This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.mft File: 9aKRIk-CvG0mtRntevviXLMsEVw.mft (raw, json) Hash identifier: Mn5X7cYPsEOICmqiOdANrULwRHFR+4WMu9CE0GJUUkI= Subject key identifier: 62:09:49:47:59:82:1D:BE:14:06:B6:A9:4D:A4:9C:EE:B6:13:43:31 Authority key identifier: F5:A2:91:22:4F:82:BC:6D:26:B5:19:ED:7A:FB:E2:5C:B3:2C:11:5C Certificate issuer: /CN=f5a291224f82bc6d26b519ed7afbe25cb32c115c Certificate serial: 019B0333F9A14B3021C3D63CA3A46E9B6049 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9aKRIk-CvG0mtRntevviXLMsEVw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.mft Manifest number: 0C3B Signing time: Tue 09 Dec 2025 13:01:36 +0000 Manifest this update: Tue 09 Dec 2025 13:01:36 +0000 Manifest next update: Wed 10 Dec 2025 13:01:36 +0000 Files and hashes: 1: 9aKRIk-CvG0mtRntevviXLMsEVw.crl (hash: QdfNHvBK7YbVGBVWMXk0AZ9B78GDlCM4NJUNowHhpSk=) 2: TvqtU6kGEWNG1Cpdb9p7065y7Us.roa (hash: feIhe0HlEu5dhdmycewb1eBF/nryf3+/l635UbwMTEY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.mft rsync://rpki.ripe.net/repository/DEFAULT/9aKRIk-CvG0mtRntevviXLMsEVw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 10 Dec 2025 13:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:03:33:f9:a1:4b:30:21:c3:d6:3c:a3:a4:6e:9b:60:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5a291224f82bc6d26b519ed7afbe25cb32c115c Validity Not Before: Dec 9 13:01:36 2025 GMT Not After : Dec 10 13:01:36 2025 GMT Subject: CN=6209494759821dbe1406b6a94da49ceeb6134331 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:f6:67:45:0b:cc:f3:ed:68:97:c9:b5:10:54: 51:a9:3c:ab:32:89:fa:61:e7:cd:e8:06:14:61:7c: 2e:fc:ff:15:3a:1e:e7:cc:e9:8a:55:c6:c7:32:42: 40:12:95:00:0f:bd:2c:08:00:6e:1f:0c:b4:74:f9: 68:24:11:b2:84:dc:a2:26:2b:68:62:c7:57:24:62: 06:5a:ee:cb:ce:e3:7c:79:35:7c:88:02:77:84:86: a2:d4:dd:7e:ec:1c:7f:9c:3c:da:e7:f0:53:35:af: 2b:cb:c6:44:c4:65:47:9b:ac:4b:1b:f0:98:61:f5: 5a:a2:80:2a:f4:c3:4d:a1:cf:2a:4c:0b:36:fa:94: 28:68:e0:76:eb:c8:a2:8f:e3:20:d1:d1:a5:5b:a3: 96:2b:58:e7:f5:2a:93:d1:33:5e:5e:73:62:d2:57: f5:52:a5:26:4f:c9:d0:a3:11:a3:70:d3:25:10:7f: 24:2e:79:e9:2c:ca:8a:35:97:d6:48:68:59:ba:68: af:0a:d0:fa:cb:ad:3c:e1:8c:fd:6b:fd:4b:dd:32: 14:2d:bf:42:88:18:45:28:71:1a:f9:72:d2:4c:8f: 96:3a:d7:6b:3f:bf:71:61:1a:95:68:37:b0:03:81: d7:62:6c:79:5b:23:75:67:6f:d0:7e:e5:b8:44:2f: ca:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:09:49:47:59:82:1D:BE:14:06:B6:A9:4D:A4:9C:EE:B6:13:43:31 X509v3 Authority Key Identifier: