This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft File: aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json) Hash identifier: ELDiXONt5Q4bYkpWwW5+yxJ+8e8NtH8ZFCMEjLc14q0= Subject key identifier: A7:B4:78:28:9C:1B:ED:29:55:C2:A9:54:B9:2E:7C:48:53:62:20:1C Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A Certificate issuer: /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Certificate serial: 019B4AA84AE68426C752DE22992F5BA1C261 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft Manifest number: 171E Signing time: Tue 23 Dec 2025 10:01:41 +0000 Manifest this update: Tue 23 Dec 2025 10:01:41 +0000 Manifest next update: Wed 24 Dec 2025 10:01:41 +0000 Files and hashes: 1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: tWa8gMUrN24YvoMXTouqGNiRdTaUp8/OfpF7jawNJ4g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 10:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a8:4a:e6:84:26:c7:52:de:22:99:2f:5b:a1:c2:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Validity Not Before: Dec 23 10:01:41 2025 GMT Not After : Dec 24 10:01:41 2025 GMT Subject: CN=a7b478289c1bed2955c2a954b92e7c485362201c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b9:42:25:b8:6e:c7:42:3d:f8:bb:42:2a:be: 14:e7:03:cc:23:06:f1:9d:44:47:b0:58:67:06:61: ff:ba:d9:ea:d6:52:48:da:08:2f:c2:1c:8a:1b:d7: f2:fe:d5:00:ad:3e:1b:c7:8b:2e:f2:06:d2:04:c2: e2:59:92:ef:99:c4:39:29:2a:0c:63:f5:f2:35:53: 36:18:c9:f0:e0:ad:97:a8:0f:bc:3c:d4:f8:ed:33: 25:85:f0:cb:9f:d6:34:c4:cf:de:42:4f:c8:2d:db: e0:8e:27:eb:2d:fb:4c:90:e5:51:e8:05:90:6d:21: 0d:37:3a:ca:22:cc:fa:9b:01:16:8d:71:1a:be:27: fd:91:ea:fa:42:78:df:a0:10:ea:e8:46:e5:6f:5b: 25:02:d1:fa:96:75:c2:ec:b0:45:11:92:f0:12:e9: 0e:d9:1c:e2:65:3c:6c:b5:2b:ee:e5:16:75:30:1d: 63:f6:95:0f:c3:eb:26:22:a7:45:9c:e8:ca:51:e7: ac:90:66:d5:32:64:18:f9:fd:54:cc:d1:5e:13:a5: 1d:52:4a:5b:24:77:3c:65:60:a3:f3:5e:ef:de:f8: 74:a9:24:72:7f:06:d7:4d:8d:3e:eb:03:d6:1d:60: 03:da:4e:07:dd:90:37:86:6b:e4:43:60:13:75:ba: 48:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:B4:78:28:9C:1B:ED:29:55:C2:A9:54:B9:2E:7C:48:53:62:20:1C X509v3 Authority Key Identifier: keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:37:f7:e4:ea:b8:42:72:54:25:0f:4b:0c:03:2d:4c:09:95: 24:5a:11:d9:0b:24:c3:dd:97:26:f3:7d:d2:7c:01:a5:24:72: 9d:90:14:f9:48:8b:25:37:46:8f:2a:36:e9:0b:47:55:b8:a9: 31:64:1a:9f:9b:7c:f9:49:4d:e1:a4:39:c5:57:ad:36:ca:42: 62:42:11:c3:80:35:d2:6e:a3:45:0e:e2:6c:c9:d7:8f:fd:7d: 2a:18:d1:01:30:f6:41:eb:9b:ec:b7:a5:f4:20:06:ea:5a:27: fa:c5:60:a0:04:c7:f2:d8:8c:1f:d2:af:08:13:14:05:1b:0b: 61:15:97:1c:4f:14:9d:95:2a:0a:0b:86:80:33:03:e8:1e:f4: e2:2d:20:8d:fd:ca:76:b8:d3:f2:04:ca:1d:18:5d:a5:81:b5: 8d:62:7a:10:28:da:b4:12:2d:87:22:ac:61:43:d5:6c:10:e4: 6b:f6:b9:fd:34:b8:98:52:20:72:9f:85:4a:00:8a:a5:5a:b2: 93:06:c9:10:88:6b:05:8a:be:c3:6a:a2:66:87:2b:d7:8d:fc: 7d:d7:ee:01:0b:ca:79:ba:57:d6:7e:f0:fd:52:b5:6f:56:4c: a4:9e:bf:82:5a:78:81:59:30:81:39:bf:ae:39:f7:77:ba:74: da:e0:ae:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKqErmhCbHUt4imS9bocJhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0 YjQ4MGEwHhcNMjUxMjIzMTAwMTQxWhcNMjUxMjI0MTAwMTQxWjAzMTEwLwYDVQQD EyhhN2I0NzgyODljMWJlZDI5NTVjMmE5NTRiOTJlN2M0ODUzNjIyMDFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LlCJbhux0I9+LtCKr4U5wPMIwbx nURHsFhnBmH/utnq1lJI2ggvwhyKG9fy/tUArT4bx4su8gbSBMLiWZLvmcQ5KSoM Y/XyNVM2GMnw4K2XqA+8PNT47TMlhfDLn9Y0xM/eQk/ILdvgjifrLftMkOVR6AWQ bSENNzrKIsz6mwEWjXEavif9ker6QnjfoBDq6Eblb1slAtH6lnXC7LBFEZLwEukO 2RziZTxstSvu5RZ1MB1j9pUPw+smIqdFnOjKUeeskGbVMmQY+f1UzNFeE6UdUkpb JHc8ZWCj817v3vh0qSRyfwbXTY0+6wPWHWAD2k4H3ZA3hmvkQ2ATdbpIXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKe0eCicG+0pVcKpVLkufEhTYiAcMB8GA1UdIwQY MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijf35Oq4 QnJUJQ9LDAMtTAmVJFoR2Qskw92XJvN90nwBpSRynZAU+UiLJTdGjyo26QtHVbip MWQan5t8+UlN4aQ5xVetNspCYkIRw4A10m6jRQ7ibMnXj/19KhjRATD2Qeub7Lel 9CAG6lon+sVgoATH8tiMH9KvCBMUBRsLYRWXHE8UnZUqCguGgDMD6B704i0gjf3K drjT8gTKHRhdpYG1jWJ6ECjatBIthyKsYUPVbBDka/a5/TS4mFIgcp+FSgCKpVqy kwbJEIhrBYq+w2qiZocr1438fdfuAQvKebpX1n7w/VK1b1ZMpJ6/glp4gVkwgTm/ rjn3d7p02uCu6Q== -----END CERTIFICATE-----Generated at Tue Dec 23 16:24:13 2025 by rpki-client