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: 25UgVsqItyStS76y7aJrUPKGJZJr3V0Zmrbi8f2V4ms=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:12:41:ca:8b:de:de:aa:0f:f3:9f:29:35:39:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0 Validity Not Before: Dec 20 16:00:53 2025 GMT Not After : Dec 21 16:00:53 2025 GMT Subject: CN=c957961c1d49d9070e2bf657a3ae3ecdef281317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0a:45:6e:88:08:2a:aa:b8:59:68:53:b9:51: 09:f6:a5:d6:a8:39:0e:75:bd:34:8f:34:34:89:a4: 4c:1e:6d:3a:4d:bd:91:75:8b:ed:1f:64:10:a5:f3: 4c:92:02:30:4d:57:2d:7a:f8:99:7b:6b:15:c7:ba: cc:65:f4:92:11:7f:57:b3:69:51:c3:ca:23:f6:37: 4c:fa:1e:0e:e5:2b:6d:42:39:79:48:92:78:67:7f: 79:cb:c3:3b:38:41:ec:60:2e:04:6d:25:da:81:eb: 0a:8d:30:6c:ad:67:c5:1e:f0:a6:3f:bf:f2:78:3c: 54:be:b3:a1:74:36:76:ac:f2:9e:b2:13:e2:82:6f: d3:60:3e:b0:a9:94:05:df:fb:47:78:62:cc:55:5b: cb:6c:63:37:da:50:f9:28:f7:59:74:eb:06:f1:e9: f3:a9:12:11:06:d6:c0:f0:51:f6:e6:6e:a0:a1:fe: 20:6e:0e:ea:ac:2e:93:20:01:b3:d6:91:c3:18:5b: 26:d2:5f:07:79:5e:3c:57:f5:42:29:14:5a:22:fb: 33:ee:7c:f4:e9:a4:16:7a:68:4e:2b:80:10:bf:c7: 5d:f6:8a:bb:a7:c9:43:54:32:a0:8d:12:dd:b2:ed: 0b:c5:b1:4a:60:7d:b2:ab:d0:c6:5d:28:d0:36:d5: ed:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:57:96:1C:1D:49:D9:07:0E:2B:F6:57:A3:AE:3E:CD:EF:28:13:17 X509v3 Authority Key Identifier: keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:4d:21:8f:36:36:09:e7:f2:94:21:95:75:13:3b:4b:ae:3b: 90:c3:0c:40:ce:36:e6:fc:cf:ce:04:e1:83:73:36:b6:01:ad: 2d:d8:6d:67:2a:f1:e1:58:4c:5d:2a:e5:57:1d:66:a2:87:a0: a4:83:9b:cd:59:17:60:c5:27:47:6d:7a:78:9e:ae:7c:9c:d9: 8d:53:4b:b2:d6:02:58:f6:12:07:42:30:49:fa:a2:f5:c1:d8: ee:3d:02:a7:2b:ba:42:62:b1:f0:cd:9a:b2:35:3d:ec:8e:7f: d3:3b:44:f2:92:ab:ec:26:67:ee:92:5f:1d:71:cb:39:ea:e1: a5:58:87:fb:22:b6:5a:41:04:5b:5a:85:40:19:06:bb:52:24: f8:66:19:e5:b7:42:b7:09:d1:85:ef:08:ea:31:08:f9:dc:f8: 83:bd:da:8d:fc:d1:af:bd:79:43:ad:59:1e:9b:f0:57:75:10: 91:3f:24:3c:49:d1:72:fe:4a:ab:19:45:65:cb:d9:ab:97:4d: be:37:e0:5c:eb:66:5e:f6:0e:a0:0f:b9:82:13:68:80:b2:b3: 1f:d6:a3:37:29:1a:50:88:6b:17:d9:a6:e0:c5:22:04:82:f9: 59:77:d2:95:70:d0:b6:39:03:8b:5f:95:13:f1:7f:b7:b7:86: 3f:5d:4a:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fhJByove3qoP858pNTmVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh YjlkZjAwHhcNMjUxMjIwMTYwMDUzWhcNMjUxMjIxMTYwMDUzWjAzMTEwLwYDVQQD EyhjOTU3OTYxYzFkNDlkOTA3MGUyYmY2NTdhM2FlM2VjZGVmMjgxMzE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwpFbogIKqq4WWhTuVEJ9qXWqDkO db00jzQ0iaRMHm06Tb2RdYvtH2QQpfNMkgIwTVcteviZe2sVx7rMZfSSEX9Xs2lR w8oj9jdM+h4O5SttQjl5SJJ4Z395y8M7OEHsYC4EbSXagesKjTBsrWfFHvCmP7/y eDxUvrOhdDZ2rPKeshPigm/TYD6wqZQF3/tHeGLMVVvLbGM32lD5KPdZdOsG8enz qRIRBtbA8FH25m6gof4gbg7qrC6TIAGz1pHDGFsm0l8HeV48V/VCKRRaIvsz7nz0 6aQWemhOK4AQv8dd9oq7p8lDVDKgjRLdsu0LxbFKYH2yq9DGXSjQNtXtwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMlXlhwdSdkHDiv2V6OuPs3vKBMXMB8GA1UdIwQY MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2 LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApU0hjzY2 CefylCGVdRM7S647kMMMQM425vzPzgThg3M2tgGtLdhtZyrx4VhMXSrlVx1mooeg pIObzVkXYMUnR216eJ6ufJzZjVNLstYCWPYSB0IwSfqi9cHY7j0Cpyu6QmKx8M2a sjU97I5/0ztE8pKr7CZn7pJfHXHLOerhpViH+yK2WkEEW1qFQBkGu1Ik+GYZ5bdC twnRhe8I6jEI+dz4g73ajfzRr715Q61ZHpvwV3UQkT8kPEnRcv5KqxlFZcvZq5dN vjfgXOtmXvYOoA+5ghNogLKzH9ajNykaUIhrF9mm4MUiBIL5WXfSlXDQtjkDi1+V E/F/t7eGP11Kgg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:32:53 2025 by rpki-client