This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft File: AA0P7izVZpZcoI21UGY8sgtBI0M.mft (raw, json) Hash identifier: ttwVCfIn9vGpJgabI+dgAj+uEoGk5NnZiryjjcaN09E= Subject key identifier: 1D:D4:33:5B:E3:3C:85:7B:E5:D7:81:8F:B9:F7:BD:3A:75:4D:B0:00 Authority key identifier: 00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43 Certificate issuer: /CN=000d0fee2cd566965ca08db550663cb20b412343 Certificate serial: 019B5A52288F739C2D6A73CF41B9FA289F6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft Manifest number: 0D62 Signing time: Fri 26 Dec 2025 11:01:32 +0000 Manifest this update: Fri 26 Dec 2025 11:01:32 +0000 Manifest next update: Sat 27 Dec 2025 11:01:32 +0000 Files and hashes: 1: AA0P7izVZpZcoI21UGY8sgtBI0M.crl (hash: 9PLPpZHsWtUePPtnaywPOTI7PZje2jCTffMj8qfpCNU=) 2: c2eVtCtVjsi6i3vPHgLATuNVfoM.roa (hash: tozwRqmwgoJZSoOdc4bKHZ1xB9xQYRcf64jJhmtl4S4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.crl rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:28:8f:73:9c:2d:6a:73:cf:41:b9:fa:28:9f:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=000d0fee2cd566965ca08db550663cb20b412343 Validity Not Before: Dec 26 11:01:32 2025 GMT Not After : Dec 27 11:01:32 2025 GMT Subject: CN=1dd4335be33c857be5d7818fb9f7bd3a754db000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:4e:f4:8f:db:92:e9:e9:7e:bf:f4:0b:f2:9c: 71:75:cc:19:22:2f:1c:88:1f:8b:6f:27:f8:82:0c: 6a:8b:41:c5:0c:b1:6a:f6:81:fa:64:a4:2a:0a:93: 1a:86:30:b6:da:fd:c1:4b:a4:d4:56:e6:df:d9:6a: ab:91:68:80:fe:5e:86:8a:08:21:1f:d0:ba:ad:18: 21:19:02:3f:52:e4:fe:e9:9a:3e:71:d1:d7:2e:79: 10:10:c1:40:e4:2b:09:3b:7e:05:0b:8f:2d:11:f6: d8:fc:c1:36:11:4d:d2:77:7b:80:6a:5c:c1:27:67: df:79:46:6c:23:05:35:fe:86:44:b6:df:aa:e6:74: 05:3b:d5:cc:c6:75:07:19:32:38:00:c9:8c:2c:57: 1e:14:04:35:4f:af:89:b4:4f:ef:b6:82:a4:fe:53: cd:9b:06:a9:36:e4:f9:d1:fb:2a:94:5e:c1:37:f8: 59:d6:ab:35:0b:d6:3b:e6:67:37:ca:a3:fc:7e:e2: be:46:d4:6f:0d:7f:17:14:39:5d:6d:14:39:9c:25: 51:3c:01:40:27:8d:a1:d3:3f:bc:c1:1b:97:00:43: 62:7f:58:de:ea:b2:50:1f:d2:01:77:f1:ea:44:aa: 19:15:33:37:b9:ef:97:b8:ba:8d:49:4c:fd:fd:77: b3:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D4:33:5B:E3:3C:85:7B:E5:D7:81:8F:B9:F7:BD:3A:75:4D:B0:00 X509v3 Authority Key Identifier: keyid:00:0D:0F:EE:2C:D5:66:96:5C:A0:8D:B5:50:66:3C:B2:0B:41:23:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AA0P7izVZpZcoI21UGY8sgtBI0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/e6fe09-c22d-45b7-a599-b941ba921b3f/1/AA0P7izVZpZcoI21UGY8sgtBI0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:cd:fb:fe:e2:46:3c:d0:71:6b:96:fa:e3:44:c3:fa:d8:16: