This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft File: aH2bViukcmGPk5jiZcoOcQj2h6M.mft (raw, json) Hash identifier: b1BI7liiVF67gRFgO30pSALg/kVMsh4D51B4RuwQn10= Subject key identifier: 1D:DF:2F:64:64:82:C7:D1:AD:1E:C6:F6:BC:BA:E9:75:77:A1:4A:24 Authority key identifier: 68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3 Certificate issuer: /CN=687d9b562ba472618f9398e265ca0e7108f687a3 Certificate serial: 019B1E73A9492B63BB272184296A158BE764 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft Manifest number: 170B Signing time: Sun 14 Dec 2025 20:00:54 +0000 Manifest this update: Sun 14 Dec 2025 20:00:54 +0000 Manifest next update: Mon 15 Dec 2025 20:00:54 +0000 Files and hashes: 1: aH2bViukcmGPk5jiZcoOcQj2h6M.crl (hash: Gzw5glHlSU85QckprgA1VQli8ZJyUv1gepBCAK4/WRA=) 2: lwjpFv3HgemxBJqe9gi4ArggD88.roa (hash: 7p7Zr7Ya8mUheMjW/Ww4B8S5/Cc2CZ+iZfLnhmKVtRo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:73:a9:49:2b:63:bb:27:21:84:29:6a:15:8b:e7:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=687d9b562ba472618f9398e265ca0e7108f687a3 Validity Not Before: Dec 14 20:00:54 2025 GMT Not After : Dec 15 20:00:54 2025 GMT Subject: CN=1ddf2f646482c7d1ad1ec6f6bcbae97577a14a24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:be:ff:72:72:12:4c:02:5a:56:2a:3b:ef:cd: 01:50:06:4f:d3:e5:d4:ae:ce:44:8d:92:44:95:84: dc:7d:20:ec:8f:db:6d:bc:73:d6:33:d7:e1:0a:12: 17:03:d2:ac:d2:da:49:23:ab:aa:55:b1:95:e2:47: e9:d7:5c:85:a9:11:eb:fc:bb:54:a3:f4:93:16:c2: 32:1c:5f:d3:95:de:81:e2:49:4b:a8:88:4b:8b:c5: 95:9d:99:88:bd:fd:d8:86:5e:b6:72:bd:f2:ec:78: 28:c2:50:8a:53:2c:0d:74:26:c0:4f:75:d7:b0:cc: 65:d4:aa:79:ab:54:a5:04:f0:20:1c:0a:d9:57:ee: ed:f8:ba:97:6d:a2:ea:bf:dc:36:be:27:16:e3:3f: b8:56:0f:e0:58:50:4c:07:71:bd:31:39:f9:fa:ae: f9:0f:eb:63:52:15:3e:e8:e7:e9:b7:15:d5:2e:f6: af:2c:0d:78:f0:96:e2:48:a8:b1:c1:8d:7c:88:4e: fd:ca:68:e6:a7:fa:d7:59:72:b8:3b:6c:4e:e1:a7: f6:35:4d:e7:d7:d9:ae:8c:22:fb:7d:c6:87:be:9a: 00:19:66:39:65:ce:b0:06:41:25:19:c5:38:0e:b9: de:0c:d0:cc:ee:42:b2:5f:c3:36:7f:57:d3:30:14: b4:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:DF:2F:64:64:82:C7:D1:AD:1E:C6:F6:BC:BA:E9:75:77:A1:4A:24 X509v3 Authority Key Identifier: keyid:68:7D:9B:56:2B:A4:72:61:8F:93:98:E2:65:CA:0E:71:08:F6:87:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aH2bViukcmGPk5jiZcoOcQj2h6M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b89c1f-8dcb-438b-8afd-605d135136f7/1/aH2bViukcmGPk5jiZcoOcQj2h6M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:15:a3:13:be:1e:85:e8:a8:58:48:69:48:fe:55:b6:09:2a: 