This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft File: AahezixTn1hQ-nAfLUWiEn3IZ1U.mft (raw, json) Hash identifier: RkhYHkGLBRfJPmWOg/kTXP6QWL31pR3dvIEe2rfv3Ok= Subject key identifier: ED:BB:9C:6B:25:F5:61:CF:B7:6C:4C:A6:C0:8B:28:8F:18:AF:29:D5 Authority key identifier: 01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55 Certificate issuer: /CN=01a85ece2c539f5850fa701f2d45a2127dc86755 Certificate serial: 019B101414A33694CE40046980EB0545D8B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft Manifest number: 0A16 Signing time: Fri 12 Dec 2025 01:01:49 +0000 Manifest this update: Fri 12 Dec 2025 01:01:49 +0000 Manifest next update: Sat 13 Dec 2025 01:01:49 +0000 Files and hashes: 1: 1YtqoFQLtfGDiVmHDelz4DRg3EU.roa (hash: IK9E4boh47Pzwtuw3Las8hTZNUl+rwA5t6hlkkr2bx4=) 2: AahezixTn1hQ-nAfLUWiEn3IZ1U.crl (hash: ikVJEaNZ/EfPxnirXKonrmUQKma4RhVQoGdjYrNweMQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:14:14:a3:36:94:ce:40:04:69:80:eb:05:45:d8:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a85ece2c539f5850fa701f2d45a2127dc86755 Validity Not Before: Dec 12 01:01:49 2025 GMT Not After : Dec 13 01:01:49 2025 GMT Subject: CN=edbb9c6b25f561cfb76c4ca6c08b288f18af29d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:ba:a0:b4:1c:c5:61:ff:e9:37:57:4f:c6:d1: 76:1e:ef:73:fe:5d:fa:ac:ca:0f:c0:ab:da:0e:4b: f1:d8:e2:70:61:d7:dd:be:9d:a0:38:6a:9f:5a:c4: f4:48:a4:ba:93:94:02:af:37:c9:14:86:22:0b:98: c2:f9:63:32:15:43:87:95:74:b8:78:8f:0a:33:6d: 35:49:4b:4b:cc:9e:f4:8a:53:82:d5:a6:5a:99:b6: b5:b8:2a:6b:c9:b8:0f:d9:bd:f0:ca:99:0c:d2:b8: c5:23:47:57:c4:ac:bf:a5:45:d5:9e:5a:6e:a6:71: 51:8e:3a:2f:1d:0b:97:b7:aa:b9:97:bf:bc:e7:41: 17:b9:28:28:40:fb:10:d9:09:9b:19:d9:1c:9d:8f: 85:cd:85:c0:bd:df:7c:5b:43:ee:8a:98:03:74:c8: d5:49:a5:c2:1b:86:a6:1e:7a:58:4c:2a:8b:98:14: 51:63:13:c3:08:95:df:7a:50:ef:fe:f8:e4:51:87: b5:7b:c4:58:17:ab:4a:7f:52:1e:d9:9b:69:52:9c: cb:f3:2b:37:91:98:c3:4a:90:04:8f:28:82:a1:e7: 3c:9d:72:57:ce:ed:c8:ed:1c:45:ce:66:b5:92:c8: 50:62:d5:1a:02:ac:99:6f:2f:18:cc:23:8a:93:ff: dd:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:BB:9C:6B:25:F5:61:CF:B7:6C:4C:A6:C0:8B:28:8F:18:AF:29:D5 X509v3 Authority Key Identifier: keyid:01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:cb:66:8f:fb:37:a4:62:3c:ed:02:57:bd:1b:c3:bd:03:73: 6e:82:dc:c8:b2:bb:08:80:bb:0c:d9:30:3e:fc:d5:75:31:29: 86:19:46:74:ae:63:f1:25:91:05:23:97:d1:86:37:e9:0e:f1: 56:83:ee:15:2c:bf:79:af:8b:be:90:dc:32:b4:85:61:f8:10: aa:66:7d:61:77:33:e9:ed:65:4d:9d:2e:68:fd:7a:bc:e0:f6: 1e:67:6d:9e:43:59:a8:24:18:1a:49:fe:9f:52:ef:05:e8:a4: b5:07:0d:a3:3c:16:54:d2:8e:4e:f5:4d:ad:43:05:2c:d3:80: 35:60:8c:2e:bb:eb:5f:17:e0:4f:38:8b:57:75:95:73:aa:2d: 67:8e:95:b5:fd:45:75:46:90:88:15:43:61:87:7a:4b:c6:f8: fd:81:39:46:10:21:15:89:c2:32:4e:c3:b5:e0:b3:e4:c3:8b: 9a:d7:a0:84:f4:d9:c0:00:18:7d:07:25:c1:bf:e8:8a:c2:e3: 99:e0:8c:10:5e:1a:4c:ee:21:aa:ec:bf:f0:56:7c:ab:53:94: d4:d4:37:5e:1f:1f:66:04:f4:c7:2f:99:68:9b:db:72:e9:81: 98:9f:a3:a5:00:02:d0:f2:68:ce:52:8b:bd:76:b0:84:eb:2c: f6:bb:f7:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQFBSjNpTOQARpgOsFRdizMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTg1ZWNlMmM1MzlmNTg1MGZhNzAxZjJkNDVhMjEyN2Rj ODY3NTUwHhcNMjUxMjEyMDEwMTQ5WhcNMjUxMjEzMDEwMTQ5WjAzMTEwLwYDVQQD EyhlZGJiOWM2YjI1ZjU2MWNmYjc2YzRjYTZjMDhiMjg4ZjE4YWYyOWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7qgtBzFYf/pN1dPxtF2Hu9z/l36 rMoPwKvaDkvx2OJwYdfdvp2gOGqfWsT0SKS6k5QCrzfJFIYiC5jC+WMyFUOHlXS4 eI8KM201SUtLzJ70ilOC1aZamba1uCprybgP2b3wypkM0rjFI0dXxKy/pUXVnlpu pnFRjjovHQuXt6q5l7+850EXuSgoQPsQ2QmbGdkcnY+FzYXAvd98W0PuipgDdMjV SaXCG4amHnpYTCqLmBRRYxPDCJXfelDv/vjkUYe1e8RYF6tKf1Ie2ZtpUpzL8ys3 kZjDSpAEjyiCoec8nXJXzu3I7RxFzma1kshQYtUaAqyZby8YzCOKk//dawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO27nGsl9WHPt2xMpsCLKI8YrynVMB8GA1UdIwQY MBaAFAGoXs4sU59YUPpwHy1FohJ9yGdVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEt NzUyYTQ1YzMyZGZmLzEvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEtNzUyYTQ1YzMyZGZm LzEvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnMtmj/s3 pGI87QJXvRvDvQNzboLcyLK7CIC7DNkwPvzVdTEphhlGdK5j8SWRBSOX0YY36Q7x VoPuFSy/ea+LvpDcMrSFYfgQqmZ9YXcz6e1lTZ0uaP16vOD2HmdtnkNZqCQYGkn+ n1LvBeiktQcNozwWVNKOTvVNrUMFLNOANWCMLrvrXxfgTziLV3WVc6otZ46Vtf1F dUaQiBVDYYd6S8b4/YE5RhAhFYnCMk7DteCz5MOLmteghPTZwAAYfQclwb/oisLj meCMEF4aTO4hquy/8FZ8q1OU1NQ3Xh8fZgT0xy+ZaJvbcumBmJ+jpQAC0PJozlKL vXawhOss9rv3Mg== -----END CERTIFICATE-----Generated at Fri Dec 12 02:39:26 2025 by rpki-client