This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft File: AyHqOVCODhemUf6SrCnqOIMtC_8.mft (raw, json) Hash identifier: pkGoBowZ8LXLttNhFAPz7OU3pijTm+fQVgZaQBDlHrc= Subject key identifier: 19:BE:4A:55:3D:17:10:D8:87:37:11:8B:B5:AC:CC:09:48:E7:45:A2 Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF Certificate issuer: /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Certificate serial: 019B0E926BFE4FBDFBB932AEA54DFC6E913B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft Manifest number: 160E Signing time: Thu 11 Dec 2025 18:00:35 +0000 Manifest this update: Thu 11 Dec 2025 18:00:35 +0000 Manifest next update: Fri 12 Dec 2025 18:00:35 +0000 Files and hashes: 1: AyHqOVCODhemUf6SrCnqOIMtC_8.crl (hash: ErWy9pDqr/42X+bEzN13Qp5itNcXJSiVuoIByq4BwoY=) 2: bOONrlZHdROoIahZ7NmIjgIdExM.roa (hash: 1aT2l6/v3aO2MOldiF+P6gsdMx47ItIcMI7fEC/C0L0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:6b:fe:4f:bd:fb:b9:32:ae:a5:4d:fc:6e:91:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Validity Not Before: Dec 11 18:00:35 2025 GMT Not After : Dec 12 18:00:35 2025 GMT Subject: CN=19be4a553d1710d88737118bb5accc0948e745a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2f:b5:39:a8:2b:19:a5:55:df:da:5d:37:fc: 0b:75:0b:62:50:39:04:3c:4b:c4:72:db:cb:a1:c6: 52:98:e6:19:60:57:02:cf:a4:47:b5:e9:80:19:fe: e4:66:a9:d2:c2:75:90:da:72:83:62:da:a9:23:83: b0:55:7a:19:83:09:79:f8:4a:84:a8:fa:79:ef:a4: ab:85:b7:c7:70:79:65:0a:ac:e5:ba:f4:08:1d:b0: 63:00:cf:67:ec:65:fa:4b:7f:dd:ee:e6:98:a8:19: de:3d:df:7d:07:c8:94:09:80:dd:6d:c7:9b:5f:52: ff:48:2c:0a:11:07:fb:74:fa:2e:0c:84:d4:63:b3: ed:de:53:af:d6:f7:02:4f:fb:a5:47:46:36:cc:82: 76:aa:28:03:8d:2d:4f:bb:f4:9e:6a:94:09:01:76: d7:be:5a:82:ac:aa:e3:9f:a5:0d:3f:51:84:7b:c7: d9:1b:95:93:02:7c:41:10:8e:69:a0:d4:88:a5:da: db:70:e5:35:ef:65:fe:88:66:99:0b:fd:88:78:b6: 48:79:57:f5:79:42:9a:6b:ed:d3:f5:3e:16:ee:1d: 26:56:6b:c6:2a:40:9d:c7:21:3e:0f:50:60:e3:60: 05:1d:9b:29:ca:2a:20:dc:08:2b:c7:82:24:7e:a9: 4e:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:BE:4A:55:3D:17:10:D8:87:37:11:8B:B5:AC:CC:09:48:E7:45:A2 X509v3 Authority Key Identifier: keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:2d:ba:81:1a:78:56:ef:bc:1c:83:6b:65:39:a1:d7:3b:01: 76:4f:e6:9d:fd:2c:97:9a:71:f8:a4:5d:13:96:8f:4d:38:65: 68:7b:4f:19:33:02:27:55:af:ae:da:b6:b6:cc:23:0f:d8:c4: e4:7e:50:c4:a6:cb:f6:e9:30:1c:f1:3f:85:69:4a:1c:1b:28: ba:f9:12:80:12:30:b1:b3:29:3c:93:68:43:73:b5:ce:b5:e1: ea:33:fe:e3:c5:4d:60:df:69:50:14:60:38:e9:14:9a:c8:5e: e0:06:74:3e:68:6b:8d:af:7f:a0:be:60:a9:66:73:18:d2:36: 95:4a:56:54:cc:d4:af:82:58:ae:9f:f2:ee:c7:fd:93:b5:fd: 90:db:f9:f6:a3:37:1b:22:11:60:2a:28:b8:51:7e:33:6a:97: 74:15:5e:df:c6:3a:dc:92:bd:ae:2f:f3:17:07:79:0b:41:79: ec:f2:f1:b8:2f:51:e0:a4:52:65:6a:a9:00:73:01:e4:12:b0: 90:b3:0e:b5:f8:d7:bc:39:6b:57:11:ca:09:a3:46:5a:48:9d: da:a9:4b:d7:af:b6:31:64:f5:90:3e:e9:36:c2:3b:9a:8e:2f: 51:1e:45:b6:ba:91:f0:7f:aa:dd:dd:58:09:00:37:e6:4c:e3: b2:e6:06:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOkmv+T737uTKupU38bpE7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMjFlYTM5NTA4ZTBlMTdhNjUxZmU5MmFjMjllYTM4ODMy ZDBiZmYwHhcNMjUxMjExMTgwMDM1WhcNMjUxMjEyMTgwMDM1WjAzMTEwLwYDVQQD EygxOWJlNGE1NTNkMTcxMGQ4ODczNzExOGJiNWFjY2MwOTQ4ZTc0NWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C+1OagrGaVV39pdN/wLdQtiUDkE PEvEctvLocZSmOYZYFcCz6RHtemAGf7kZqnSwnWQ2nKDYtqpI4OwVXoZgwl5+EqE qPp576SrhbfHcHllCqzluvQIHbBjAM9n7GX6S3/d7uaYqBnePd99B8iUCYDdbceb X1L/SCwKEQf7dPouDITUY7Pt3lOv1vcCT/ulR0Y2zIJ2qigDjS1Pu/SeapQJAXbX vlqCrKrjn6UNP1GEe8fZG5WTAnxBEI5poNSIpdrbcOU172X+iGaZC/2IeLZIeVf1 eUKaa+3T9T4W7h0mVmvGKkCdxyE+D1Bg42AFHZspyiog3Agrx4IkfqlOzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBm+SlU9FxDYhzcRi7WszAlI50WiMB8GA1UdIwQY MBaAFAMh6jlQjg4XplH+kqwp6jiDLQv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQt OGNmODA1NTExMDAyLzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQtOGNmODA1NTExMDAy LzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoS26gRp4 Vu+8HINrZTmh1zsBdk/mnf0sl5px+KRdE5aPTThlaHtPGTMCJ1Wvrtq2tswjD9jE 5H5QxKbL9ukwHPE/hWlKHBsouvkSgBIwsbMpPJNoQ3O1zrXh6jP+48VNYN9pUBRg OOkUmshe4AZ0Pmhrja9/oL5gqWZzGNI2lUpWVMzUr4JYrp/y7sf9k7X9kNv59qM3 GyIRYCoouFF+M2qXdBVe38Y63JK9ri/zFwd5C0F57PLxuC9R4KRSZWqpAHMB5BKw kLMOtfjXvDlrVxHKCaNGWkid2qlL16+2MWT1kD7pNsI7mo4vUR5FtrqR8H+q3d1Y CQA35kzjsuYGoQ== -----END CERTIFICATE-----Generated at Thu Dec 11 23:13:32 2025 by rpki-client