This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft File: AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json) Hash identifier: T6Ln7e834BniMPVEd6kG1zNGyH7sqXaPt9KkVOwGWK0= Subject key identifier: EA:17:54:75:6A:43:FE:61:55:22:33:48:19:D9:44:15:EC:91:A4:AC Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C Certificate issuer: /CN=00871ef43fca092142d935585f2192646f474c1c Certificate serial: 019AF0F5C9AE96026284B5A6E8CBC8053D76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft Manifest number: 55 Signing time: Sat 06 Dec 2025 00:00:30 +0000 Manifest this update: Sat 06 Dec 2025 00:00:30 +0000 Manifest next update: Sun 07 Dec 2025 00:00:30 +0000 Files and hashes: 1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: dj+MMpRh/0LGIgNL4tN5X4FWer7btc5CoBTzBpYTIlg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:c9:ae:96:02:62:84:b5:a6:e8:cb:c8:05:3d:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00871ef43fca092142d935585f2192646f474c1c Validity Not Before: Dec 6 00:00:30 2025 GMT Not After : Dec 7 00:00:30 2025 GMT Subject: CN=ea1754756a43fe615522334819d94415ec91a4ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f5:f1:ce:31:00:e4:c6:a7:7c:5d:f2:1f:26: 67:9c:f7:88:6a:81:07:03:c4:7d:df:09:50:29:df: 76:4e:a7:0e:ca:1c:64:8a:f0:34:74:5e:42:63:18: ec:ef:bf:31:b1:89:53:9d:b6:46:b6:27:d3:28:09: 46:6c:c1:70:de:41:7d:58:8a:9d:23:45:c5:30:7e: 1f:9c:d1:52:8e:5f:3d:05:89:81:2b:c5:77:0d:59: 4e:2c:cb:a6:22:8c:f7:0f:28:ae:5d:34:69:ff:4c: e1:8f:36:e3:b7:d8:d4:a8:d2:44:10:a8:a1:31:07: 51:13:e3:f7:28:ab:be:3a:bf:b7:78:fe:61:9c:a9: 5a:46:eb:3f:5e:b5:67:4a:ba:5b:b6:30:67:0c:18: 39:8e:e7:54:4c:6e:be:ce:f8:46:3e:a2:9c:8e:a9: d8:70:f0:dc:70:08:12:34:3f:72:eb:37:dc:e2:2a: 30:90:91:63:f7:5c:f9:98:3f:25:9e:37:a6:5c:dd: c8:93:9b:21:c3:99:cd:f7:7a:37:58:83:8d:ce:db: 9c:d7:8d:47:77:20:c3:9c:46:20:6d:ab:09:d7:7c: 3c:92:1d:11:fc:e8:ab:f4:d5:2b:c4:38:6a:67:95: ae:d4:04:0a:1b:ef:35:f5:7e:fd:88:56:1d:48:d5: d3:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:17:54:75:6A:43:FE:61:55:22:33:48:19:D9:44:15:EC:91:A4:AC X509v3 Authority Key Identifier: keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:bc:22:be:9f:8e:16:d7:67:91:a9:3c:f3:dc:8b:5a:0f:65: f5:f6:a4:9f:a0:a4:de:99:b1:53:48:67:cf:4e:58:6a:94:a9: 16:df:34:dc:3c:38:0b:80:b1:f1:48:34:d2:2e:d5:3b:11:49: 58:40:e0:ac:ae:2c:80:7e:80:de:91:17:a9:82:6c:2c:d9:10: 64:8d:75:2e:41:b7:97:41:35:29:7a:0c:ad:85:17:89:20:57: e5:7d:66:14:1f:e0:c1:b6:bf:80:d0:fd:7c:c1:9e:68:25:95: 13:bf:7a:96:5c:e5:a9:fd:7c:2f:35:f2:c2:e6:4b:c4:54:19: ae:a9:01:7b:c8:72:44:fc:14:7a:5b:d1:01:3e:0d:64:74:0a: 89:67:c6:18:e9:af:59:16:0c:29:5e:3a:89:ce:87:f2:d3:88: 11:c0:27:4e:c2:b2:d5:27:9e:a3:bb:37:c0:03:73:48:ae:ab: a6:1c:65:69:89:f6:22:ab:34:d2:55:10:6e:91:68:b1:bf:ec: 91:2f:0d:4d:52:ef:cf:0e:bb:43:ac:cf:5e:41:5e:6f:f5:e9: 96:87:da:f3:1d:0a:aa:d5:a7:34:2a:47:6e:70:8e:0a:2b:d1: c0:b8:bf:75:a3:8e:3b:dc:84:90:d1:ef:0f:ae:52:91:c3:9e: 7b:54:b7:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9cmulgJihLWm6MvIBT12MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0 NzRjMWMwHhcNMjUxMjA2MDAwMDMwWhcNMjUxMjA3MDAwMDMwWjAzMTEwLwYDVQQD EyhlYTE3NTQ3NTZhNDNmZTYxNTUyMjMzNDgxOWQ5NDQxNWVjOTFhNGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/XxzjEA5ManfF3yHyZnnPeIaoEH A8R93wlQKd92TqcOyhxkivA0dF5CYxjs778xsYlTnbZGtifTKAlGbMFw3kF9WIqd I0XFMH4fnNFSjl89BYmBK8V3DVlOLMumIoz3DyiuXTRp/0zhjzbjt9jUqNJEEKih MQdRE+P3KKu+Or+3eP5hnKlaRus/XrVnSrpbtjBnDBg5judUTG6+zvhGPqKcjqnY cPDccAgSND9y6zfc4iowkJFj91z5mD8lnjemXN3Ik5shw5nN93o3WIONztuc141H dyDDnEYgbasJ13w8kh0R/Oir9NUrxDhqZ5Wu1AQKG+819X79iFYdSNXTbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOoXVHVqQ/5hVSIzSBnZRBXskaSsMB8GA1UdIwQY MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmbwivp+O Ftdnkak889yLWg9l9fakn6Ck3pmxU0hnz05YapSpFt803Dw4C4Cx8Ug00i7VOxFJ WEDgrK4sgH6A3pEXqYJsLNkQZI11LkG3l0E1KXoMrYUXiSBX5X1mFB/gwba/gND9 fMGeaCWVE796llzlqf18LzXywuZLxFQZrqkBe8hyRPwUelvRAT4NZHQKiWfGGOmv WRYMKV46ic6H8tOIEcAnTsKy1Seeo7s3wANzSK6rphxlaYn2Iqs00lUQbpFosb/s kS8NTVLvzw67Q6zPXkFeb/Xplofa8x0KqtWnNCpHbnCOCivRwLi/daOOO9yEkNHv D65SkcOee1S3mw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:02:34 2025 by rpki-client