This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft File: aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft (raw, json) Hash identifier: N0DX1UNRca/hoAY9FXuy8CsvStxMYA2U1PBKG7XpR/I= Subject key identifier: 03:97:61:28:FD:08:35:6C:6D:3E:7D:D6:C6:99:9A:7A:0C:65:49:72 Authority key identifier: 68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F Certificate issuer: /CN=68f063ed2e0a2674bc471010189fc77adb31c17f Certificate serial: 019B21AC02427DE3BEA94EED7D928AA289DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft Manifest number: 1678 Signing time: Mon 15 Dec 2025 11:01:19 +0000 Manifest this update: Mon 15 Dec 2025 11:01:19 +0000 Manifest next update: Tue 16 Dec 2025 11:01:19 +0000 Files and hashes: 1: aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl (hash: ZyCBD5l0zZUG5YXh6qUQbPzbAlXZ8GmsIWC0AKrVzYc=) 2: cMnqdtCxCnyUSWOfUxTVBWPspak.roa (hash: OOJ4v4cc4LujDvo5fdL7b0ZauPjg9CekPa/sj+wo+LE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:ac:02:42:7d:e3:be:a9:4e:ed:7d:92:8a:a2:89:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f063ed2e0a2674bc471010189fc77adb31c17f Validity Not Before: Dec 15 11:01:19 2025 GMT Not After : Dec 16 11:01:19 2025 GMT Subject: CN=03976128fd08356c6d3e7dd6c6999a7a0c654972 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:8c:bb:6e:7d:0c:79:d3:a5:33:06:6f:c8:d8: 10:b9:8a:82:5b:86:63:33:a2:89:b7:1a:70:53:56: 57:12:c4:d1:f3:2b:b1:9a:ae:32:25:11:f2:29:1d: dc:2c:40:56:da:fb:5b:bb:cd:31:cc:85:d0:f4:2a: 81:b5:83:be:38:e0:17:b5:fc:f6:d0:09:6f:a0:30: 8c:f3:b5:02:b4:e2:21:fa:12:e9:76:35:2b:a8:15: 7c:15:9b:d6:25:4b:44:f4:05:46:b4:17:5b:de:69: 95:03:0e:2c:b5:75:f0:8f:81:f0:7a:a1:6c:07:ad: 52:a9:1d:30:c2:cd:0c:d7:ca:60:49:a7:fc:cb:ea: 66:41:ff:c0:a1:a7:24:e6:91:30:44:ea:34:01:08: 92:3c:71:3b:28:40:90:80:29:aa:bd:7b:d5:d4:24: 6a:22:40:a0:4a:70:15:7c:a0:58:13:64:e6:dd:ff: 21:a0:28:88:db:f3:41:f0:aa:0b:0b:94:48:ef:b4: 97:af:a8:0f:80:92:70:9b:a0:7b:2e:30:b7:98:85: a0:81:37:26:e3:9d:1f:f8:d3:26:01:23:ff:1c:69: 0d:58:5b:e8:ee:92:ac:b2:b4:0f:9b:63:9b:5e:67: 6b:0b:5e:21:17:36:f8:b4:9f:1f:68:72:4f:50:cb: f1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:97:61:28:FD:08:35:6C:6D:3E:7D:D6:C6:99:9A:7A:0C:65:49:72 X509v3 Authority Key Identifier: keyid:68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:61:ce:87:d6:90:59:9f:b4:e9:08:e4:74:c0:d9:46:85:58: 03:f5:58:22:d4:91:a4:17:93:d9:35:47:68:60:49:cd:1d:88: 1d:28:69:dd:af:6f:3d:ad:86:d5:0f:c0:cf:bc:b7:a1:fe:01: f9:96:07:1a:01:7e:a2:9d:3e:96:41:35:68:43:a9:64:d5:a9: 3d:6a:7a:84:32:6f:80:bd:d9:8f:3b:d8:59:98:59:49:9e:d7: 18:0a:bb:25:8e:83:93:50:37:7f:81:f7:d3:05:3a:4c:b1:23: 09:3e:53:c9:7b:7d:ea:9b:91:56:cb:1b:0f:31:7b:03:17:cf: 45:6b:6c:c9:80:b5:be:84:bf:73:42:57:d9:e7:e1:8e:0b:eb: 05:b6:f6:03:55:a8:dc:57:13:cf:78:0d:f5:9b:83:20:58:11: d8:5e:e2:fd:1a:b2:48:e4:4d:90:c0:6f:33:cd:6a:13:3b:27: 7a:f0:09:26:df:2c:40:e4:91:35:7c:48:6a:ee:16:a5:33:07: 17:20:2d:1f:4c:68:bf:8b:de:00:56:c1:7e:2f:c6:3d:7b:26: de:fb:6a:23:e6:11:ce:6b:75:2e:42:7b:f5:20:d6:a5:fd:00: 4d:cc:c0:a8:41:3c:d3:ba:67:db:2f:12:90:2d:da:75:eb:41: cf:2a:f7:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshrAJCfeO+qU7tfZKKoonfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjA2M2VkMmUwYTI2NzRiYzQ3MTAxMDE4OWZjNzdhZGIz MWMxN2YwHhcNMjUxMjE1MTEwMTE5WhcNMjUxMjE2MTEwMTE5WjAzMTEwLwYDVQQD EygwMzk3NjEyOGZkMDgzNTZjNmQzZTdkZDZjNjk5OWE3YTBjNjU0OTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoy7bn0MedOlMwZvyNgQuYqCW4Zj M6KJtxpwU1ZXEsTR8yuxmq4yJRHyKR3cLEBW2vtbu80xzIXQ9CqBtYO+OOAXtfz2 0AlvoDCM87UCtOIh+hLpdjUrqBV8FZvWJUtE9AVGtBdb3mmVAw4stXXwj4HweqFs B61SqR0wws0M18pgSaf8y+pmQf/Aoack5pEwROo0AQiSPHE7KECQgCmqvXvV1CRq IkCgSnAVfKBYE2Tm3f8hoCiI2/NB8KoLC5RI77SXr6gPgJJwm6B7LjC3mIWggTcm 450f+NMmASP/HGkNWFvo7pKssrQPm2ObXmdrC14hFzb4tJ8faHJPUMvxqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAOXYSj9CDVsbT591saZmnoMZUlyMB8GA1UdIwQY MBaAFGjwY+0uCiZ0vEcQEBifx3rbMcF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMt OTQ2ZmRhZmUyZWM2LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMtOTQ2ZmRhZmUyZWM2 LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGHOh9aQ WZ+06QjkdMDZRoVYA/VYItSRpBeT2TVHaGBJzR2IHShp3a9vPa2G1Q/Az7y3of4B +ZYHGgF+op0+lkE1aEOpZNWpPWp6hDJvgL3ZjzvYWZhZSZ7XGAq7JY6Dk1A3f4H3 0wU6TLEjCT5TyXt96puRVssbDzF7AxfPRWtsyYC1voS/c0JX2efhjgvrBbb2A1Wo 3FcTz3gN9ZuDIFgR2F7i/RqySORNkMBvM81qEzsnevAJJt8sQOSRNXxIau4WpTMH FyAtH0xov4veAFbBfi/GPXsm3vtqI+YRzmt1LkJ79SDWpf0ATczAqEE807pn2y8S kC3adetBzyr3FA== -----END CERTIFICATE-----Generated at Mon Dec 15 14:44:50 2025 by rpki-client