This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft File: aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json) Hash identifier: SYwl5sW42IokgPseum17g/HhKa2KcVfa4/Tyt2NxMcY= Subject key identifier: 2F:22:10:04:64:6C:E9:9D:A1:C7:AD:32:E4:BC:15:E9:00:6C:26:8F Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A Certificate issuer: /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Certificate serial: 019B42EED778E5ECED1CF3036E87F8F37FCE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft Manifest number: 171A Signing time: Sun 21 Dec 2025 22:01:47 +0000 Manifest this update: Sun 21 Dec 2025 22:01:47 +0000 Manifest next update: Mon 22 Dec 2025 22:01:47 +0000 Files and hashes: 1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: y55oh3PHz3VhEINGn8jRmYL+Ev023urx7mJOnqS/C00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:d7:78:e5:ec:ed:1c:f3:03:6e:87:f8:f3:7f:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a Validity Not Before: Dec 21 22:01:47 2025 GMT Not After : Dec 22 22:01:47 2025 GMT Subject: CN=2f221004646ce99da1c7ad32e4bc15e9006c268f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ec:04:f0:56:73:c3:3a:91:9e:75:da:ba:31: d1:36:85:ee:ee:af:db:80:e7:d6:ab:73:78:55:52: 11:89:8d:54:da:d2:1e:43:f2:28:b7:e4:cf:13:ce: d7:4a:1a:ce:bd:45:a2:06:9b:1a:c4:11:ec:16:93: ed:b3:bb:bf:10:20:58:0c:ad:24:cb:6d:61:2a:5a: e4:44:aa:25:5c:6a:e4:90:0a:87:21:39:34:51:39: ea:93:2b:ef:22:8f:fc:02:39:16:02:e6:40:cc:bb: f4:74:9b:c9:aa:2d:62:c1:28:4c:47:ca:a3:5c:7b: c4:31:32:6d:de:9a:5c:29:33:c6:bf:b2:62:f8:b6: 50:cb:b3:22:18:26:7d:58:d4:64:30:68:c6:45:e4: cc:b2:b7:9e:21:a2:1e:ae:b5:c1:2f:c5:24:a5:12: 76:f6:34:1f:ac:c0:ed:08:6c:f6:f1:96:a8:af:31: c0:b8:7e:43:2b:ee:13:77:2d:f6:8b:da:97:18:18: 8d:02:6c:d5:68:23:a4:df:97:37:07:b8:f1:6d:e2: 71:4b:75:d8:6e:01:64:08:0f:a3:60:6c:00:17:14: db:ed:53:3c:78:1e:3d:35:43:70:6a:2d:7d:8c:0b: 2c:fa:90:d0:6c:6b:88:ca:41:66:80:a5:a1:69:cb: 39:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:22:10:04:64:6C:E9:9D:A1:C7:AD:32:E4:BC:15:E9:00:6C:26:8F X509v3 Authority Key Identifier: keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:d1:80:60:9c:f1:e6:17:fb:e1:b0:1a:97:3a:02:dd:ea:a2: 9f:47:b5:39:67:e0:45:ca:74:ee:5d:95:ab:a4:d2:c4:d6:97: 67:b3:61:bf:81:af:7f:bd:f9:23:17:ed:08:c8:f4:e2:2a:10: 5e:10:57:0c:7f:50:27:f0:c1:09:40:ea:a4:29:87:1d:7c:ab: 0b:ad:a1:2b:0e:5c:44:3c:2c:77:5a:0e:aa:d5:5a:33:b8:68: 06:91:90:dc:ec:8b:b3:1b:3e:ab:6e:4e:9b:07:26:0e:b8:21: b4:69:dc:07:f0:04:93:db:fa:9f:07:8c:ce:ae:7a:bb:fb:4e: 91:0f:50:ee:c2:f1:5d:38:6e:11:9c:fe:00:7c:04:a9:7d:40: c4:a3:03:9e:ec:93:af:34:ef:db:37:c5:76:18:bb:cb:51:08: b9:20:11:2c:0c:cf:78:18:90:40:6b:9f:c2:89:8f:5b:fb:84: f1:05:f8:79:53:d3:e2:27:7c:c9:36:a0:a1:d5:d8:45:b3:19: 15:b0:9c:77:cf:bd:66:4d:dd:17:78:43:b3:a6:40:93:68:7d: 6a:2b:16:82:09:e6:ed:a7:7c:17:24:39:f5:77:74:fc:4f:29: c8:9d:d7:22:7e:6a:dc:1d:26:b6:63:78:12:46:40:db:50:16: 25:0c:a5:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7td45eztHPMDbof483/OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0 YjQ4MGEwHhcNMjUxMjIxMjIwMTQ3WhcNMjUxMjIyMjIwMTQ3WjAzMTEwLwYDVQQD EygyZjIyMTAwNDY0NmNlOTlkYTFjN2FkMzJlNGJjMTVlOTAwNmMyNjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ewE8FZzwzqRnnXaujHRNoXu7q/b gOfWq3N4VVIRiY1U2tIeQ/Iot+TPE87XShrOvUWiBpsaxBHsFpPts7u/ECBYDK0k y21hKlrkRKolXGrkkAqHITk0UTnqkyvvIo/8AjkWAuZAzLv0dJvJqi1iwShMR8qj XHvEMTJt3ppcKTPGv7Ji+LZQy7MiGCZ9WNRkMGjGReTMsreeIaIerrXBL8UkpRJ2 9jQfrMDtCGz28ZaorzHAuH5DK+4Tdy32i9qXGBiNAmzVaCOk35c3B7jxbeJxS3XY bgFkCA+jYGwAFxTb7VM8eB49NUNwai19jAss+pDQbGuIykFmgKWhacs57QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC8iEARkbOmdocetMuS8FekAbCaPMB8GA1UdIwQY MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNGAYJzx 5hf74bAalzoC3eqin0e1OWfgRcp07l2Vq6TSxNaXZ7Nhv4Gvf735IxftCMj04ioQ XhBXDH9QJ/DBCUDqpCmHHXyrC62hKw5cRDwsd1oOqtVaM7hoBpGQ3OyLsxs+q25O mwcmDrghtGncB/AEk9v6nweMzq56u/tOkQ9Q7sLxXThuEZz+AHwEqX1AxKMDnuyT rzTv2zfFdhi7y1EIuSARLAzPeBiQQGufwomPW/uE8QX4eVPT4id8yTagodXYRbMZ FbCcd8+9Zk3dF3hDs6ZAk2h9aisWggnm7ad8FyQ59Xd0/E8pyJ3XIn5q3B0mtmN4 EkZA21AWJQyliQ== -----END CERTIFICATE-----Generated at Mon Dec 22 04:23:36 2025 by rpki-client