This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft File: aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json) Hash identifier: AreUt0p0/6GNOLERetcEHzemObfePXjq4V0qScTLfb8= Subject key identifier: 14:C7:15:E0:F6:CD:77:CF:0B:2E:4E:67:F6:F6:A5:20:56:B6:21:B7 Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE Certificate issuer: /CN=684750df0eba774d4b4d644ec8e33508f8f538fe Certificate serial: 019B3569A3963E4732CD2C433B2DF8E2AE96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft Manifest number: 082D Signing time: Fri 19 Dec 2025 07:01:14 +0000 Manifest this update: Fri 19 Dec 2025 07:01:14 +0000 Manifest next update: Sat 20 Dec 2025 07:01:14 +0000 Files and hashes: 1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: rYmcZCQFyMy7z46YzjEtDHytFXQ5fn8sEF1oY7VjS58=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:a3:96:3e:47:32:cd:2c:43:3b:2d:f8:e2:ae:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe Validity Not Before: Dec 19 07:01:14 2025 GMT Not After : Dec 20 07:01:14 2025 GMT Subject: CN=14c715e0f6cd77cf0b2e4e67f6f6a52056b621b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:85:61:26:97:bd:1d:52:75:31:e2:1b:47:fb: 94:44:8a:ae:d7:2f:ee:70:af:f4:1f:5f:05:72:ce: 3a:2d:51:97:54:14:34:6e:4b:e3:6d:1a:70:af:02: c2:9f:ed:df:ad:a8:de:35:f1:0e:47:76:54:8d:e0: 24:6b:ca:88:e3:8b:d4:fb:c3:ae:ff:37:d5:fc:37: 23:f2:e3:5f:e2:6e:4d:f5:c6:df:8b:e0:1b:d1:31: 7f:8b:9b:05:0e:98:f8:25:65:62:1a:0e:b2:bc:71: 4b:22:0e:63:2e:ab:0f:21:c3:06:41:2f:4f:07:85: 8e:f3:25:2c:da:19:7e:de:d6:46:d2:e0:e6:81:42: bd:8a:fc:eb:d7:21:59:0d:7b:27:44:db:58:71:26: 3b:cf:63:92:63:9f:67:94:43:c2:ed:50:31:e8:f6: 5c:96:fd:89:31:75:d5:7d:37:da:4d:e7:2c:2a:84: 6a:29:fe:fc:7f:fc:31:ac:ea:9a:a2:cc:67:71:91: 4d:94:5b:3f:84:f5:9a:a4:ef:8e:ed:87:49:5c:c2: a1:53:db:7a:ce:54:01:8e:1f:be:ef:d3:d9:a1:b7: 46:ac:31:c2:a5:5f:0b:a6:af:29:a8:63:5f:fb:01: cf:f9:bb:58:06:57:a6:fa:5b:1d:64:59:5d:ce:93: 68:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:C7:15:E0:F6:CD:77:CF:0B:2E:4E:67:F6:F6:A5:20:56:B6:21:B7 X509v3 Authority Key Identifier: keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:01:17:c0:fc:b8:77:f6:3e:ca:49:9d:75:ce:96:a3:66:e9: 44:43:8a:24:eb:58:be:73:1c:d1:04:8a:92:da:15:75:3c:8d: 86:13:ed:15:94:76:54:8b:c8:6b:f4:ea:11:21:75:95:d6:b2: b0:b7:0e:06:1b:98:40:b1:a2:df:77:d4:03:7a:8b:a6:d2:b4: 88:94:a7:a6:81:21:94:f3:74:d5:03:1b:7c:dd:ef:a9:76:40: 2d:19:22:36:16:b8:38:b6:9d:54:69:be:78:9e:71:8b:65:d7: 6d:cb:74:3d:35:da:be:36:28:0e:7f:02:0e:e4:86:3b:75:fc: 47:a7:e7:2c:8a:35:e1:48:0e:c8:d6:fc:34:ea:07:ad:01:95: d9:8e:3b:e9:72:a6:1b:83:72:9a:01:63:57:23:e2:f6:4f:86: 92:a6:6a:6c:36:f1:1b:1e:7c:9f:f4:f0:99:66:8d:04:b8:36: 16:8c:71:46:0a:25:b3:67:e1:f7:76:13:d9:24:5a:63:50:e6: 7e:f3:6a:7b:ad:74:64:05:79:cb:2c:dd:5f:39:64:dc:cf:09: 90:45:7c:08:66:5a:74:17:82:4a:ae:bc:5e:01:85:ad:a3:ad: 20:11:79:05:31:9d:82:ce:a8:2a:7d:d6:73:a6:ea:2a:b0:e7: 4f:54:e5:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aaOWPkcyzSxDOy344q6WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm NTM4ZmUwHhcNMjUxMjE5MDcwMTE0WhcNMjUxMjIwMDcwMTE0WjAzMTEwLwYDVQQD EygxNGM3MTVlMGY2Y2Q3N2NmMGIyZTRlNjdmNmY2YTUyMDU2YjYyMWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoVhJpe9HVJ1MeIbR/uURIqu1y/u cK/0H18Fcs46LVGXVBQ0bkvjbRpwrwLCn+3frajeNfEOR3ZUjeAka8qI44vU+8Ou /zfV/Dcj8uNf4m5N9cbfi+Ab0TF/i5sFDpj4JWViGg6yvHFLIg5jLqsPIcMGQS9P B4WO8yUs2hl+3tZG0uDmgUK9ivzr1yFZDXsnRNtYcSY7z2OSY59nlEPC7VAx6PZc lv2JMXXVfTfaTecsKoRqKf78f/wxrOqaosxncZFNlFs/hPWapO+O7YdJXMKhU9t6 zlQBjh++79PZobdGrDHCpV8Lpq8pqGNf+wHP+btYBlem+lsdZFldzpNo/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBTHFeD2zXfPCy5OZ/b2pSBWtiG3MB8GA1UdIwQY MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAswEXwPy4 d/Y+ykmddc6Wo2bpREOKJOtYvnMc0QSKktoVdTyNhhPtFZR2VIvIa/TqESF1lday sLcOBhuYQLGi33fUA3qLptK0iJSnpoEhlPN01QMbfN3vqXZALRkiNha4OLadVGm+ eJ5xi2XXbct0PTXavjYoDn8CDuSGO3X8R6fnLIo14UgOyNb8NOoHrQGV2Y476XKm G4NymgFjVyPi9k+GkqZqbDbxGx58n/TwmWaNBLg2FoxxRgols2fh93YT2SRaY1Dm fvNqe610ZAV5yyzdXzlk3M8JkEV8CGZadBeCSq68XgGFraOtIBF5BTGdgs6oKn3W c6bqKrDnT1Tlug== -----END CERTIFICATE-----Generated at Fri Dec 19 09:22:09 2025 by rpki-client