This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft File: aIEP_k-SA6EAZ31lGTtEJniaz1w.mft (raw, json) Hash identifier: utifbNnaCuU70szhd50f37YTjYhaYdFjMzcGQzRf3iM= Subject key identifier: 33:1C:7E:08:AF:1F:12:77:1B:F6:AF:41:A2:97:4E:E9:0C:1E:F0:EE Authority key identifier: 68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C Certificate issuer: /CN=68810ffe4f9203a100677d65193b4426789acf5c Certificate serial: 019B3AC65541125D9C35CD278DB07758939E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft Manifest number: 0B98 Signing time: Sat 20 Dec 2025 08:00:35 +0000 Manifest this update: Sat 20 Dec 2025 08:00:35 +0000 Manifest next update: Sun 21 Dec 2025 08:00:35 +0000 Files and hashes: 1: aIEP_k-SA6EAZ31lGTtEJniaz1w.crl (hash: lEsdeI3GdAEq/hP73QLmp3pSRI10j3BSmbqvuWgrcsY=) 2: vq_lB1n1a8tSkpEaBYJenT9A5i0.roa (hash: TQs2bRUGUy5hOg6esXq8436QciZ59nHTgLwMPf5bhwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 08:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:55:41:12:5d:9c:35:cd:27:8d:b0:77:58:93:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68810ffe4f9203a100677d65193b4426789acf5c Validity Not Before: Dec 20 08:00:35 2025 GMT Not After : Dec 21 08:00:35 2025 GMT Subject: CN=331c7e08af1f12771bf6af41a2974ee90c1ef0ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a0:ef:a5:f9:14:a7:7b:97:5e:8f:dc:42:4d: 40:e8:32:77:2e:42:f2:00:7b:b9:d5:f3:63:8d:54: 1d:48:6c:0b:14:87:27:84:c0:11:12:d5:db:6e:c5: 0a:c1:9c:9f:30:07:da:bd:d3:0f:06:08:f4:b1:f9: 9f:46:e6:15:50:ea:f5:48:81:11:2a:03:e5:50:f1: 34:36:89:f1:58:37:a5:55:0e:d9:cd:06:7e:f2:77: e5:e3:47:10:93:7d:8c:6e:e6:a4:06:67:a3:ac:44: 8a:e1:34:fc:b9:d4:04:44:2b:0f:b7:3d:a5:af:9a: fa:59:6d:bd:bd:8c:55:60:8a:40:b4:b7:70:8e:df: fe:5f:26:ca:a5:89:4e:5f:d9:ad:7e:30:11:e8:f7: e0:87:9a:2b:0e:1d:3b:60:bb:4d:f5:fc:14:ae:4c: e0:3f:0f:9f:16:b0:a8:40:12:28:88:e8:c3:2a:9a: 32:46:f2:4f:56:78:75:cc:da:8e:9e:70:24:70:b7: eb:d6:c6:2d:8d:18:14:42:98:4c:40:ba:fe:96:da: e6:c8:76:d6:41:c2:9d:4a:4a:70:e5:5a:1e:67:6e: b1:97:39:17:ec:5c:b5:00:20:41:97:6b:8b:fe:5f: d1:17:1e:f3:21:40:a0:56:cc:48:97:4d:6b:6d:4d: f1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:1C:7E:08:AF:1F:12:77:1B:F6:AF:41:A2:97:4E:E9:0C:1E:F0:EE X509v3 Authority Key Identifier: