This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft File: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json) Hash identifier: R9Qk8P2py8B4Y2XX+E/tbnyyY8AwEINSbt0TZee5hXc= Subject key identifier: D0:76:E1:0B:A5:F3:B1:0F:40:F5:34:29:89:D7:4A:4B:4A:04:12:DD Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2 Certificate issuer: /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2 Certificate serial: 019AF12DF5029D1C2AF37E448CD61278C903 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft Manifest number: 1745 Signing time: Sat 06 Dec 2025 01:01:52 +0000 Manifest this update: Sat 06 Dec 2025 01:01:52 +0000 Manifest next update: Sun 07 Dec 2025 01:01:52 +0000 Files and hashes: 1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: xuImTDArB5/B3la+Na9CO4eRx9QhP5eD7855O0qPNp8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f5:02:9d:1c:2a:f3:7e:44:8c:d6:12:78:c9:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2 Validity Not Before: Dec 6 01:01:52 2025 GMT Not After : Dec 7 01:01:52 2025 GMT Subject: CN=d076e10ba5f3b10f40f5342989d74a4b4a0412dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d2:a2:a9:54:1b:1d:48:28:67:64:0a:fb:71: c9:bb:c0:46:73:b7:7d:a2:49:47:d4:55:73:1e:37: 75:af:83:8b:89:75:6d:d8:6a:5b:96:a8:ac:53:cd: e9:57:bc:5f:b0:cf:92:c2:bf:82:80:59:87:32:48: 31:1b:56:4b:ee:40:9e:c9:09:9b:1b:3b:cc:ba:72: 62:df:91:dc:9c:86:51:67:eb:16:e1:c5:3a:3b:d6: ce:92:87:f7:e9:ca:0f:c0:bc:91:cb:db:c6:02:b6: 06:2b:3b:46:0d:85:b6:6d:4c:7c:d0:77:2d:55:c2: c6:b1:0b:c6:50:3e:f7:41:87:8c:a6:ae:26:9a:ef: f6:fe:f2:28:4b:b6:d5:07:bb:84:01:e5:8f:c3:fd: be:82:9c:79:b4:4d:59:69:3d:03:97:ee:19:dc:16: 0f:b4:82:1d:d7:4d:aa:36:e4:62:5b:d8:06:ff:83: ec:e3:68:6a:88:62:2a:26:ac:9b:e5:ef:2e:e6:6d: 1a:c3:f6:ff:2c:06:a8:95:0f:af:57:c3:c4:1e:a5: 1d:de:1d:73:6f:e5:ef:72:99:fb:94:ff:0a:ce:a6: b3:88:97:ff:ab:7b:d2:50:62:da:04:62:77:e9:79: 9c:10:03:55:6a:82:54:ef:bd:9b:dd:b9:1d:2d:ac: 20:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:76:E1:0B:A5:F3:B1:0F:40:F5:34:29:89:D7:4A:4B:4A:04:12:DD X509v3 Authority Key Identifier: keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:6f:db:0a:1e:c2:46:af:25:ef:9a:5e:c5:08:0e:29:af:8e: 55:f9:89:3a:df:d4:c1:e3:0c:4d:f9:dc:9f:e2:c0:e3:d1:1c: 16:3a:b0:c0:c3:92:0e:9b:c0:fc:2f:76:4e:c1:8b:4a:2a:d5: 37:d8:c8:7a:36:f4:0a:1d:d9:c5:e7:fe:b4:53:14:d4:c1:2c: 16:3d:62:91:23:1b:ca:e9:9f:5e:75:84:9d:cc:d4:2b:b6:13: 52:9d:50:61:3a:f4:1c:15:f9:01:f4:3f:03:ae:1e:04:cb:7d: cb:68:a4:9d:d0:42:52:2f:a2:19:da:ec:b9:59:17:6f:5b:eb: d0:16:d4:bb:f1:d0:4f:cb:bc:4e:99:37:c2:3f:9e:72:ef:bb: 67:74:fa:bf:64:ab:b5:72:82:06:d7:39:d2:82:3a:9c:1d:96: 5a:41:07:4f:43:98:b7:b3:37:7d:54:35:42:e7:13:b6:5a:e1: 86:f1:9a:68:7d:45:c5:8e:ea:47:da:a8:3f:c1:54:54:ae:ab: a4:30:76:a3:c9:30:40:9d:12:70:1d:3f:63:d0:ab:04:21:26: 40:0e:5a:a6:b1:b0:5f:0d:4c:63:d7:ba:73:40:fc:96:d2:ed: f7:f4:a4:40:f3:88:09:64:91:b3:8d:75:fd:f3:41:4c:8a:04: 7c:e7:f6:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfUCnRwq835EjNYSeMkDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5 MWM0YzIwHhcNMjUxMjA2MDEwMTUyWhcNMjUxMjA3MDEwMTUyWjAzMTEwLwYDVQQD EyhkMDc2ZTEwYmE1ZjNiMTBmNDBmNTM0Mjk4OWQ3NGE0YjRhMDQxMmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNKiqVQbHUgoZ2QK+3HJu8BGc7d9 oklH1FVzHjd1r4OLiXVt2GpblqisU83pV7xfsM+Swr+CgFmHMkgxG1ZL7kCeyQmb GzvMunJi35HcnIZRZ+sW4cU6O9bOkof36coPwLyRy9vGArYGKztGDYW2bUx80Hct VcLGsQvGUD73QYeMpq4mmu/2/vIoS7bVB7uEAeWPw/2+gpx5tE1ZaT0Dl+4Z3BYP tIId102qNuRiW9gG/4Ps42hqiGIqJqyb5e8u5m0aw/b/LAaolQ+vV8PEHqUd3h1z b+Xvcpn7lP8KzqaziJf/q3vSUGLaBGJ36XmcEANVaoJU772b3bkdLawgBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNB24Qul87EPQPU0KYnXSktKBBLdMB8GA1UdIwQY MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJm/bCh7C Rq8l75pexQgOKa+OVfmJOt/UweMMTfncn+LA49EcFjqwwMOSDpvA/C92TsGLSirV N9jIejb0Ch3Zxef+tFMU1MEsFj1ikSMbyumfXnWEnczUK7YTUp1QYTr0HBX5AfQ/ A64eBMt9y2ikndBCUi+iGdrsuVkXb1vr0BbUu/HQT8u8Tpk3wj+ecu+7Z3T6v2Sr tXKCBtc50oI6nB2WWkEHT0OYt7M3fVQ1QucTtlrhhvGaaH1FxY7qR9qoP8FUVK6r pDB2o8kwQJ0ScB0/Y9CrBCEmQA5aprGwXw1MY9e6c0D8ltLt9/SkQPOICWSRs411 /fNBTIoEfOf2OA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:21 2025 by rpki-client