14:06:04:79:5f:59:1d:aa:2e:bf:12:e8:8f:d1:75:a8:2b:43: f6:99:08:41:bc:88:85:7d:ae:e1:67:8e:a9:99:e9:44:c0:2b: 06:4b:d1:f4:0b:66:70:8b:3d:b1:06:4b:e4:a6:7a:48:ff:2f: ab:06:e5:c3:50:21:d7:f0:4c:c3:72:ce:8c:0d:77:99:0c:d8: 31:4f:89:10:5f:92:06:27:b5:23:3d:47:ec:c0:28:02:d3:1f: a4:64:8e:f9:3c:1c:da:e7:ff:89:c3:de:bb:bf:28:18:6b:aa: 2b:89:3f:3b:86:25:51:e4:61:66:8e:ec:4d:09:39:ff:55:15: 84:a4:79:28:49:2f:1c:f6:56:b5:a6:d1:d9:d9:6c:2d:cd:b9: 87:03:2e:8a:57:ee:1b:d7:77:24:00:0f:7a:0c:82:3a:47:a3: 4e:42:15:a9:ea:ab:d9:64:16:46:ec:be:e7:72:3c:a7:58:28: 7a:af:5c:47:87:93:dc:a1:e9:d6:9a:df:7f:1b:b1:35:47:82: e6:36:f4:af:b7:94:c4:26:06:87:12:f3:97:d4:a9:35:d3:21: 40:8f:14:8e:23:fb:90:a3:04:2a:58:7c:b5:b1:c1:23:c7:7c: 41:e7:6d:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsec6lJK2O7JyGEKWoVi+dkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4N2Q5YjU2MmJhNDcyNjE4ZjkzOThlMjY1Y2EwZTcxMDhm Njg3YTMwHhcNMjUxMjE0MjAwMDU0WhcNMjUxMjE1MjAwMDU0WjAzMTEwLwYDVQQD EygxZGRmMmY2NDY0ODJjN2QxYWQxZWM2ZjZiY2JhZTk3NTc3YTE0YTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L7/cnISTAJaVio7780BUAZP0+XU rs5EjZJElYTcfSDsj9ttvHPWM9fhChIXA9Ks0tpJI6uqVbGV4kfp11yFqRHr/LtU o/STFsIyHF/Tld6B4klLqIhLi8WVnZmIvf3Yhl62cr3y7HgowlCKUywNdCbAT3XX sMxl1Kp5q1SlBPAgHArZV+7t+LqXbaLqv9w2vicW4z+4Vg/gWFBMB3G9MTn5+q75 D+tjUhU+6OfptxXVLvavLA148JbiSKixwY18iE79ymjmp/rXWXK4O2xO4af2NU3n 19mujCL7fcaHvpoAGWY5Zc6wBkElGcU4DrneDNDM7kKyX8M2f1fTMBS0OwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3fL2RkgsfRrR7G9ry66XV3oUokMB8GA1UdIwQY MBaAFGh9m1YrpHJhj5OY4mXKDnEI9oejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQt NjA1ZDEzNTEzNmY3LzEvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9iODljMWYtOGRjYi00MzhiLThhZmQtNjA1ZDEzNTEzNmY3 LzEvYUgyYlZpdWtjbUdQazVqaVpjb09jUWoyaDZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwhWjE74e heioWEhpSP5VtgkqFAYEeV9ZHaouvxLoj9F1qCtD9pkIQbyIhX2u4WeOqZnpRMAr BkvR9AtmcIs9sQZL5KZ6SP8vqwblw1Ah1/BMw3LOjA13mQzYMU+JEF+SBie1Iz1H 7MAoAtMfpGSO+Twc2uf/icPeu78oGGuqK4k/O4YlUeRhZo7sTQk5/1UVhKR5KEkv HPZWtabR2dlsLc25hwMuilfuG9d3JAAPegyCOkejTkIVqeqr2WQWRuy+53I8p1go eq9cR4eT3KHp1prffxuxNUeC5jb0r7eUxCYGhxLzl9SpNdMhQI8UjiP7kKMEKlh8 tbHBI8d8Qedtog== -----END CERTIFICATE-----Generated at Sun Dec 14 22:51:47 2025 by rpki-client