This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft File: aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json) Hash identifier: RiAKUKVY3qvwtcNE9jrl9UjC6HragLLF0nIhzhdzLTQ= Subject key identifier: 3A:AA:74:9F:30:32:69:87:C0:D2:A6:45:D2:69:AE:05:9D:6A:C7:5A Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 Certificate issuer: /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Certificate serial: 019B187172A81839267361F6A91601D5F050 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft Manifest number: 0E8F Signing time: Sat 13 Dec 2025 16:00:46 +0000 Manifest this update: Sat 13 Dec 2025 16:00:46 +0000 Manifest next update: Sun 14 Dec 2025 16:00:46 +0000 Files and hashes: 1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: HtnxWwVn0e892q79qv3ee1J/VflAMxbu5doeQ4Rk+qI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 16:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:71:72:a8:18:39:26:73:61:f6:a9:16:01:d5:f0:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Validity Not Before: Dec 13 16:00:46 2025 GMT Not After : Dec 14 16:00:46 2025 GMT Subject: CN=3aaa749f30326987c0d2a645d269ae059d6ac75a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:92:d4:6b:d7:22:6e:3c:6b:e9:38:20:97:04: 41:3e:c7:c1:a8:f1:7a:41:7e:9a:aa:aa:17:3a:12: c5:28:37:81:21:a1:24:80:19:cd:1e:61:de:8f:b7: 94:80:5e:25:94:64:b6:36:b5:90:81:74:c5:27:22: 05:43:1c:06:a3:22:4d:64:c6:59:6d:67:34:75:12: d7:cd:dc:cb:5e:b3:52:ca:86:b7:b5:86:5d:00:c4: af:c1:58:1d:2c:28:fb:05:80:0d:de:59:1d:87:fd: fb:4b:38:c4:09:e3:8e:c8:84:06:a7:b8:09:43:3e: 51:7a:d5:24:73:b2:43:04:7c:88:c3:ed:49:7c:58: 78:cd:2c:74:c6:6f:dc:1c:aa:41:d7:57:cb:38:68: 2a:44:40:91:ca:01:9e:88:b4:71:78:79:51:65:34: 3e:4d:90:30:cf:4d:26:39:e2:2d:19:4e:2b:4b:b2: e6:54:e9:f4:80:a0:81:9c:d9:04:3c:ac:ac:bc:f7: e5:9c:74:ab:f1:f6:9f:ca:a6:5e:11:c7:32:f8:e2: ec:18:0c:84:d7:06:b9:3e:a9:c4:14:f7:54:bd:1c: c1:41:60:73:74:5e:38:48:00:45:40:a7:27:29:01: 25:27:7c:76:d1:70:9d:2b:ba:14:93:e6:ae:18:69: fd:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:AA:74:9F:30:32:69:87:C0:D2:A6:45:D2:69:AE:05:9D:6A:C7:5A X509v3 Authority Key Identifier: keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:4a:dc:56:3e:73:3b:d0:6b:5f:28:dd:9b:53:79:49:2a:f0: 9b:83:1c:6b:cc:18:d2:a0:7b:4e:b9:55:f4:7c:99:65:0b:61: c3:2b:d2:70:2a:2e:11:d0:df:d4:b2:80:eb:54:46:82:85:ae: 63:59:af:a1:66:87:87:bd:d8:32:17:12:49:bf:ee:e3:cb:43: 74:b4:ea:8c:5b:5f:d1:f3:75:c9:c0:04:67:8b:eb:94:db:49: 3b:a5:45:d4:f6:e6:2d:14:46:cc:62:ec:2e:17:07:5e:b1:f4: 34:e6:ce:c2:34:f2:6e:b1:db:4d:d4:51:e3:cd:20:c2:91:85: 6b:74:ac:b1:77:23:3d:c0:a0:5a:f6:79:b0:ba:cb:90:cc:f6: 8b:1c:00:9f:11:80:2b:a4:1c:50:86:9a:4a:88:1e:32:38:bf: 2d:37:41:c0:06:9a:d2:91:9d:00:f7:2a:5d:50:bd:2f:3d:e7: 58:b5:4f:a7:84:71:37:8c:a8:c5:f3:2d:49:31:dd:9f:f3:e1: ef:b8:33:61:70:52:a8:f3:49:5c:80:a4:e6:05:6e:d6:91:86: 0a:9d:4a:37:79:82:3c:e5:f6:92:34:77:b8:80:3f:dc:30:cc: 99:ff:0f:28:d4:4b:e1:27:21:3a:44:5e:86:83:f2:af:e1:b2: b3:7a:3a:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsYcXKoGDkmc2H2qRYB1fBQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1 OTYwYTEwHhcNMjUxMjEzMTYwMDQ2WhcNMjUxMjE0MTYwMDQ2WjAzMTEwLwYDVQQD EygzYWFhNzQ5ZjMwMzI2OTg3YzBkMmE2NDVkMjY5YWUwNTlkNmFjNzVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJLUa9cibjxr6TgglwRBPsfBqPF6 QX6aqqoXOhLFKDeBIaEkgBnNHmHej7eUgF4llGS2NrWQgXTFJyIFQxwGoyJNZMZZ bWc0dRLXzdzLXrNSyoa3tYZdAMSvwVgdLCj7BYAN3lkdh/37SzjECeOOyIQGp7gJ Qz5RetUkc7JDBHyIw+1JfFh4zSx0xm/cHKpB11fLOGgqRECRygGeiLRxeHlRZTQ+ TZAwz00mOeItGU4rS7LmVOn0gKCBnNkEPKysvPflnHSr8fafyqZeEccy+OLsGAyE 1wa5PqnEFPdUvRzBQWBzdF44SABFQKcnKQElJ3x20XCdK7oUk+auGGn9bwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqqdJ8wMmmHwNKmRdJprgWdasdaMB8GA1UdIwQY MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKErcVj5z O9BrXyjdm1N5SSrwm4Mca8wY0qB7TrlV9HyZZQthwyvScCouEdDf1LKA61RGgoWu Y1mvoWaHh73YMhcSSb/u48tDdLTqjFtf0fN1ycAEZ4vrlNtJO6VF1PbmLRRGzGLs LhcHXrH0NObOwjTybrHbTdRR480gwpGFa3SssXcjPcCgWvZ5sLrLkMz2ixwAnxGA K6QcUIaaSogeMji/LTdBwAaa0pGdAPcqXVC9Lz3nWLVPp4RxN4yoxfMtSTHdn/Ph 77gzYXBSqPNJXICk5gVu1pGGCp1KN3mCPOX2kjR3uIA/3DDMmf8PKNRL4SchOkRe hoPyr+Gys3o6IA== -----END CERTIFICATE-----Generated at Sun Dec 14 00:06:07 2025 by rpki-client