This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json) Hash identifier: 1JJUM90+safJ/GC5QTf7bl5Po/zIffPD4fTn8RwcYcY= Subject key identifier: FD:78:6F:4F:FD:6E:E4:A4:9E:5C:BD:30:3D:2F:27:B6:F4:7F:78:C8 Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d Certificate serial: 019B3644FB0C1456315E0CA5EF3A2BB54104 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft Manifest number: 1785 Signing time: Fri 19 Dec 2025 11:00:48 +0000 Manifest this update: Fri 19 Dec 2025 11:00:48 +0000 Manifest next update: Sat 20 Dec 2025 11:00:48 +0000 Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: NzGzI/OJWUM34GIMxUshNkLz61BqX1aR3PdOd3HQgwo=) 2: nJZ2h-CE2RpObbNuUbuQAsAe9wo.roa (hash: XjXLrJ8ZAfMXOtdh84OSK02UeKqf16aa2sgmGiELBao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:44:fb:0c:14:56:31:5e:0c:a5:ef:3a:2b:b5:41:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d Validity Not Before: Dec 19 11:00:48 2025 GMT Not After : Dec 20 11:00:48 2025 GMT Subject: CN=fd786f4ffd6ee4a49e5cbd303d2f27b6f47f78c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:51:ab:3b:c0:d0:4e:a9:d9:7d:52:96:21:8f: ff:05:31:7a:20:b3:27:b4:78:73:ac:85:9f:f6:14: dc:fe:c3:b9:6e:b5:bc:ae:af:f5:c9:bf:f1:ba:06: 8c:28:1f:da:d2:5e:1c:06:04:c1:f7:68:89:76:e6: 60:46:c7:1d:89:b5:45:59:df:14:dc:0d:17:28:3a: 89:ae:71:9a:38:10:fd:c1:4a:b5:b8:35:4e:92:fb: e1:6a:91:6c:10:9e:75:ba:81:62:a6:cb:5a:a8:56: 51:c1:db:b8:db:44:35:16:33:91:06:eb:05:4c:8b: 4c:2b:de:9b:6e:9c:bf:e7:cb:cf:d1:c6:55:a0:0f: d2:c9:d3:74:92:5f:43:0c:a9:ad:9b:a5:5e:4e:0d: 91:df:80:c0:c3:6c:17:d0:ef:10:af:5e:02:ad:71: 95:e0:f2:b9:fe:08:c4:24:c4:81:05:38:85:d6:21: f4:61:1c:28:ea:39:d5:05:8e:9f:1a:13:60:12:22: 44:cc:4d:64:1b:84:5e:d3:f1:7b:b0:2f:23:62:63: 9d:a1:e0:1e:c9:32:a4:5e:9a:3d:d1:45:61:32:06: 2f:30:ed:7c:fc:1b:db:6b:f0:87:fe:d5:03:d4:8c: 75:fd:11:53:b6:05:63:51:9e:b3:d2:fc:36:b5:fe: d8:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:78:6F:4F:FD:6E:E4:A4:9E:5C:BD:30:3D:2F:27:B6:F4:7F:78:C8 X509v3 Authority Key Identifier: keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:3b:ea:ab:a4:7c:c9:7d:e5:ab:a8:e9:a8:e4:03:ab:29:93: 49:d3:6e:9f:a2:34:83:8b:6d:a6:55:4e:ec:61:64:73:32:d9: 2b:2a:e9:04:0b:b6:a8:43:14:d8:03:16:21:2e:dd:7f:12:8d: 4e:4e:09:10:59:4d:4a:4b:e5:fd:d2:58:50:70:cc:d2:c3:e0: 6a:80:b0:59:f5:8b:8d:c7:5a:48:2e:94:d5:81:0d:ae:a5:58: 34:44:6f:de:9d:2b:ea:2e:97:6c:06:11:04:1b:e7:10:ed:08: 11:2b:98:99:41:f8:93:cb:f7:a4:fa:96:e4:9a:bf:fe:85:5a: 5b:81:b6:a3:b6:77:f2:37:13:4d:79:b5:62:25:c5:7a:b7:98: d9:8f:56:37:62:d5:95:9e:d6:0a:a4:ba:da:b4:09:7f:ee:97: 2b:94:65:b9:e1:32:42:89:22:11:23:52:a9:c5:06:b3:8b:b9: 1d:d4:74:27:16:b3:bd:d6:2e:47:5e:ac:73:27:cc:ba:b4:9b: 63:9e:99:01:6e:bf:9f:97:a1:3b:44:00:ab:a6:48:8f:e2:72: b5:c5:77:8e:d7:c3:db:63:be:3e:f2:d4:7b:31:c8:ae:f4:f7: 79:ac:50:45:15:34:f1:e8:e5:b5:09:78:ec:ee:5a:3f:68:4d: f4:15:03:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RPsMFFYxXgyl7zortUEEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh M2IwMWQwHhcNMjUxMjE5MTEwMDQ4WhcNMjUxMjIwMTEwMDQ4WjAzMTEwLwYDVQQD EyhmZDc4NmY0ZmZkNmVlNGE0OWU1Y2JkMzAzZDJmMjdiNmY0N2Y3OGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlGrO8DQTqnZfVKWIY//BTF6ILMn tHhzrIWf9hTc/sO5brW8rq/1yb/xugaMKB/a0l4cBgTB92iJduZgRscdibVFWd8U 3A0XKDqJrnGaOBD9wUq1uDVOkvvhapFsEJ51uoFipstaqFZRwdu420Q1FjORBusF TItMK96bbpy/58vP0cZVoA/SydN0kl9DDKmtm6VeTg2R34DAw2wX0O8Qr14CrXGV 4PK5/gjEJMSBBTiF1iH0YRwo6jnVBY6fGhNgEiJEzE1kG4Re0/F7sC8jYmOdoeAe yTKkXpo90UVhMgYvMO18/Bvba/CH/tUD1Ix1/RFTtgVjUZ6z0vw2tf7YhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP14b0/9buSknly9MD0vJ7b0f3jIMB8GA1UdIwQY MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3 LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTvqq6R8 yX3lq6jpqOQDqymTSdNun6I0g4ttplVO7GFkczLZKyrpBAu2qEMU2AMWIS7dfxKN Tk4JEFlNSkvl/dJYUHDM0sPgaoCwWfWLjcdaSC6U1YENrqVYNERv3p0r6i6XbAYR BBvnEO0IESuYmUH4k8v3pPqW5Jq//oVaW4G2o7Z38jcTTXm1YiXFereY2Y9WN2LV lZ7WCqS62rQJf+6XK5RlueEyQokiESNSqcUGs4u5HdR0JxazvdYuR16scyfMurSb Y56ZAW6/n5ehO0QAq6ZIj+JytcV3jtfD22O+PvLUezHIrvT3eaxQRRU08ejltQl4 7O5aP2hN9BUDEQ== -----END CERTIFICATE-----Generated at Fri Dec 19 16:21:24 2025 by rpki-client