This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft File: aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json) Hash identifier: YPL8jHr/bLHLw30kx2PuwvXXXY6tOQFRMytr4oJfSuE= Subject key identifier: 74:40:FC:65:98:A5:E1:56:B9:E8:CD:D2:F2:B3:C7:2A:58:19:13:FB Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28 Certificate issuer: /CN=694d3295bace92fbc5407965c65cb65969bad028 Certificate serial: 019B59AD384461D7FDEB1F41ED11332EC985 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft Manifest number: 0295 Signing time: Fri 26 Dec 2025 08:01:22 +0000 Manifest this update: Fri 26 Dec 2025 08:01:22 +0000 Manifest next update: Sat 27 Dec 2025 08:01:22 +0000 Files and hashes: 1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: RP+zxHBlpisI57gMH7S5wK1StEvIMFj4LAMcn/dLJ3s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ad:38:44:61:d7:fd:eb:1f:41:ed:11:33:2e:c9:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028 Validity Not Before: Dec 26 08:01:22 2025 GMT Not After : Dec 27 08:01:22 2025 GMT Subject: CN=7440fc6598a5e156b9e8cdd2f2b3c72a581913fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ad:07:d6:90:16:e6:6a:50:fe:2e:6c:62:e5: 1f:22:dc:66:cd:1d:20:47:cd:e5:1a:a9:e3:be:35: e1:04:30:dd:b5:f1:cb:4d:dc:c1:3f:87:73:dd:ac: a2:ac:b0:94:43:da:1c:a7:d0:7f:08:f1:6a:c8:92: 9c:ea:52:7a:38:7b:ad:9b:fd:d2:0f:83:6b:02:40: d0:e7:6b:77:bb:45:ae:c5:dd:25:16:2a:4d:b0:56: 48:dc:5b:1f:d0:38:2c:cf:36:c4:72:c4:06:3d:01: 4b:6d:f3:e8:41:8f:a8:38:57:bc:2b:76:5c:83:ac: 33:ed:e6:4e:e6:28:a6:65:5e:d9:a3:c5:14:ad:44: 54:8b:a7:41:62:1d:95:95:f2:f9:3a:61:35:67:8d: 28:ad:2b:2a:11:18:3d:1a:fb:c9:2a:8c:7e:e7:60: f4:ae:60:37:98:a6:91:33:67:57:24:ee:6b:da:02: d4:8a:ef:a6:79:1f:94:bf:92:9a:48:bc:6e:b0:bf: f5:5b:f9:76:c1:c2:42:b5:02:68:29:3a:0b:ff:4b: f5:6c:a4:d3:f6:95:bf:4a:ab:26:6b:09:13:ac:d3: 56:d2:77:a7:9f:13:39:3c:5c:a7:99:a8:b7:36:61: 41:1c:5f:23:ca:11:e9:83:7f:e5:00:d1:3b:ec:8f: 67:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:40:FC:65:98:A5:E1:56:B9:E8:CD:D2:F2:B3:C7:2A:58:19:13:FB X509v3 Authority Key Identifier: keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:56:8b:58:78:20:29:b5:cd:5c:34:64:bb:cf:98:7f:78:94: dc:ee:d2:a0:b0:39:5c:2d:47:09:cd:2c:35:f8:1b:f4:f3:a1: 33:4e:ce:88:e1:3b:87:7e:66:19:ba:a9:31:73:7c:6a:d4:27: 0d:63:5d:5f:37:0c:09:56:ed:a8:30:46:ff:b0:a0:5c:d2:1f: 46:29:2c:81:44:b1:02:d3:dd:9e:23:6d:56:68:7e:2c:34:c5: 7e:de:48:88:ea:a5:8e:52:25:e7:23:fb:56:19:ad:5a:14:08: 09:c0:c4:7b:ce:a7:aa:2a:1d:c3:8d:d6:3a:b1:a2:ce:ab:7e: 8e:fd:ee:29:4b:c9:64:0f:ce:61:67:27:d3:a1:13:8d:9f:c5: 46:82:81:3d:29:ba:f1:55:f7:2c:cb:b9:7f:ac:e2:55:29:6f: 1d:b7:e6:32:b0:2f:2e:15:9b:f7:40:14:e0:02:53:80:d3:cf: c7:ea:a7:e5:de:b3:29:02:d5:c6:c7:0f:26:94:3b:63:d6:b2: 1f:ad:8f:a6:43:02:21:2c:72:5f:1c:1b:12:ca:bf:1c:46:01: d1:ca:92:bb:0a:45:4b:aa:3f:d8:27:9e:10:36:76:63:a6:e2: 3b:07:03:ea:86:54:3e:93:64:6e:46:82:0c:d0:2e:4d:28:0b: 8a:84:66:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrThEYdf96x9B7REzLsmFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli YWQwMjgwHhcNMjUxMjI2MDgwMTIyWhcNMjUxMjI3MDgwMTIyWjAzMTEwLwYDVQQD Eyg3NDQwZmM2NTk4YTVlMTU2YjllOGNkZDJmMmIzYzcyYTU4MTkxM2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK0H1pAW5mpQ/i5sYuUfItxmzR0g R83lGqnjvjXhBDDdtfHLTdzBP4dz3ayirLCUQ9ocp9B/CPFqyJKc6lJ6OHutm/3S D4NrAkDQ52t3u0Wuxd0lFipNsFZI3Fsf0DgszzbEcsQGPQFLbfPoQY+oOFe8K3Zc g6wz7eZO5iimZV7Zo8UUrURUi6dBYh2VlfL5OmE1Z40orSsqERg9GvvJKox+52D0 rmA3mKaRM2dXJO5r2gLUiu+meR+Uv5KaSLxusL/1W/l2wcJCtQJoKToL/0v1bKTT 9pW/SqsmawkTrNNW0nennxM5PFynmai3NmFBHF8jyhHpg3/lANE77I9nFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHRA/GWYpeFWuejN0vKzxypYGRP7MB8GA1UdIwQY MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4 LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVaLWHgg KbXNXDRku8+Yf3iU3O7SoLA5XC1HCc0sNfgb9POhM07OiOE7h35mGbqpMXN8atQn DWNdXzcMCVbtqDBG/7CgXNIfRiksgUSxAtPdniNtVmh+LDTFft5IiOqljlIl5yP7 VhmtWhQICcDEe86nqiodw43WOrGizqt+jv3uKUvJZA/OYWcn06ETjZ/FRoKBPSm6 8VX3LMu5f6ziVSlvHbfmMrAvLhWb90AU4AJTgNPPx+qn5d6zKQLVxscPJpQ7Y9ay H62PpkMCISxyXxwbEsq/HEYB0cqSuwpFS6o/2CeeEDZ2Y6biOwcD6oZUPpNkbkaC DNAuTSgLioRmfQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:30 2025 by rpki-client