This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft File: aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft (raw, json) Hash identifier: GoTeRFI3gFKecqT07iQs4hWwXig9OSGBc2F48u8eS70= Subject key identifier: 0E:93:1C:85:22:0A:F1:4B:A8:96:03:78:77:67:5C:7A:15:7E:64:3E Authority key identifier: 69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41 Certificate issuer: /CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41 Certificate serial: 019B42EECB6FAFEFE4527F7427E739200E8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft Manifest number: 07C4 Signing time: Sun 21 Dec 2025 22:01:44 +0000 Manifest this update: Sun 21 Dec 2025 22:01:44 +0000 Manifest next update: Mon 22 Dec 2025 22:01:44 +0000 Files and hashes: 1: WhLENsO2y4UEzkuswA1wx41c4K4.roa (hash: qqWz2hpUFCfdOvnndjkfI9tgPQ2D7KLxkWgnxyi1reI=) 2: aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl (hash: lH1xK5JXiKohX4gBTUKmFCJppPKonBgd43Cxrh27VKk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:cb:6f:af:ef:e4:52:7f:74:27:e7:39:20:0e:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41 Validity Not Before: Dec 21 22:01:44 2025 GMT Not After : Dec 22 22:01:44 2025 GMT Subject: CN=0e931c85220af14ba896037877675c7a157e643e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:0d:ce:b7:2f:84:50:c5:c9:f3:b5:c8:a7:48: 93:ef:64:86:14:f2:45:59:1a:d9:a1:82:0f:ea:61: 61:ee:ac:0a:86:7a:4f:35:e0:78:d6:1c:38:94:e8: 6f:ed:3b:b3:c6:d3:d1:94:8d:1d:c1:a8:dc:05:6d: ee:51:a6:0a:56:ea:2c:4c:88:06:5d:d0:bf:63:82: 4b:cf:ac:e1:cd:4b:3d:31:e8:f2:f4:46:5a:50:9c: df:ca:67:6d:85:89:67:b9:d1:f3:d6:35:f0:f8:3a: a4:71:60:f3:a0:21:f9:a7:74:c4:3c:6e:6a:39:78: 3e:57:61:0e:f2:9a:3b:34:a9:88:29:cf:55:83:f6: 85:09:05:af:c1:78:cc:ae:e8:66:69:91:da:9d:8d: 73:cf:a7:43:38:5d:9d:9e:b7:75:25:e7:7a:71:b7: da:ed:05:86:61:59:e7:a4:98:cd:c5:0e:44:e3:d2: 5b:9a:e4:35:77:8c:8a:02:e7:0d:88:6c:28:1d:2c: 92:3a:47:fe:6b:e8:14:bc:c6:ff:2d:4f:77:b8:0e: de:18:e7:16:51:e9:47:32:f3:5a:4b:c2:c5:47:4e: 79:d1:7c:9b:f2:93:5d:49:e8:a4:c9:c7:c3:ca:35: 52:59:ab:b4:54:eb:b1:f5:ff:85:ed:e3:b4:a5:d3: 44:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:93:1C:85:22:0A:F1:4B:A8:96:03:78:77:67:5C:7A:15:7E:64:3E X509v3 Authority Key Identifier: keyid:69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:42:34:d6:c1:71:c0:27:9d:58:8e:f6:7d:83:82:1a:d6:97: 5a:25:98:00:85:4d:a8:ef:91:5b:f8:dd:42:b7:aa:34:6f:6b: 17:40:cf:5f:61:01:86:af:54:9e:c9:54:2a:fe:c3:b7:20:aa: 28:7c:59:43:31:51:a2:ad:f3:7c:2e:b9:e5:90:ee:7e:31:ac: 31:16:6f:61:f4:d4:e3:15:6e:fc:e2:3d:71:9b:21:19:21:86: ef:43:56:03:f3:9c:94:f3:b6:14:0f:27:bb:fb:ef:5a:91:08: f0:8c:51:03:6d:a8:14:00:cd:94:53:f4:d2:2b:a9:2c:fc:77: a6:dc:ca:85:18:61:0a:97:14:3d:da:81:59:56:2c:69:f6:a8: 6c:b0:67:d0:ea:b3:9f:a5:0e:bd:8c:80:fd:8c:ba:c5:b1:f8: 29:f5:6f:16:77:33:2e:92:34:bf:4e:74:ed:1c:c0:07:47:7d: 84:db:49:36:a8:7c:97:4c:53:9d:82:55:95:b4:db:3a:13:da: a2:9b:2f:9f:99:d7:64:ac:ce:ca:54:a0:e4:91:7d:e0:2a:1c: 63:c2:f6:8b:dc:31:f1:0b:28:66:7f:8d:65:7b:71:ac:e4:72: 0f:2b:17:c5:f3:2d:b6:38:cd:6b:90:60:81:59:00:a1:0e:1f: ba:3c:f9:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7stvr+/kUn90J+c5IA6KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ODI5YjQ0OGFkOGY5NjNhMGVjZmY4YjIyMTZjYTljZTlj ZTZmNDEwHhcNMjUxMjIxMjIwMTQ0WhcNMjUxMjIyMjIwMTQ0WjAzMTEwLwYDVQQD EygwZTkzMWM4NTIyMGFmMTRiYTg5NjAzNzg3NzY3NWM3YTE1N2U2NDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig3Oty+EUMXJ87XIp0iT72SGFPJF WRrZoYIP6mFh7qwKhnpPNeB41hw4lOhv7TuzxtPRlI0dwajcBW3uUaYKVuosTIgG XdC/Y4JLz6zhzUs9Mejy9EZaUJzfymdthYlnudHz1jXw+DqkcWDzoCH5p3TEPG5q OXg+V2EO8po7NKmIKc9Vg/aFCQWvwXjMruhmaZHanY1zz6dDOF2dnrd1Jed6cbfa 7QWGYVnnpJjNxQ5E49JbmuQ1d4yKAucNiGwoHSySOkf+a+gUvMb/LU93uA7eGOcW UelHMvNaS8LFR0550Xyb8pNdSeikycfDyjVSWau0VOux9f+F7eO0pdNEVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6THIUiCvFLqJYDeHdnXHoVfmQ+MB8GA1UdIwQY MBaAFGmCm0SK2PljoOz/iyIWypzpzm9BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMt ZTc2YjU0NDY2NjU0LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMtZTc2YjU0NDY2NjU0 LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn0I01sFx wCedWI72fYOCGtaXWiWYAIVNqO+RW/jdQreqNG9rF0DPX2EBhq9UnslUKv7DtyCq KHxZQzFRoq3zfC655ZDufjGsMRZvYfTU4xVu/OI9cZshGSGG70NWA/OclPO2FA8n u/vvWpEI8IxRA22oFADNlFP00iupLPx3ptzKhRhhCpcUPdqBWVYsafaobLBn0Oqz n6UOvYyA/Yy6xbH4KfVvFnczLpI0v0507RzAB0d9hNtJNqh8l0xTnYJVlbTbOhPa opsvn5nXZKzOylSg5JF94CocY8L2i9wx8QsoZn+NZXtxrORyDysXxfMttjjNa5Bg gVkAoQ4fujz5Gw== -----END CERTIFICATE-----Generated at Mon Dec 22 02:21:21 2025 by rpki-client