keyid:F5:A2:91:22:4F:82:BC:6D:26:B5:19:ED:7A:FB:E2:5C:B3:2C:11:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKRIk-CvG0mtRntevviXLMsEVw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/8a5cc2-c542-4c9b-8077-bc7977396d9b/1/9aKRIk-CvG0mtRntevviXLMsEVw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:2b:35:54:1a:2f:41:1e:f1:9a:5a:01:7e:8e:94:93:7c:cc: c4:9d:e4:14:04:c9:23:9d:eb:27:6a:dd:83:5a:c8:99:4e:9d: 37:83:a0:15:85:d6:95:06:6d:ba:0e:a3:6b:90:1f:7e:ee:ef: a4:fa:ff:b4:c5:76:6e:9a:62:30:86:6e:0a:f8:e6:ee:ce:d6: d8:5b:5b:eb:d1:0e:26:92:11:33:75:a6:7d:ce:19:be:d0:b6: 28:d8:4d:ef:70:f5:8e:63:51:87:05:d5:2a:2e:a8:86:9b:75: 23:5f:9b:8c:cc:a3:b1:a6:da:42:bc:04:77:03:7e:f4:ca:58: 14:fb:93:06:24:26:4a:17:0d:47:c9:96:68:f0:e0:d1:9c:22: a2:42:68:d7:82:a3:fc:b3:c2:fd:83:d4:99:67:07:47:1e:eb: d2:f4:8e:fd:82:62:ed:7f:23:51:5e:40:38:c4:ce:f6:6e:d7: 60:21:50:6b:7f:4d:6b:31:8a:81:23:41:72:0e:5e:d2:30:8a: f8:ff:20:08:fc:9e:66:4a:ff:d7:66:25:6e:5e:3a:0d:e0:8d: 35:df:11:59:73:d4:9d:6a:8f:49:e4:c4:6c:a5:8d:d6:01:d1: ca:4c:c1:37:4f:c3:db:f7:a3:a5:54:9a:0c:42:ee:df:e1:b7: 27:01:22:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsDM/mhSzAhw9Y8o6Rum2BJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YTI5MTIyNGY4MmJjNmQyNmI1MTllZDdhZmJlMjVjYjMy YzExNWMwHhcNMjUxMjA5MTMwMTM2WhcNMjUxMjEwMTMwMTM2WjAzMTEwLwYDVQQD Eyg2MjA5NDk0NzU5ODIxZGJlMTQwNmI2YTk0ZGE0OWNlZWI2MTM0MzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPZnRQvM8+1ol8m1EFRRqTyrMon6 YefN6AYUYXwu/P8VOh7nzOmKVcbHMkJAEpUAD70sCABuHwy0dPloJBGyhNyiJito YsdXJGIGWu7LzuN8eTV8iAJ3hIai1N1+7Bx/nDza5/BTNa8ry8ZExGVHm6xLG/CY YfVaooAq9MNNoc8qTAs2+pQoaOB268iij+Mg0dGlW6OWK1jn9SqT0TNeXnNi0lf1 UqUmT8nQoxGjcNMlEH8kLnnpLMqKNZfWSGhZumivCtD6y6084Yz9a/1L3TIULb9C iBhFKHEa+XLSTI+WOtdrP79xYRqVaDewA4HXYmx5WyN1Z2/QfuW4RC/KFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGIJSUdZgh2+FAa2qU2knO62E0MxMB8GA1UdIwQY MBaAFPWikSJPgrxtJrUZ7Xr74lyzLBFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWFLUklrLUN2RzBtdFJudGV2dmlYTE1zRVZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC84YTVjYzItYzU0Mi00YzliLTgwNzct YmM3OTc3Mzk2ZDliLzEvOWFLUklrLUN2RzBtdFJudGV2dmlYTE1zRVZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC84YTVjYzItYzU0Mi00YzliLTgwNzctYmM3OTc3Mzk2ZDli LzEvOWFLUklrLUN2RzBtdFJudGV2dmlYTE1zRVZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmys1VBov QR7xmloBfo6Uk3zMxJ3kFATJI53rJ2rdg1rImU6dN4OgFYXWlQZtug6ja5Affu7v pPr/tMV2bppiMIZuCvjm7s7W2Ftb69EOJpIRM3Wmfc4ZvtC2KNhN73D1jmNRhwXV Ki6ohpt1I1+bjMyjsabaQrwEdwN+9MpYFPuTBiQmShcNR8mWaPDg0ZwiokJo14Kj /LPC/YPUmWcHRx7r0vSO/YJi7X8jUV5AOMTO9m7XYCFQa39NazGKgSNBcg5e0jCK +P8gCPyeZkr/12Ylbl46DeCNNd8RWXPUnWqPSeTEbKWN1gHRykzBN0/D2/ejpVSa DELu3+G3JwEi9w== -----END CERTIFICATE-----Generated at Tue Dec 9 19:23:55 2025 by rpki-client