This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft File: aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json) Hash identifier: miM5h3JYl9pkBlhMeCSA3DMMRRajafy+R6KxUM/NNmY= Subject key identifier: 47:4E:E3:5D:E9:69:69:B4:A0:40:13:C5:91:EE:DB:10:27:96:F1:63 Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49 Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249 Certificate serial: 019B269B9E5496A8BAEFD4FF81BD37A01700 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft Manifest number: 177F Signing time: Tue 16 Dec 2025 10:01:31 +0000 Manifest this update: Tue 16 Dec 2025 10:01:31 +0000 Manifest next update: Wed 17 Dec 2025 10:01:31 +0000 Files and hashes: 1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=) 2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: OH1taM/SL3C9IF20/cz+8SuEXvWNNUiusWD83FGTZfQ=) 3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:9b:9e:54:96:a8:ba:ef:d4:ff:81:bd:37:a0:17:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249 Validity Not Before: Dec 16 10:01:31 2025 GMT Not After : Dec 17 10:01:31 2025 GMT Subject: CN=474ee35de96969b4a04013c591eedb102796f163 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:66:73:d6:66:69:fe:bd:14:56:ea:9a:67:6e: a3:87:58:b6:c8:3a:15:80:f5:fc:d5:cc:50:ec:77: 80:f9:75:a8:50:71:32:d0:6b:9d:bc:9e:77:2d:97: 7b:d7:02:35:10:52:ce:16:c0:20:8f:30:5b:c7:0a: 7b:15:51:96:7b:c0:e3:36:7a:16:34:36:2a:73:dc: 3e:22:56:06:d3:86:55:ca:ac:ce:62:1c:9b:56:ae: c4:2e:6f:06:2b:58:8f:49:4e:e8:6c:64:ca:0f:27: 6e:5f:77:3e:0c:4a:41:af:bb:8d:cc:ca:04:4a:0e: 72:d9:8e:06:92:bb:75:49:54:09:73:72:e8:02:f5: 8c:42:51:3e:11:6e:99:2b:46:56:74:32:06:02:fd: 48:92:81:f5:17:3d:17:4f:77:28:e5:e7:40:4c:5c: db:7a:c6:bb:23:95:b7:68:e1:c3:83:c6:e2:38:9f: 10:6a:35:e2:2c:d3:1b:df:8f:6e:a4:ba:b9:9d:7b: b2:18:29:9b:42:ef:c9:cf:dc:00:af:f2:81:f5:32: 09:b5:4b:d7:bc:50:e5:48:41:69:23:1e:28:f1:a6: 91:0b:9e:ec:98:c8:95:03:6c:a7:bc:e4:60:ab:90: 75:fc:4b:1d:b8:2b:e4:cb:ec:47:32:71:39:bc:65: 6c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:4E:E3:5D:E9:69:69:B4:A0:40:13:C5:91:EE:DB:10:27:96:F1:63 X509v3 Authority Key Identifier: keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:74:ae:c2:d7:b7:ed:39:80:5c:68:27:92:b1:56:95:df:6f: ce:15:3f:e8:a3:c4:4b:6e:7c:99:3a:74:cd:b4:b1:25:b1:5d: f3:1f:45:df:d0:e2:c8:12:4d:0b:a5:46:ea:25:37:8e:dd:3f: 15:a2:6a:21:8f:22:be:55:64:ec:cf:a3:de:44:5f:fb:c8:e4: bf:8e:b2:93:88:6d:ae:f0:74:e6:1c:c1:a3:4c:5f:6a:eb:29: 9d:a2:b0:89:5d:5c:81:3d:26:63:86:e4:9e:26:9e:2f:f5:44: 70:a6:2c:3e:59:fb:f2:a0:65:27:ac:d8:76:44:e5:d4:90:38: 22:88:b8:62:78:33:4b:13:2f:39:86:df:f0:35:ca:6a:a9:9d: 6c:cb:52:31:b4:58:cf:35:b8:ad:24:c6:45:1a:04:13:cb:33: dc:bc:51:7d:f6:ad:92:c8:1a:26:55:02:b3:f5:79:1a:8e:fb: 44:f3:97:be:07:b5:0b:9b:ec:86:2d:2d:fb:34:bd:c8:ff:8b: ee:e5:f1:6b:78:fa:34:57:f1:12:b9:af:e8:14:8c:b7:57:7d: 9b:4d:7c:5e:3c:c2:09:dd:18:36:4c:10:1a:d0:a4:f4:40:4c: a7:9d:59:d8:b2:f4:dd:12:fa:1b:42:4c:6d:e1:06:1d:1a:c8: 99:32:d2:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmm55Ulqi679T/gb03oBcAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz MWYyNDkwHhcNMjUxMjE2MTAwMTMxWhcNMjUxMjE3MTAwMTMxWjAzMTEwLwYDVQQD Eyg0NzRlZTM1ZGU5Njk2OWI0YTA0MDEzYzU5MWVlZGIxMDI3OTZmMTYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WZz1mZp/r0UVuqaZ26jh1i2yDoV gPX81cxQ7HeA+XWoUHEy0GudvJ53LZd71wI1EFLOFsAgjzBbxwp7FVGWe8DjNnoW NDYqc9w+IlYG04ZVyqzOYhybVq7ELm8GK1iPSU7obGTKDyduX3c+DEpBr7uNzMoE Sg5y2Y4Gkrt1SVQJc3LoAvWMQlE+EW6ZK0ZWdDIGAv1IkoH1Fz0XT3co5edATFzb esa7I5W3aOHDg8biOJ8QajXiLNMb349upLq5nXuyGCmbQu/Jz9wAr/KB9TIJtUvX vFDlSEFpIx4o8aaRC57smMiVA2ynvORgq5B1/EsduCvky+xHMnE5vGVsgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEdO413paWm0oEATxZHu2xAnlvFjMB8GA1UdIwQY MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnSuwte3 7TmAXGgnkrFWld9vzhU/6KPES258mTp0zbSxJbFd8x9F39DiyBJNC6VG6iU3jt0/ FaJqIY8ivlVk7M+j3kRf+8jkv46yk4htrvB05hzBo0xfauspnaKwiV1cgT0mY4bk niaeL/VEcKYsPln78qBlJ6zYdkTl1JA4Ioi4YngzSxMvOYbf8DXKaqmdbMtSMbRY zzW4rSTGRRoEE8sz3LxRffatksgaJlUCs/V5Go77RPOXvge1C5vshi0t+zS9yP+L 7uXxa3j6NFfxErmv6BSMt1d9m018XjzCCd0YNkwQGtCk9EBMp51Z2LL03RL6G0JM beEGHRrImTLSiw== -----END CERTIFICATE-----Generated at Tue Dec 16 16:05:23 2025 by rpki-client