c7:33:ab:15:76:ba:c3:47:92:0f:c6:37:cc:35:f9:19:f1:0c: 9f:86:af:92:54:d6:d1:f8:d1:4b:9c:63:4e:2c:0d:d4:9f:8d: e6:80:19:31:b7:2e:0e:05:93:a6:20:98:35:10:2b:2a:8c:c5: 1e:f7:c4:0b:4f:de:c8:1e:2a:06:cb:8a:39:e5:f7:f4:91:28: 90:50:0d:a7:61:b2:d8:01:5e:d6:51:7d:69:c7:fe:7b:bb:bd: 40:45:9d:a9:49:60:b9:9b:62:10:cc:e8:6f:c7:d5:99:78:79: a3:57:69:b6:ce:de:14:12:18:a1:d8:d4:26:dd:55:41:7c:5f: 7a:e0:3c:cf:7a:9e:da:85:df:85:cd:86:e6:c7:e8:f8:78:07: 6b:71:22:03:46:6b:e5:9d:de:cf:4d:b9:90:6a:a6:13:4f:61: 5e:d5:3a:a6:29:1a:88:06:83:26:36:95:90:27:d4:18:30:d3: 48:8b:4f:77:65:a2:67:60:a2:97:6d:7a:c3:10:7b:38:38:da: 7f:ed:6b:ac:50:52:a5:a3:02:d7:b9:96:69:59:5f:40:50:ef: 34:1f:c7:01:52:9d:af:7c:e6:71:32:98:00:55:20:d1:71:fb: 92:bb:8d:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUiiPc5wtanPPQbn6KJ9tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwMGQwZmVlMmNkNTY2OTY1Y2EwOGRiNTUwNjYzY2IyMGI0 MTIzNDMwHhcNMjUxMjI2MTEwMTMyWhcNMjUxMjI3MTEwMTMyWjAzMTEwLwYDVQQD EygxZGQ0MzM1YmUzM2M4NTdiZTVkNzgxOGZiOWY3YmQzYTc1NGRiMDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo070j9uS6el+v/QL8pxxdcwZIi8c iB+Lbyf4ggxqi0HFDLFq9oH6ZKQqCpMahjC22v3BS6TUVubf2WqrkWiA/l6Giggh H9C6rRghGQI/UuT+6Zo+cdHXLnkQEMFA5CsJO34FC48tEfbY/ME2EU3Sd3uAalzB J2ffeUZsIwU1/oZEtt+q5nQFO9XMxnUHGTI4AMmMLFceFAQ1T6+JtE/vtoKk/lPN mwapNuT50fsqlF7BN/hZ1qs1C9Y75mc3yqP8fuK+RtRvDX8XFDldbRQ5nCVRPAFA J42h0z+8wRuXAENif1je6rJQH9IBd/HqRKoZFTM3ue+XuLqNSUz9/XezpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3UM1vjPIV75deBj7n3vTp1TbAAMB8GA1UdIwQY MBaAFAAND+4s1WaWXKCNtVBmPLILQSNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9lNmZlMDktYzIyZC00NWI3LWE1OTkt Yjk0MWJhOTIxYjNmLzEvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9lNmZlMDktYzIyZC00NWI3LWE1OTktYjk0MWJhOTIxYjNm LzEvQUEwUDdpelZacFpjb0kyMVVHWThzZ3RCSTBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbs37/uJG PNBxa5b640TD+tgWxzOrFXa6w0eSD8Y3zDX5GfEMn4avklTW0fjRS5xjTiwN1J+N 5oAZMbcuDgWTpiCYNRArKozFHvfEC0/eyB4qBsuKOeX39JEokFANp2Gy2AFe1lF9 acf+e7u9QEWdqUlguZtiEMzob8fVmXh5o1dpts7eFBIYodjUJt1VQXxfeuA8z3qe 2oXfhc2G5sfo+HgHa3EiA0Zr5Z3ez025kGqmE09hXtU6pikaiAaDJjaVkCfUGDDT SItPd2WiZ2Cil216wxB7ODjaf+1rrFBSpaMC17mWaVlfQFDvNB/HAVKdr3zmcTKY AFUg0XH7kruNcw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:20 2025 by rpki-client