This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft File: aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json) Hash identifier: b905euxJfEDznbV8/echhB2aKxyxkA0oP65cpY1MBvo= Subject key identifier: B0:EE:26:47:5E:17:7C:1A:56:0B:95:13:F3:1B:DE:37:87:3C:E8:7F Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76 Certificate issuer: /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976 Certificate serial: 019B5A88CC96665B4D2CFC2757DB565E7415 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft Manifest number: 0399 Signing time: Fri 26 Dec 2025 12:01:13 +0000 Manifest this update: Fri 26 Dec 2025 12:01:13 +0000 Manifest next update: Sat 27 Dec 2025 12:01:13 +0000 Files and hashes: 1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: VE/Q6wD2ijjaiGcIEzW6eTXq7sue4icx6ApeSWMVKZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:cc:96:66:5b:4d:2c:fc:27:57:db:56:5e:74:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976 Validity Not Before: Dec 26 12:01:13 2025 GMT Not After : Dec 27 12:01:13 2025 GMT Subject: CN=b0ee26475e177c1a560b9513f31bde37873ce87f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:03:e0:37:73:e7:6f:1d:e5:75:64:00:b6:46: fd:8c:58:c4:8d:5e:f6:33:87:3e:b7:85:52:eb:19: 43:fa:57:ab:44:be:c9:4a:aa:a0:de:ae:bd:f0:c5: 3c:c8:02:a5:c5:b9:86:e2:fb:9d:bc:69:a4:ef:65: 62:90:11:1a:40:f1:06:43:5b:f0:0d:b3:e5:5e:7f: 3c:34:35:aa:e4:c0:61:3f:ea:c4:4a:34:7c:8d:b8: 59:72:be:e8:ba:e1:b6:cb:8d:87:da:4e:a1:7b:13: 01:07:9e:25:94:64:9f:af:0b:4f:e5:ea:7b:9a:78: 42:39:bb:57:84:c3:59:14:cb:da:b0:b5:3c:e8:0a: a2:d6:e5:ef:3c:b6:f3:98:4c:d0:38:6d:da:9f:05: 92:18:2d:bd:f5:1e:25:69:bf:3d:e7:92:73:60:ce: 9b:28:68:c3:04:54:a9:45:34:53:9b:e1:4b:4e:51: 33:1f:4a:5c:dd:03:12:42:a2:b1:cc:07:a4:46:3f: f5:85:df:32:02:0e:99:f1:d9:39:14:42:30:f7:d4: 44:56:14:eb:b8:57:34:91:1f:7f:eb:e8:e9:84:e3: 58:ed:35:38:52:d8:f5:41:cd:d3:76:70:08:ed:a1: 3e:1f:a4:5b:9a:d3:52:08:76:fb:61:a0:ee:28:62: 9b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:EE:26:47:5E:17:7C:1A:56:0B:95:13:F3:1B:DE:37:87:3C:E8:7F X509v3 Authority Key Identifier: keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:90:7e:af:3b:e3:c2:91:98:43:c5:49:74:0a:18:29:c0:90: 7b:99:2a:e8:77:6a:aa:17:3e:1e:65:cd:da:b9:c5:24:11:67: f8:62:f1:6a:a8:85:89:c8:01:d5:2f:5d:89:00:c0:99:f7:3d: 74:57:fc:9d:00:99:84:64:2f:57:3d:1a:65:5d:56:9d:0b:cb: 5b:8c:af:44:c0:30:16:19:b4:86:4f:62:fb:4d:b0:4b:f8:d8: f4:d4:ff:3f:87:f3:14:aa:5a:46:f1:3e:9c:38:c9:06:1d:27: de:f1:fe:43:df:03:c8:ea:85:a8:40:1e:75:2e:97:65:d2:09: 33:c9:45:90:12:a3:d0:9c:f0:da:51:ea:65:80:39:7d:a8:d5: 2e:73:1f:a4:53:94:42:90:7f:66:dc:82:ec:e4:7b:77:c3:1b: 0f:b7:52:d5:fa:23:b4:fa:38:de:81:f7:35:ff:0e:b3:b7:d4: 69:a2:81:e8:56:b1:75:25:fe:12:f8:2d:d3:a6:0b:67:8c:d9: f0:30:a4:de:d6:f2:09:25:06:1a:19:88:e5:e1:3b:52:e6:70: b4:38:d5:10:31:31:b7:97:41:1e:0a:a3:91:2c:e8:6c:ee:37: 86:c1:7f:9d:6d:83:e5:00:60:3d:cf:c1:7a:7b:74:29:fa:f2: 19:63:7f:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiMyWZltNLPwnV9tWXnQVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4 MDU5NzYwHhcNMjUxMjI2MTIwMTEzWhcNMjUxMjI3MTIwMTEzWjAzMTEwLwYDVQQD EyhiMGVlMjY0NzVlMTc3YzFhNTYwYjk1MTNmMzFiZGUzNzg3M2NlODdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQPgN3Pnbx3ldWQAtkb9jFjEjV72 M4c+t4VS6xlD+lerRL7JSqqg3q698MU8yAKlxbmG4vudvGmk72VikBEaQPEGQ1vw DbPlXn88NDWq5MBhP+rESjR8jbhZcr7ouuG2y42H2k6hexMBB54llGSfrwtP5ep7 mnhCObtXhMNZFMvasLU86Aqi1uXvPLbzmEzQOG3anwWSGC299R4lab8955JzYM6b KGjDBFSpRTRTm+FLTlEzH0pc3QMSQqKxzAekRj/1hd8yAg6Z8dk5FEIw99REVhTr uFc0kR9/6+jphONY7TU4Utj1Qc3TdnAI7aE+H6RbmtNSCHb7YaDuKGKbNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLDuJkdeF3waVguVE/Mb3jeHPOh/MB8GA1UdIwQY MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpB+rzvj wpGYQ8VJdAoYKcCQe5kq6Hdqqhc+HmXN2rnFJBFn+GLxaqiFicgB1S9diQDAmfc9 dFf8nQCZhGQvVz0aZV1WnQvLW4yvRMAwFhm0hk9i+02wS/jY9NT/P4fzFKpaRvE+ nDjJBh0n3vH+Q98DyOqFqEAedS6XZdIJM8lFkBKj0Jzw2lHqZYA5fajVLnMfpFOU QpB/ZtyC7OR7d8MbD7dS1fojtPo43oH3Nf8Os7fUaaKB6FaxdSX+Evgt06YLZ4zZ 8DCk3tbyCSUGGhmI5eE7UuZwtDjVEDExt5dBHgqjkSzobO43hsF/nW2D5QBgPc/B ent0KfryGWN/pA== -----END CERTIFICATE-----Generated at Fri Dec 26 17:40:26 2025 by rpki-client