This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft File: A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json) Hash identifier: jT6xV8ATdz9uAkL+ERR9eU+kdFwEXdW0Uh6EhSlumsw= Subject key identifier: 2F:69:43:E8:A8:E9:10:A7:E2:3E:D9:6C:1B:49:9E:9D:B8:87:98:33 Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 Certificate issuer: /CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Certificate serial: 019B44A521F133B4BD6563FEAB1492E8989C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft Manifest number: 0A63 Signing time: Mon 22 Dec 2025 06:00:31 +0000 Manifest this update: Mon 22 Dec 2025 06:00:31 +0000 Manifest next update: Tue 23 Dec 2025 06:00:31 +0000 Files and hashes: 1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: opNvzVPji3h2VtDhSJxDnNINJp6TY59LAydY0B/CkgU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:21:f1:33:b4:bd:65:63:fe:ab:14:92:e8:98:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Validity Not Before: Dec 22 06:00:31 2025 GMT Not After : Dec 23 06:00:31 2025 GMT Subject: CN=2f6943e8a8e910a7e23ed96c1b499e9db8879833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:33:d2:d9:9a:60:90:a0:ff:79:93:ff:80:83: 1f:bb:88:40:94:5d:d6:44:10:0e:0a:02:93:82:a1: 35:7a:84:46:b5:23:48:a1:b3:48:2c:6a:3c:6d:7d: 29:e3:3f:79:bd:eb:77:1b:37:07:1a:4f:81:aa:22: c1:08:e6:a9:eb:d6:d3:6c:10:c5:6b:70:f3:dd:de: bc:59:b0:0c:c7:cc:5a:b0:ae:f3:87:9d:c5:82:dc: 76:4a:34:a5:58:3e:ca:38:0e:46:14:d6:10:98:12: f7:e6:a1:d0:2b:de:3a:02:76:18:09:aa:f3:3f:9c: a3:e8:6e:71:6e:45:86:8c:df:82:f2:09:a1:ad:cf: 73:91:3c:40:7a:26:be:70:a0:50:be:47:69:c2:3b: cb:ec:ca:94:09:5a:d9:91:ce:0e:4f:c2:1e:b0:1e: 70:62:7c:ea:a7:32:18:18:e8:6a:af:75:06:26:e2: 7a:80:ee:03:ac:a9:38:a2:e3:26:61:5a:3b:95:ae: c0:40:6c:d1:9e:b2:f8:f4:ac:93:0a:ec:37:a8:11: 19:27:c2:c6:16:b9:60:a5:97:0b:3d:9f:2f:5b:29: db:82:39:2d:fe:b8:10:49:83:56:8f:3b:9f:2e:07: 73:75:89:34:84:e8:ef:3d:d4:7a:c2:bf:3b:b0:c5: 38:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:69:43:E8:A8:E9:10:A7:E2:3E:D9:6C:1B:49:9E:9D:B8:87:98:33 X509v3 Authority Key Identifier: keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:f0:2b:09:ba:a3:e0:b6:be:b9:3a:f9:aa:0f:b8:f4:61:7c: 7c:e8:ae:ba:88:2f:55:90:5b:ca:7f:36:c7:fa:94:00:b6:e7: 3b:05:ca:cc:6f:60:eb:05:1d:55:9b:29:b8:05:25:77:3a:ab: 34:8a:42:84:7c:f6:cc:30:2e:37:96:77:9e:92:b3:9d:ee:45: 48:ab:6c:1e:be:7b:c2:7e:f0:4a:20:03:fe:df:4b:66:c4:bc: 63:0c:18:9e:42:41:b5:6b:30:55:6b:8d:84:68:72:c7:fc:b4: 3c:2e:1c:63:0e:e1:91:83:34:e9:5f:f9:7f:fd:b0:f8:18:d5: af:b8:58:94:9b:a3:99:53:99:ff:a1:0a:db:95:eb:7e:bc:ed: bf:0b:e9:d5:9f:6a:1f:81:f0:c5:62:20:1d:37:88:5b:b6:9e: 50:4b:5c:36:75:9d:2d:80:26:1c:5b:66:22:b9:47:70:a5:01: f5:72:a9:f9:48:ed:ef:06:04:ae:e9:c1:d3:cc:e3:fc:23:0f: 65:0b:5d:a3:71:5f:be:a7:42:d6:3b:5f:50:07:e0:c8:c0:de: bf:2b:d2:f3:cb:d1:96:20:44:14:ec:6b:a1:b7:e7:3a:76:e7: c2:a3:4b:cb:13:82:95:91:03:21:a3:18:45:0d:83:8d:d3:20: fc:ed:c7:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpSHxM7S9ZWP+qxSS6JicMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh OTIxMjkwHhcNMjUxMjIyMDYwMDMxWhcNMjUxMjIzMDYwMDMxWjAzMTEwLwYDVQQD EygyZjY5NDNlOGE4ZTkxMGE3ZTIzZWQ5NmMxYjQ5OWU5ZGI4ODc5ODMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjPS2ZpgkKD/eZP/gIMfu4hAlF3W RBAOCgKTgqE1eoRGtSNIobNILGo8bX0p4z95vet3GzcHGk+BqiLBCOap69bTbBDF a3Dz3d68WbAMx8xasK7zh53Fgtx2SjSlWD7KOA5GFNYQmBL35qHQK946AnYYCarz P5yj6G5xbkWGjN+C8gmhrc9zkTxAeia+cKBQvkdpwjvL7MqUCVrZkc4OT8IesB5w YnzqpzIYGOhqr3UGJuJ6gO4DrKk4ouMmYVo7la7AQGzRnrL49KyTCuw3qBEZJ8LG FrlgpZcLPZ8vWynbgjkt/rgQSYNWjzufLgdzdYk0hOjvPdR6wr87sMU4uwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC9pQ+io6RCn4j7ZbBtJnp24h5gzMB8GA1UdIwQY MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4 LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPArCbqj 4La+uTr5qg+49GF8fOiuuogvVZBbyn82x/qUALbnOwXKzG9g6wUdVZspuAUldzqr NIpChHz2zDAuN5Z3npKzne5FSKtsHr57wn7wSiAD/t9LZsS8YwwYnkJBtWswVWuN hGhyx/y0PC4cYw7hkYM06V/5f/2w+BjVr7hYlJujmVOZ/6EK25Xrfrztvwvp1Z9q H4HwxWIgHTeIW7aeUEtcNnWdLYAmHFtmIrlHcKUB9XKp+Ujt7wYErunB08zj/CMP ZQtdo3FfvqdC1jtfUAfgyMDevyvS88vRliBEFOxrobfnOnbnwqNLyxOClZEDIaMY RQ2DjdMg/O3HRg== -----END CERTIFICATE-----Generated at Mon Dec 22 10:19:56 2025 by rpki-client