This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json) Hash identifier: 9EdwYigYQiDLfRjM4MjRumA/v0MZySs9AYD4I4rv23o= Subject key identifier: B1:50:53:43:D8:8D:B7:48:F5:6F:7A:DE:CA:9A:7A:62:3C:81:42:1C Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93 Certificate serial: 019B36EA2C0436A44138D4452E6DE68C83C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft Manifest number: 1791 Signing time: Fri 19 Dec 2025 14:01:14 +0000 Manifest this update: Fri 19 Dec 2025 14:01:14 +0000 Manifest next update: Sat 20 Dec 2025 14:01:14 +0000 Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=) 2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: zAX0qG92671k7deozwgEhjStdcvzqpHVz0V1fQ8ZY1Q=) 3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 14:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:ea:2c:04:36:a4:41:38:d4:45:2e:6d:e6:8c:83:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93 Validity Not Before: Dec 19 14:01:14 2025 GMT Not After : Dec 20 14:01:14 2025 GMT Subject: CN=b1505343d88db748f56f7adeca9a7a623c81421c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fe:b5:c0:30:42:d7:e3:eb:9d:a2:d0:26:92: 08:c0:50:49:ca:52:47:25:25:11:2f:1e:09:2a:22: 23:72:97:02:36:2f:26:90:51:13:53:2d:b2:8e:b9: a8:cd:ab:6c:81:ef:19:2c:9b:de:5d:f0:c0:5d:f6: 91:92:06:63:02:6c:f0:71:73:4c:99:a3:01:c5:19: 7d:cf:94:91:a7:b6:9a:f9:c8:1a:01:0f:71:bc:68: f8:ee:c1:da:a5:7d:28:26:68:4b:ce:b5:73:29:61: 97:49:f8:76:9c:36:b6:ea:aa:b2:47:46:b0:de:db: 15:7b:af:ce:c5:02:7e:79:aa:26:b3:4a:8d:64:85: ca:d4:34:03:46:f9:79:24:b3:8b:bf:47:32:13:59: 48:f8:ea:d4:9d:d0:c5:66:e2:61:77:e1:56:c5:a7: dd:b1:40:b1:00:d2:1f:08:c6:87:e6:29:29:71:37: 48:22:8c:d3:61:5a:3f:6d:fd:26:d6:34:08:f9:12: 15:6b:2b:e7:b3:c3:bd:23:9c:0d:21:02:c3:43:da: 14:96:e5:91:17:ba:6b:6f:5f:f9:26:e1:b9:c5:27: 9f:46:64:5b:d3:78:ca:dc:85:96:75:e8:d3:d1:0f: 2c:9f:04:12:c5:eb:bf:c8:8c:f6:85:d3:4d:e2:f8: 4c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:50:53:43:D8:8D:B7:48:F5:6F:7A:DE:CA:9A:7A:62:3C:81:42:1C X509v3 Authority Key Identifier: keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:0f:cd:84:8e:d8:22:06:98:9e:6c:57:26:52:23:0d:93:36: 0a:1f:27:06:75:61:4b:a2:24:f6:e9:0b:c2:64:60:4c:34:76: 1d:cb:ef:46:d3:bd:ee:9a:64:c6:bd:89:24:b1:d8:3b:3b:e5: c4:a5:c0:8a:a3:f2:42:24:1d:45:dc:19:ca:2d:6d:65:3b:03: c8:e5:9a:6a:b1:e9:73:6c:2b:fc:8e:27:6f:bc:30:54:90:10: 52:76:49:38:7d:dd:91:30:81:d5:2c:07:fe:78:01:ff:37:52: 30:b5:27:5f:f0:61:a8:7b:76:7b:cb:e6:01:4d:8a:64:ff:38: 8f:7f:a5:b5:55:c2:45:64:19:66:d8:18:5c:7c:c2:60:21:d3: 24:f4:b0:bd:a7:66:36:66:de:76:b4:4f:b4:2b:94:36:46:a4: 2c:20:01:80:35:a0:27:2c:7c:57:2a:12:b2:41:a0:c0:76:ff: 59:bb:62:3f:ae:e8:17:06:a5:72:68:aa:7d:fe:69:a4:d5:77: 13:23:0b:a0:86:e1:f0:d0:1e:c2:bd:05:8b:8f:ab:90:04:0d: 0b:f6:b9:1e:56:47:67:fd:ee:a3:9e:71:cb:8e:d7:02:3d:83: d3:56:6c:af:42:04:c8:79:9f:20:6e:f4:ce:bf:27:47:33:a0: 01:3d:3b:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs26iwENqRBONRFLm3mjIPHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz NTNlOTMwHhcNMjUxMjE5MTQwMTE0WhcNMjUxMjIwMTQwMTE0WjAzMTEwLwYDVQQD EyhiMTUwNTM0M2Q4OGRiNzQ4ZjU2ZjdhZGVjYTlhN2E2MjNjODE0MjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP61wDBC1+PrnaLQJpIIwFBJylJH JSURLx4JKiIjcpcCNi8mkFETUy2yjrmozatsge8ZLJveXfDAXfaRkgZjAmzwcXNM maMBxRl9z5SRp7aa+cgaAQ9xvGj47sHapX0oJmhLzrVzKWGXSfh2nDa26qqyR0aw 3tsVe6/OxQJ+eaoms0qNZIXK1DQDRvl5JLOLv0cyE1lI+OrUndDFZuJhd+FWxafd sUCxANIfCMaH5ikpcTdIIozTYVo/bf0m1jQI+RIVayvns8O9I5wNIQLDQ9oUluWR F7prb1/5JuG5xSefRmRb03jK3IWWdejT0Q8snwQSxeu/yIz2hdNN4vhMkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLFQU0PYjbdI9W963sqaemI8gUIcMB8GA1UdIwQY MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4 LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqw/NhI7Y IgaYnmxXJlIjDZM2Ch8nBnVhS6Ik9ukLwmRgTDR2HcvvRtO97ppkxr2JJLHYOzvl xKXAiqPyQiQdRdwZyi1tZTsDyOWaarHpc2wr/I4nb7wwVJAQUnZJOH3dkTCB1SwH /ngB/zdSMLUnX/BhqHt2e8vmAU2KZP84j3+ltVXCRWQZZtgYXHzCYCHTJPSwvadm NmbedrRPtCuUNkakLCABgDWgJyx8VyoSskGgwHb/WbtiP67oFwalcmiqff5ppNV3 EyMLoIbh8NAewr0Fi4+rkAQNC/a5HlZHZ/3uo55xy47XAj2D01Zsr0IEyHmfIG70 zr8nRzOgAT07bA== -----END CERTIFICATE-----Generated at Fri Dec 19 22:57:49 2025 by rpki-client