This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json) Hash identifier: BHLj3b4Vu6coI0IrNx9JvlbWjezETK/NnnH972D/fgc= Subject key identifier: 33:4D:22:D2:90:89:F8:A1:8E:EF:F8:25:31:1E:35:D7:17:27:B3:3F Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06 Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06 Certificate serial: 019B5C76EB5EC6110FB305368FDAC4BF1744 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft Manifest number: 14B3 Signing time: Fri 26 Dec 2025 21:00:55 +0000 Manifest this update: Fri 26 Dec 2025 21:00:55 +0000 Manifest next update: Sat 27 Dec 2025 21:00:55 +0000 Files and hashes: 1: CcO4X5owbp8OTsQUAi4Se0U0bGo.roa (hash: Rjhil4a1bZ7IivISF1+emC+myyX4/SSXPPEDg9r6bJ4=) 2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: y+5cAx3l5NmHqAy4tRl4PvjgtLnbZxOrr3ozv87VfDU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:76:eb:5e:c6:11:0f:b3:05:36:8f:da:c4:bf:17:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06 Validity Not Before: Dec 26 21:00:55 2025 GMT Not After : Dec 27 21:00:55 2025 GMT Subject: CN=334d22d29089f8a18eeff825311e35d71727b33f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:73:d5:4a:15:95:fd:1e:e4:9d:07:44:b0:c8: 37:7d:76:a5:85:04:5c:f0:5c:9b:8c:f6:11:a8:c8: 96:ea:89:b5:ca:cb:37:e6:c7:ca:64:78:62:ec:dd: c1:01:68:fa:ee:c2:b6:4b:4e:8c:18:39:f2:0b:d6: 7d:c9:f4:b3:ed:15:dc:59:99:75:80:ee:fe:e6:29: ec:c1:c9:86:35:c1:a5:a4:68:67:42:46:f2:ba:24: 9f:25:d7:ef:b5:29:b5:ee:5b:63:77:cc:31:ed:f3: 4b:c9:8e:36:a3:c2:0d:af:ba:fc:94:91:39:9a:92: 20:0e:77:8d:cc:db:92:17:59:3b:e7:d5:d3:15:8b: 3c:60:38:06:0b:7d:f6:5c:07:46:49:f3:cc:7a:c4: d3:29:bd:02:70:aa:5e:b0:26:b2:1c:65:30:4c:43: b2:ba:55:57:bd:8e:9a:9a:e8:14:f6:fd:ef:b7:7d: fe:da:23:28:81:04:37:b0:ef:b4:5c:36:47:2f:7c: 60:38:40:d4:f6:f9:ad:b4:e0:b1:fa:88:76:cd:45: b8:d1:0b:10:c8:f0:4a:d5:fd:e1:ef:58:40:59:2d: 11:f4:b0:b1:05:11:87:37:e2:22:53:65:7b:43:a7: 09:5c:54:ec:3e:d1:f4:d8:fd:0d:d0:38:82:94:4d: 4c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:4D:22:D2:90:89:F8:A1:8E:EF:F8:25:31:1E:35:D7:17:27:B3:3F X509v3 Authority Key Identifier: keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:5b:df:2d:13:76:a2:e5:fb:9b:1f:7b:0e:0e:45:a5:e8:10: 99:f8:8c:5d:25:4a:fe:d5:5d:69:7d:98:f1:4c:be:a3:f9:07: f4:56:d3:46:89:d7:b6:d7:46:28:fc:33:9e:8c:5d:b3:92:45: 1f:81:87:36:1d:70:e4:c9:10:a8:87:7d:ea:75:4d:b4:da:58: 53:08:28:bf:9a:37:72:57:66:89:ec:1c:bb:5d:90:9f:d5:a7: fe:35:73:d1:2f:3d:0a:f9:5a:77:f9:5e:94:e5:b1:3c:1c:c3: 50:15:46:8f:a2:bd:be:67:de:6c:b5:23:c4:2f:eb:1e:69:58: 85:47:56:12:94:81:26:76:2e:a4:a7:d4:d7:24:a3:22:91:33: b7:0c:dc:95:e1:d5:72:fb:c9:c5:b3:55:92:39:e1:62:d6:a6: d6:bb:cf:f3:77:f3:ee:07:e6:bc:a6:15:1c:4e:74:9d:7f:59: ad:b0:19:63:63:14:07:86:b8:0b:ca:b4:28:c2:6e:6c:15:c8: fe:7c:b2:68:6b:23:c8:57:52:2c:bf:ae:33:79:d9:91:9b:4e: 71:40:6e:3a:01:a9:4c:0f:c2:0a:bb:fe:ac:a6:a0:64:74:d0: 87:b0:a7:53:be:76:50:5c:b6:b7:8b:a7:01:aa:2a:06:3e:d4: 6a:b6:ee:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcdutexhEPswU2j9rEvxdEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3 OTdjMDYwHhcNMjUxMjI2MjEwMDU1WhcNMjUxMjI3MjEwMDU1WjAzMTEwLwYDVQQD EygzMzRkMjJkMjkwODlmOGExOGVlZmY4MjUzMTFlMzVkNzE3MjdiMzNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHPVShWV/R7knQdEsMg3fXalhQRc 8FybjPYRqMiW6om1yss35sfKZHhi7N3BAWj67sK2S06MGDnyC9Z9yfSz7RXcWZl1 gO7+5inswcmGNcGlpGhnQkbyuiSfJdfvtSm17ltjd8wx7fNLyY42o8INr7r8lJE5 mpIgDneNzNuSF1k759XTFYs8YDgGC332XAdGSfPMesTTKb0CcKpesCayHGUwTEOy ulVXvY6amugU9v3vt33+2iMogQQ3sO+0XDZHL3xgOEDU9vmttOCx+oh2zUW40QsQ yPBK1f3h71hAWS0R9LCxBRGHN+IiU2V7Q6cJXFTsPtH02P0N0DiClE1MOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDNNItKQifihju/4JTEeNdcXJ7M/MB8GA1UdIwQY MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5 LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlvfLRN2 ouX7mx97Dg5FpegQmfiMXSVK/tVdaX2Y8Uy+o/kH9FbTRonXttdGKPwznoxds5JF H4GHNh1w5MkQqId96nVNtNpYUwgov5o3cldmiewcu12Qn9Wn/jVz0S89Cvlad/le lOWxPBzDUBVGj6K9vmfebLUjxC/rHmlYhUdWEpSBJnYupKfU1ySjIpEztwzcleHV cvvJxbNVkjnhYtam1rvP83fz7gfmvKYVHE50nX9ZrbAZY2MUB4a4C8q0KMJubBXI /nyyaGsjyFdSLL+uM3nZkZtOcUBuOgGpTA/CCrv+rKagZHTQh7CnU752UFy2t4un AaoqBj7Uarbuag== -----END CERTIFICATE-----Generated at Fri Dec 26 22:27:12 2025 by rpki-client