This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json) Hash identifier: dM8xz2sBk/KeaOyev6/FlUTNjo8gZCndJ0BS0Zx174s= Subject key identifier: 12:A2:01:CA:AD:7C:B6:46:53:0C:DD:5F:DF:57:26:45:31:0E:BA:B7 Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Certificate serial: 019B2552749B5960C1AE96DC4CCC5B49F8E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft Manifest number: 163F Signing time: Tue 16 Dec 2025 04:01:59 +0000 Manifest this update: Tue 16 Dec 2025 04:01:59 +0000 Manifest next update: Wed 17 Dec 2025 04:01:59 +0000 Files and hashes: 1: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: YctvsH6NdA/TKkk0Rxi5QDFeakdSXDmv3J49y+wpGM0=) 2: jkQdp6EX7jHh6f31YxZYZhR0C8U.roa (hash: FmayEZ/+k7yvcImZRXEurVZdNlGpk+kZM2DFLPiqTu8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 04:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:52:74:9b:59:60:c1:ae:96:dc:4c:cc:5b:49:f8:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Validity Not Before: Dec 16 04:01:59 2025 GMT Not After : Dec 17 04:01:59 2025 GMT Subject: CN=12a201caad7cb646530cdd5fdf572645310ebab7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b0:37:a1:65:ca:f8:be:ba:c3:1a:15:2a:c7: bd:5a:9e:74:e3:bd:83:8f:9d:05:e8:03:7d:a8:b8: 06:52:61:e4:e3:72:9e:37:57:22:16:9d:95:68:5d: d3:1e:d5:6e:e0:c3:b2:3f:6f:a0:9c:2c:fb:46:58: 85:13:04:80:fc:78:12:9a:29:14:e9:12:00:0f:6b: c1:e8:5f:d9:11:45:a7:7f:aa:c3:c4:57:f3:61:c0: 27:68:aa:2b:b2:48:c0:1d:d8:a6:ec:73:e1:a2:a7: 38:b2:67:82:47:e0:f5:9e:41:65:f2:c1:e6:62:82: d5:94:8c:29:0c:0a:4a:6c:51:ef:e2:d1:23:77:1d: 5a:a3:2f:37:94:b8:f9:49:70:3f:14:4d:af:da:65: 39:e3:9c:99:c7:46:b1:b1:da:e3:44:57:84:37:38: 36:5d:88:fb:6a:27:66:39:62:65:13:b9:52:02:ae: 1f:bb:aa:0b:d0:5f:ba:35:54:df:9f:2a:37:ab:f2: 53:de:48:11:79:27:31:e4:57:3e:2c:a1:03:f7:4e: c7:3e:95:cb:74:87:c6:c2:74:2d:1c:43:43:a1:ae: ed:64:f0:1a:75:99:c0:7b:80:ca:40:77:f4:21:09: 83:ec:73:d5:8a:59:c2:d9:df:f2:2d:50:64:36:40: 7f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:A2:01:CA:AD:7C:B6:46:53:0C:DD:5F:DF:57:26:45:31:0E:BA:B7 X509v3 Authority Key Identifier: keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:98:86:db:eb:6c:5d:da:23:e0:3a:87:73:90:10:85:1b:1b: b6:f7:da:c0:93:37:20:3e:4c:5c:6a:b8:39:82:7d:06:47:b8: 4c:f0:b4:a3:61:94:d7:58:f9:91:d8:06:fc:67:89:7b:0c:ad: e5:38:04:73:e6:01:3b:da:ba:e0:9f:6b:8b:8e:18:f3:b2:28: 57:04:ff:08:e8:fd:37:8c:85:fb:9a:34:e7:4f:de:fa:2b:e3: af:c3:0a:5b:cb:b8:c0:e6:06:82:1e:43:1a:ed:76:6c:eb:03: 1e:ae:c5:3e:f5:60:34:d4:dc:82:ca:9f:c0:79:f4:5b:e1:1f: f4:5a:db:ae:ea:43:7a:fa:5f:47:9e:39:c9:b0:04:14:21:35: 2f:8d:80:0f:b4:e0:af:36:a5:d2:88:1f:2b:b3:ae:00:59:6d: e2:fb:d1:51:04:17:7f:b8:09:b8:da:66:f8:0f:f6:f2:9a:0a: 03:6d:f0:0c:56:14:83:8b:70:26:4f:50:21:b7:f2:bc:5f:0a: ea:35:c1:c2:a3:4e:71:bb:98:7e:1d:ed:b9:d5:f3:e9:b1:27: d9:a6:20:be:aa:d8:1b:0c:6b:cc:d9:30:72:3f:f9:62:e0:2c: 17:48:20:7d:ab:b7:25:95:b4:13:d1:e3:41:93:f1:21:6e:0a: 42:00:0a:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslUnSbWWDBrpbcTMxbSfjmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2 OTc5ZDAwHhcNMjUxMjE2MDQwMTU5WhcNMjUxMjE3MDQwMTU5WjAzMTEwLwYDVQQD EygxMmEyMDFjYWFkN2NiNjQ2NTMwY2RkNWZkZjU3MjY0NTMxMGViYWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbA3oWXK+L66wxoVKse9Wp50472D j50F6AN9qLgGUmHk43KeN1ciFp2VaF3THtVu4MOyP2+gnCz7RliFEwSA/HgSmikU 6RIAD2vB6F/ZEUWnf6rDxFfzYcAnaKorskjAHdim7HPhoqc4smeCR+D1nkFl8sHm YoLVlIwpDApKbFHv4tEjdx1aoy83lLj5SXA/FE2v2mU545yZx0axsdrjRFeENzg2 XYj7aidmOWJlE7lSAq4fu6oL0F+6NVTfnyo3q/JT3kgReScx5Fc+LKED907HPpXL dIfGwnQtHENDoa7tZPAadZnAe4DKQHf0IQmD7HPVilnC2d/yLVBkNkB/EwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBKiAcqtfLZGUwzdX99XJkUxDrq3MB8GA1UdIwQY MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZiG2+ts Xdoj4DqHc5AQhRsbtvfawJM3ID5MXGq4OYJ9Bke4TPC0o2GU11j5kdgG/GeJewyt 5TgEc+YBO9q64J9ri44Y87IoVwT/COj9N4yF+5o050/e+ivjr8MKW8u4wOYGgh5D Gu12bOsDHq7FPvVgNNTcgsqfwHn0W+Ef9FrbrupDevpfR545ybAEFCE1L42AD7Tg rzal0ogfK7OuAFlt4vvRUQQXf7gJuNpm+A/28poKA23wDFYUg4twJk9QIbfyvF8K 6jXBwqNOcbuYfh3tudXz6bEn2aYgvqrYGwxrzNkwcj/5YuAsF0ggfau3JZW0E9Hj QZPxIW4KQgAK0g== -----END CERTIFICATE-----Generated at Tue Dec 16 13:50:52 2025 by rpki-client