This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json) Hash identifier: O90zBhTtgH236Wq+96rKKcB3fhe4j8n8Jjh3pg+O2n4= Subject key identifier: B8:8B:D6:5A:47:8F:01:61:C7:8F:BC:0C:40:33:D7:42:B8:24:76:C8 Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Certificate serial: 019B5C76FC8F46AFC96834BA447FB81F55EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft Manifest number: 0B89 Signing time: Fri 26 Dec 2025 21:01:00 +0000 Manifest this update: Fri 26 Dec 2025 21:01:00 +0000 Manifest next update: Sat 27 Dec 2025 21:01:00 +0000 Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: uns9rRxO+J4N8M2pZ3UgOYgPnGCLr0aR48DRxFfzeMQ=) 2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:76:fc:8f:46:af:c9:68:34:ba:44:7f:b8:1f:55:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Validity Not Before: Dec 26 21:01:00 2025 GMT Not After : Dec 27 21:01:00 2025 GMT Subject: CN=b88bd65a478f0161c78fbc0c4033d742b82476c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:11:11:2d:9f:d5:ce:d3:f2:80:fa:ff:ab:ec: 65:fe:a3:cc:c0:25:95:e9:b1:1b:a9:95:9b:b8:35: c4:9f:0a:77:cc:55:0f:b6:66:9b:84:df:00:9b:72: d4:83:2f:e6:92:18:d4:de:97:4b:02:92:47:83:09: 42:6f:24:a8:28:bc:8f:c5:d8:b2:c9:ee:d9:95:74: 84:b4:82:65:20:77:bb:a3:aa:d9:03:b5:de:76:13: ad:64:41:47:81:00:07:50:03:c7:86:e0:c8:47:3e: 40:95:b4:9d:e1:7f:da:0d:1e:80:ba:31:d3:f1:cb: 24:62:09:bd:2f:3b:fd:29:df:ea:cc:7e:14:42:bf: fb:82:55:2d:e1:b2:b3:e9:44:41:4f:11:36:31:74: 5e:e2:53:8b:d6:0b:0b:df:7e:31:72:70:48:c3:3e: 98:b3:db:31:05:4a:e3:44:c4:47:0b:b3:b6:ff:b2: 0a:b6:48:2c:5a:cd:6e:51:b9:79:b9:11:6e:7b:78: fd:a7:e1:47:5a:9a:e3:aa:3c:53:33:8d:96:91:6c: 6c:e8:df:08:7a:49:0f:5f:bf:f3:2c:c2:d8:b5:d5: 77:6d:30:14:33:0c:b2:f5:1b:5b:19:12:ce:34:90: 0b:98:e5:61:78:7a:3f:6f:4d:09:94:0c:3a:2a:41: cf:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:8B:D6:5A:47:8F:01:61:C7:8F:BC:0C:40:33:D7:42:B8:24:76:C8 X509v3 Authority Key Identifier: keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:a7:44:e7:05:d7:5a:78:12:11:b3:0a:d8:6d:ab:17:5f:f1: 5f:22:b1:51:55:da:2e:0d:d1:9e:fd:3c:32:cb:dd:72:11:84: 95:cb:92:2a:75:19:24:3c:c1:23:70:6b:d5:17:ed:c7:dd:34: f6:00:67:bf:bd:3e:d2:c0:15:a4:44:58:a7:fd:8a:c2:5c:73: 68:ec:71:e2:14:6e:8b:db:25:ec:a0:df:87:43:3c:f7:3e:2e: 71:b7:1b:0d:74:dd:81:07:20:02:ca:23:8b:61:5e:47:21:bf: 88:bc:d7:85:f0:cb:f4:c1:22:e5:a0:df:c0:06:11:fa:e1:df: 5c:3b:6b:b4:d7:14:01:ad:cf:78:3d:53:d4:01:e6:60:1d:dc: 15:27:68:c9:c2:12:20:93:58:69:18:a3:83:86:46:52:02:c3: e5:72:3b:57:ec:27:a7:c4:01:44:6a:84:ad:f5:af:be:0c:12: 94:f7:ef:8c:92:31:34:bf:54:d5:28:b3:84:55:7e:32:ae:db: 9f:83:04:7e:a7:d3:b4:8f:97:7f:94:d2:3e:de:3a:9b:0f:6c: 82:08:f2:c3:91:d2:44:23:e4:13:fc:f6:b6:8e:31:58:0d:0c: 99:d7:71:25:c6:68:ab:8c:60:fa:49:57:0b:e7:6a:ad:0b:e0: a1:13:51:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcdvyPRq/JaDS6RH+4H1XuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj ZTljOTgwHhcNMjUxMjI2MjEwMTAwWhcNMjUxMjI3MjEwMTAwWjAzMTEwLwYDVQQD EyhiODhiZDY1YTQ3OGYwMTYxYzc4ZmJjMGM0MDMzZDc0MmI4MjQ3NmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRERLZ/VztPygPr/q+xl/qPMwCWV 6bEbqZWbuDXEnwp3zFUPtmabhN8Am3LUgy/mkhjU3pdLApJHgwlCbySoKLyPxdiy ye7ZlXSEtIJlIHe7o6rZA7XedhOtZEFHgQAHUAPHhuDIRz5AlbSd4X/aDR6AujHT 8cskYgm9Lzv9Kd/qzH4UQr/7glUt4bKz6URBTxE2MXRe4lOL1gsL334xcnBIwz6Y s9sxBUrjRMRHC7O2/7IKtkgsWs1uUbl5uRFue3j9p+FHWprjqjxTM42WkWxs6N8I ekkPX7/zLMLYtdV3bTAUMwyy9RtbGRLONJALmOVheHo/b00JlAw6KkHPqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLiL1lpHjwFhx4+8DEAz10K4JHbIMB8GA1UdIwQY MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKdE5wXX WngSEbMK2G2rF1/xXyKxUVXaLg3Rnv08MsvdchGElcuSKnUZJDzBI3Br1Rftx900 9gBnv70+0sAVpERYp/2KwlxzaOxx4hRui9sl7KDfh0M89z4ucbcbDXTdgQcgAsoj i2FeRyG/iLzXhfDL9MEi5aDfwAYR+uHfXDtrtNcUAa3PeD1T1AHmYB3cFSdoycIS IJNYaRijg4ZGUgLD5XI7V+wnp8QBRGqErfWvvgwSlPfvjJIxNL9U1SizhFV+Mq7b n4MEfqfTtI+Xf5TSPt46mw9sggjyw5HSRCPkE/z2to4xWA0MmddxJcZoq4xg+klX C+dqrQvgoRNReg== -----END CERTIFICATE-----Generated at Sat Dec 27 00:46:49 2025 by rpki-client