This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft File: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json) Hash identifier: r+39Vwlfvi2iQ0Ro7zue1j+KQaiX1wIpIdsEptW/tkM= Subject key identifier: 9C:A5:10:6A:7A:29:C1:02:5F:15:73:8E:8B:87:BD:EF:79:7F:DF:DA Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB Certificate issuer: /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb Certificate serial: 019B32D61B91E809E6978E92B99EF8AF9E82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft Manifest number: 0388 Signing time: Thu 18 Dec 2025 19:00:51 +0000 Manifest this update: Thu 18 Dec 2025 19:00:51 +0000 Manifest next update: Fri 19 Dec 2025 19:00:51 +0000 Files and hashes: 1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: rRXQLCF4QdlWdZG+y5eCnj921iXo87Pzw84kIDhdhmI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:1b:91:e8:09:e6:97:8e:92:b9:9e:f8:af:9e:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb Validity Not Before: Dec 18 19:00:51 2025 GMT Not After : Dec 19 19:00:51 2025 GMT Subject: CN=9ca5106a7a29c1025f15738e8b87bdef797fdfda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ee:b7:6a:9a:14:32:49:cc:aa:8a:44:87:2a: 55:be:36:60:d5:01:d0:57:5e:07:6c:30:9e:47:7a: 54:51:4e:8e:2a:be:56:1a:5d:37:f9:b2:5e:bc:45: 90:a7:6b:73:b2:41:75:0b:bf:94:ec:aa:07:87:61: 12:a9:6f:66:9b:5f:63:5a:5e:a3:4f:81:dd:b7:cc: be:19:91:63:3a:7d:d9:41:ef:8c:70:65:a3:a7:2b: d8:93:65:7b:88:d9:fe:19:50:64:0d:dc:77:3c:3d: 22:25:5c:62:dc:42:a8:dd:5c:ec:e6:aa:fe:7c:b0: 25:63:3f:9b:bc:22:5e:28:f2:59:c8:22:a8:0d:9c: 8e:42:a2:7b:97:54:ad:c1:1a:26:53:c3:f5:98:37: 54:36:07:a8:c3:fe:3a:e9:d4:ee:a5:0b:e3:0f:dd: 11:25:05:04:57:0d:2d:78:dd:46:3f:00:28:e7:eb: 21:7d:42:cd:43:b1:5c:b6:f9:89:41:40:7d:86:38: 25:46:94:3a:03:77:6f:aa:b2:a4:ed:7d:f8:bf:82: 4f:36:9a:66:0e:c8:0e:20:e1:53:2b:93:45:1c:d6: 78:31:90:1b:69:88:56:27:91:bf:78:70:22:c3:a0: b2:f7:4e:c8:4d:f0:9f:00:3a:29:a3:8a:f4:4c:00: 50:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A5:10:6A:7A:29:C1:02:5F:15:73:8E:8B:87:BD:EF:79:7F:DF:DA X509v3 Authority Key Identifier: keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:ff:a7:28:90:4c:1b:2c:2c:7d:16:8b:81:d9:f1:7e:fe:5d: ee:75:5b:6a:bf:ce:65:fa:f2:d5:90:d5:11:3b:48:31:d3:0a: d1:33:44:64:51:40:7d:bf:52:4f:23:b2:ea:f6:86:92:50:01: 52:cc:6b:0f:80:9d:d7:62:79:94:42:1a:68:19:52:95:e2:a3: 1c:f0:3f:44:22:73:50:c0:69:5b:1f:0c:a9:37:fa:07:30:0e: 1b:d0:95:ee:d3:bc:78:68:68:c2:89:75:4d:ce:0f:b0:10:85: 88:ff:69:7f:1d:b8:4f:23:94:99:51:46:1e:68:27:1f:f8:a4: c7:14:65:50:a8:31:a3:fa:28:a7:97:19:78:d7:02:d2:95:5e: dc:f1:96:6e:78:bc:ab:f5:0e:6c:ef:a9:66:a9:5b:b4:4f:24: e7:89:36:5e:0c:4f:7f:30:52:09:d9:05:bd:5b:f6:c5:2b:b1: 63:44:e1:f3:d4:d4:ff:a0:95:46:09:79:96:db:5e:77:c1:e2: a6:70:f3:5a:86:30:17:f2:86:9e:36:e9:f4:c7:db:b7:8c:ae: a2:30:4f:00:bb:12:d3:9d:d6:54:39:b4:e3:de:67:a7:67:6a: bc:f8:11:f6:94:3c:11:e1:8f:b5:60:52:01:38:70:44:cd:db: 1f:e7:11:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1huR6Anml46SuZ74r56CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5 MTkzZmIwHhcNMjUxMjE4MTkwMDUxWhcNMjUxMjE5MTkwMDUxWjAzMTEwLwYDVQQD Eyg5Y2E1MTA2YTdhMjljMTAyNWYxNTczOGU4Yjg3YmRlZjc5N2ZkZmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu63apoUMknMqopEhypVvjZg1QHQ V14HbDCeR3pUUU6OKr5WGl03+bJevEWQp2tzskF1C7+U7KoHh2ESqW9mm19jWl6j T4Hdt8y+GZFjOn3ZQe+McGWjpyvYk2V7iNn+GVBkDdx3PD0iJVxi3EKo3Vzs5qr+ fLAlYz+bvCJeKPJZyCKoDZyOQqJ7l1StwRomU8P1mDdUNgeow/466dTupQvjD90R JQUEVw0teN1GPwAo5+shfULNQ7FctvmJQUB9hjglRpQ6A3dvqrKk7X34v4JPNppm DsgOIOFTK5NFHNZ4MZAbaYhWJ5G/eHAiw6Cy907ITfCfADopo4r0TABQGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJylEGp6KcECXxVzjouHve95f9/aMB8GA1UdIwQY MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2 LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUv+nKJBM GywsfRaLgdnxfv5d7nVbar/OZfry1ZDVETtIMdMK0TNEZFFAfb9STyOy6vaGklAB UsxrD4Cd12J5lEIaaBlSleKjHPA/RCJzUMBpWx8MqTf6BzAOG9CV7tO8eGhowol1 Tc4PsBCFiP9pfx24TyOUmVFGHmgnH/ikxxRlUKgxo/oop5cZeNcC0pVe3PGWbni8 q/UObO+pZqlbtE8k54k2XgxPfzBSCdkFvVv2xSuxY0Th89TU/6CVRgl5ltted8Hi pnDzWoYwF/KGnjbp9Mfbt4yuojBPALsS053WVDm0495np2dqvPgR9pQ8EeGPtWBS AThwRM3bH+cRMQ== -----END CERTIFICATE-----Generated at Thu Dec 18 23:27:18 2025 by rpki-client