keyid:68:81:0F:FE:4F:92:03:A1:00:67:7D:65:19:3B:44:26:78:9A:CF:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIEP_k-SA6EAZ31lGTtEJniaz1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/141203-813f-4712-9bd7-bdf431eb94f0/1/aIEP_k-SA6EAZ31lGTtEJniaz1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:94:45:e9:73:e8:74:24:13:94:1f:cb:fc:35:fe:93:2c:9f: f8:b5:49:1d:4e:de:74:50:89:1f:c8:27:c4:31:5c:87:22:02: 17:6f:68:e3:31:fb:f3:a1:4b:d6:0d:ad:5f:22:bf:78:44:ec: f2:eb:52:a2:f4:46:82:6f:dd:b2:b7:62:56:58:bb:ec:c4:ce: 5c:29:e8:a5:10:f1:29:c7:ed:cf:05:f7:33:73:69:22:2a:df: f1:77:72:f0:61:08:4e:17:68:45:43:b9:88:bb:96:08:eb:c1: d3:c4:41:36:e0:62:3e:e8:7d:68:f0:20:48:2b:03:aa:f3:28: 51:70:1f:86:41:52:0b:b9:f8:47:2c:ab:bb:bc:ae:cb:7f:35: 0c:0a:ca:1a:ce:85:87:d3:a6:a2:7b:6f:08:92:a1:68:f4:3a: fc:ea:4a:1b:6a:8d:a7:4f:db:60:67:d6:16:30:d4:73:90:de: bd:50:a1:98:3b:17:3e:c8:e5:78:3c:c5:94:5c:f6:e5:c2:07: ea:ee:81:4f:b2:f6:4d:0a:52:a4:59:87:3d:0c:33:00:62:2c: 0b:ac:bd:40:8e:93:bc:78:5f:10:c7:7b:96:45:bd:c4:99:83: cc:39:b1:f7:bd:14:d8:69:e2:b9:2e:5d:6d:86:5e:72:2f:0f: 6d:ba:a0:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xlVBEl2cNc0njbB3WJOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ODEwZmZlNGY5MjAzYTEwMDY3N2Q2NTE5M2I0NDI2Nzg5 YWNmNWMwHhcNMjUxMjIwMDgwMDM1WhcNMjUxMjIxMDgwMDM1WjAzMTEwLwYDVQQD EygzMzFjN2UwOGFmMWYxMjc3MWJmNmFmNDFhMjk3NGVlOTBjMWVmMGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKDvpfkUp3uXXo/cQk1A6DJ3LkLy AHu51fNjjVQdSGwLFIcnhMAREtXbbsUKwZyfMAfavdMPBgj0sfmfRuYVUOr1SIER KgPlUPE0NonxWDelVQ7ZzQZ+8nfl40cQk32MbuakBmejrESK4TT8udQERCsPtz2l r5r6WW29vYxVYIpAtLdwjt/+XybKpYlOX9mtfjAR6Pfgh5orDh07YLtN9fwUrkzg Pw+fFrCoQBIoiOjDKpoyRvJPVnh1zNqOnnAkcLfr1sYtjRgUQphMQLr+ltrmyHbW QcKdSkpw5VoeZ26xlzkX7Fy1ACBBl2uL/l/RFx7zIUCgVsxIl01rbU3xgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDMcfgivHxJ3G/avQaKXTukMHvDuMB8GA1UdIwQY MBaAFGiBD/5PkgOhAGd9ZRk7RCZ4ms9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDct YmRmNDMxZWI5NGYwLzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8xNDEyMDMtODEzZi00NzEyLTliZDctYmRmNDMxZWI5NGYw LzEvYUlFUF9rLVNBNkVBWjMxbEdUdEVKbmlhejF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpRF6XPo dCQTlB/L/DX+kyyf+LVJHU7edFCJH8gnxDFchyICF29o4zH786FL1g2tXyK/eETs 8utSovRGgm/dsrdiVli77MTOXCnopRDxKcftzwX3M3NpIirf8Xdy8GEIThdoRUO5 iLuWCOvB08RBNuBiPuh9aPAgSCsDqvMoUXAfhkFSC7n4Ryyru7yuy381DArKGs6F h9OmontvCJKhaPQ6/OpKG2qNp0/bYGfWFjDUc5DevVChmDsXPsjleDzFlFz25cIH 6u6BT7L2TQpSpFmHPQwzAGIsC6y9QI6TvHhfEMd7lkW9xJmDzDmx970U2GniuS5d bYZeci8Pbbqg9g== -----END CERTIFICATE-----Generated at Sat Dec 20 13:58:43 2025 by rpki-client