This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft File: aPgE6F8ICkuVFSbfi3IwEAe37es.mft (raw, json) Hash identifier: kYikjPUN1kmaDlsEZ7aGPXBmAlIGEDRsLtCdmOm83Vs= Subject key identifier: 0D:51:6E:3D:0E:BB:95:78:04:9B:87:4C:41:FB:2E:CA:60:E7:9D:C9 Authority key identifier: 68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB Certificate issuer: /CN=68f804e85f080a4b951526df8b72301007b7edeb Certificate serial: 019B593EE2038F7CDDEA4722BCBFA0B44936 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft Manifest number: 4A Signing time: Fri 26 Dec 2025 06:00:51 +0000 Manifest this update: Fri 26 Dec 2025 06:00:51 +0000 Manifest next update: Sat 27 Dec 2025 06:00:51 +0000 Files and hashes: 1: aPgE6F8ICkuVFSbfi3IwEAe37es.crl (hash: 1j6BBYNq0i3UBo2ASTL5GZi6xPb9c/nBSy40+8dVHiA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:3e:e2:03:8f:7c:dd:ea:47:22:bc:bf:a0:b4:49:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f804e85f080a4b951526df8b72301007b7edeb Validity Not Before: Dec 26 06:00:51 2025 GMT Not After : Dec 27 06:00:51 2025 GMT Subject: CN=0d516e3d0ebb9578049b874c41fb2eca60e79dc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cf:8e:76:27:88:e0:ae:ef:73:0b:d7:54:de: a3:72:64:ed:6a:a3:90:c9:0f:0f:63:cb:37:41:91: a1:e8:b6:f7:7c:33:6f:a7:f5:b3:36:47:9f:dd:3d: 78:59:70:d7:82:b1:dc:70:57:81:ee:fb:99:a5:58: ab:7b:ce:30:53:47:1f:4d:cb:3a:9b:5f:f0:8a:4e: 87:6a:71:6c:46:d0:78:93:7e:d4:b0:56:c4:cc:2f: 2d:49:aa:d1:07:18:c7:7f:17:bb:5c:cf:3b:3a:ed: 5a:e4:46:7f:6c:42:2a:10:c8:44:4d:df:2c:98:59: 77:93:fa:2a:88:fe:e2:9b:0e:05:06:3e:2b:69:d6: b9:21:d7:fc:01:8a:94:fb:ca:81:a3:b8:9b:a0:c6: 52:8c:68:0e:11:5a:ff:35:a3:75:9d:b0:84:2e:0c: 8a:4f:a0:39:6a:f6:f1:f1:bc:70:0a:57:bf:f7:60: f5:60:15:3d:55:cf:5e:12:13:06:65:e9:78:be:5b: c0:7e:4d:21:45:ef:fc:d1:7d:f5:57:e6:b0:5d:9b: 3e:09:3d:6a:ee:05:20:25:fd:ce:48:b2:6e:d2:ec: 38:5d:f1:61:05:20:94:18:63:48:31:01:03:e1:8b: d7:42:d2:7a:76:5a:dc:cd:7a:33:b7:31:85:46:90: cb:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:51:6E:3D:0E:BB:95:78:04:9B:87:4C:41:FB:2E:CA:60:E7:9D:C9 X509v3 Authority Key Identifier: keyid:68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:ab:25:4c:dc:6f:84:f5:df:e2:7e:52:be:ee:8a:b5:4f:81: 4e:fa:85:7e:0c:57:9e:e9:bf:93:6a:bf:c8:2d:77:e9:80:97: 87:dd:1a:bb:fe:e9:09:c4:7f:04:2f:5e:68:4d:9d:0e:a8:26: ee:82:0b:51:45:93:ef:d0:93:30:9e:09:cc:4c:4f:19:6c:7d: b7:72:d3:d2:f8:29:91:e1:10:f3:b4:36:10:88:c0:c5:e7:71: 6e:40:83:d0:b4:59:a2:ad:54:fd:16:9f:1b:08:05:05:06:72: da:2f:33:a5:dc:40:e2:dc:76:e3:3d:98:92:70:49:6c:33:72: 1c:ec:7b:0c:c1:5d:74:3b:78:bf:22:a2:75:d6:9d:56:90:44: 6f:28:e9:53:7e:54:d7:7c:f6:40:fb:8e:64:a9:7d:58:30:c0: 95:d7:bb:52:ce:ce:89:e7:6c:cd:ab:bb:e7:e9:c7:eb:8c:10: f9:00:8a:34:bb:86:ae:7b:92:91:89:08:d1:8b:f4:64:5f:62: 6a:fb:2f:56:64:ad:f2:34:6d:9c:a0:84:c1:1b:d3:e6:9f:ea: 2b:9c:82:ce:63:d3:23:69:f3:e7:74:9a:e3:56:c1:50:64:c1: 96:41:a1:24:e4:98:2a:99:23:6e:f0:c0:c0:cc:26:41:dc:dd: cd:68:c3:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZPuIDj3zd6kcivL+gtEk2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjgwNGU4NWYwODBhNGI5NTE1MjZkZjhiNzIzMDEwMDdi N2VkZWIwHhcNMjUxMjI2MDYwMDUxWhcNMjUxMjI3MDYwMDUxWjAzMTEwLwYDVQQD EygwZDUxNmUzZDBlYmI5NTc4MDQ5Yjg3NGM0MWZiMmVjYTYwZTc5ZGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0s+OdieI4K7vcwvXVN6jcmTtaqOQ yQ8PY8s3QZGh6Lb3fDNvp/WzNkef3T14WXDXgrHccFeB7vuZpVire84wU0cfTcs6 m1/wik6HanFsRtB4k37UsFbEzC8tSarRBxjHfxe7XM87Ou1a5EZ/bEIqEMhETd8s mFl3k/oqiP7imw4FBj4rada5Idf8AYqU+8qBo7iboMZSjGgOEVr/NaN1nbCELgyK T6A5avbx8bxwCle/92D1YBU9Vc9eEhMGZel4vlvAfk0hRe/80X31V+awXZs+CT1q 7gUgJf3OSLJu0uw4XfFhBSCUGGNIMQED4YvXQtJ6dlrczXoztzGFRpDLaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1Rbj0Ou5V4BJuHTEH7Lspg553JMB8GA1UdIwQY MBaAFGj4BOhfCApLlRUm34tyMBAHt+3rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUt ODlhZjFmMjYyOGU2LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUtODlhZjFmMjYyOGU2 LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkaslTNxv hPXf4n5Svu6KtU+BTvqFfgxXnum/k2q/yC136YCXh90au/7pCcR/BC9eaE2dDqgm 7oILUUWT79CTMJ4JzExPGWx9t3LT0vgpkeEQ87Q2EIjAxedxbkCD0LRZoq1U/Raf GwgFBQZy2i8zpdxA4tx24z2YknBJbDNyHOx7DMFddDt4vyKiddadVpBEbyjpU35U 13z2QPuOZKl9WDDAlde7Us7Oiedszau75+nH64wQ+QCKNLuGrnuSkYkI0Yv0ZF9i avsvVmSt8jRtnKCEwRvT5p/qK5yCzmPTI2nz53Sa41bBUGTBlkGhJOSYKpkjbvDA wMwmQdzdzWjD4g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:22 2025 by rpki-client