This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft File: aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft (raw, json) Hash identifier: u/LEf6lnwTNLfdqXmcKyk5/DP/j+HlJmJPUh3p8bR4I= Subject key identifier: E8:15:64:CC:78:38:38:07:C6:7D:0D:6F:41:F2:95:6B:D6:45:11:36 Authority key identifier: 68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71 Certificate issuer: /CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71 Certificate serial: 019B544F7C47646C02C996D240E32504C3C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft Manifest number: 0652 Signing time: Thu 25 Dec 2025 07:00:53 +0000 Manifest this update: Thu 25 Dec 2025 07:00:53 +0000 Manifest next update: Fri 26 Dec 2025 07:00:53 +0000 Files and hashes: 1: N-BSf874DQvK549b1pSEfsfJ-W8.roa (hash: bW40XSisvNpm05Mkk5fR9GiNdKpGc7uzNKkhrhBHqx4=) 2: aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl (hash: I0H2UBGpd880RNtqrhfGPwF7mxmxmc+y+zSB5fRgv0M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:4f:7c:47:64:6c:02:c9:96:d2:40:e3:25:04:c3:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f83e2a34145ad47e0cc2b3c79fc6312bae2c71 Validity Not Before: Dec 25 07:00:53 2025 GMT Not After : Dec 26 07:00:53 2025 GMT Subject: CN=e81564cc78383807c67d0d6f41f2956bd6451136 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c2:22:f8:26:1c:91:41:b6:0e:d9:da:b2:b5: f8:1a:d8:17:0e:f4:8d:0b:e0:f9:e1:f1:60:84:4b: 65:1e:a1:8b:1b:08:71:60:74:30:2b:a3:16:3d:86: af:48:a3:1d:3f:aa:ce:b1:fd:b0:47:87:1e:ab:2c: 70:63:8d:0b:15:c6:a0:ab:a7:e3:09:8b:3e:f0:6b: fb:25:66:28:65:34:8d:ec:24:48:83:b0:5f:e1:e5: f8:97:02:eb:f2:6f:71:5c:53:f6:71:f2:43:db:41: 48:e1:81:f1:d2:b8:e8:9a:1e:6f:b9:0a:17:b4:d0: 36:f8:88:f5:da:2e:3c:15:7c:d2:19:da:3d:3e:d9: 14:58:00:f8:99:8e:9a:c4:d7:88:ca:4d:52:f8:97: 03:2a:56:cb:0f:b8:93:00:24:7b:1e:78:5e:2b:5c: 20:1c:e2:89:8f:92:01:a4:4d:6c:b8:8e:c5:ad:81: e3:bc:5f:ff:02:b3:69:53:eb:ec:4d:d3:86:fd:26: 41:db:9b:b8:49:d6:2c:c4:6b:48:51:b7:69:b6:84: 9a:c0:11:e1:c6:74:52:5c:2b:90:01:9b:e0:9e:4a: 81:0a:57:34:e2:b8:c4:7a:7e:c1:38:5a:93:79:73: f9:ae:af:40:28:af:df:97:c9:fe:a7:a7:cc:86:a7: dc:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:15:64:CC:78:38:38:07:C6:7D:0D:6F:41:F2:95:6B:D6:45:11:36 X509v3 Authority Key Identifier: keyid:68:F8:3E:2A:34:14:5A:D4:7E:0C:C2:B3:C7:9F:C6:31:2B:AE:2C:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPg-KjQUWtR-DMKzx5_GMSuuLHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5e9f90-a6b0-4fd8-b8dd-792802c43925/1/aPg-KjQUWtR-DMKzx5_GMSuuLHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:70:32:80:dc:08:ab:3f:4b:b6:c3:d9:82:57:e0:28:fb:d5: 1e:9b:4d:ef:ba:18:8d:87:e1:0d:db:7b:2b:9e:19:2b:44:40: 36:d1:a5:a3:a2:4c:80:20:50:b8:ea:28:99:b0:2a:28:d1:ac: 16:48:5d:de:98:81:5c:1c:8d:d1:aa:36:fe:2f:a6:58:f2:aa: 51:0d:fc:04:80:5a:8a:8d:7a:6d:34:13:f0:e9:6f:3c:57:b8: 8e:c2:00:24:40:93:78:e1:cb:e3:64:33:55:f9:ab:b4:ca:83: cb:3a:fd:a1:a1:ac:f5:8b:dd:52:a1:84:a4:8a:a2:34:3c:75: 06:dc:0f:e2:83:97:69:9f:5d:32:74:5a:43:21:20:30:29:9d: 2e:0e:27:bd:70:87:8d:ba:26:cf:22:3a:ae:36:d4:8d:c1:7e: b9:18:60:d1:35:ed:30:38:db:33:9f:30:10:61:fa:71:b5:69: 60:2e:68:2e:61:7d:99:f6:2c:49:e8:44:cd:2e:8d:b5:3a:21: c6:39:3b:06:00:ed:90:b6:08:d2:7c:7f:79:f0:5d:b7:5e:0f: 40:45:53:fb:10:f9:80:8b:49:3f:d5:8f:22:b8:d6:d8:01:22: f1:c2:d4:5c:2e:a2:c2:76:e1:6a:d0:b6:39:a5:4f:33:64:74: 4b:69:58:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUT3xHZGwCyZbSQOMlBMPIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjgzZTJhMzQxNDVhZDQ3ZTBjYzJiM2M3OWZjNjMxMmJh ZTJjNzEwHhcNMjUxMjI1MDcwMDUzWhcNMjUxMjI2MDcwMDUzWjAzMTEwLwYDVQQD EyhlODE1NjRjYzc4MzgzODA3YzY3ZDBkNmY0MWYyOTU2YmQ2NDUxMTM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMIi+CYckUG2DtnasrX4GtgXDvSN C+D54fFghEtlHqGLGwhxYHQwK6MWPYavSKMdP6rOsf2wR4ceqyxwY40LFcagq6fj CYs+8Gv7JWYoZTSN7CRIg7Bf4eX4lwLr8m9xXFP2cfJD20FI4YHx0rjomh5vuQoX tNA2+Ij12i48FXzSGdo9PtkUWAD4mY6axNeIyk1S+JcDKlbLD7iTACR7HnheK1wg HOKJj5IBpE1suI7FrYHjvF//ArNpU+vsTdOG/SZB25u4SdYsxGtIUbdptoSawBHh xnRSXCuQAZvgnkqBClc04rjEen7BOFqTeXP5rq9AKK/fl8n+p6fMhqfcuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOgVZMx4ODgHxn0Nb0HylWvWRRE2MB8GA1UdIwQY MBaAFGj4Pio0FFrUfgzCs8efxjErrixxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQt NzkyODAyYzQzOTI1LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy81ZTlmOTAtYTZiMC00ZmQ4LWI4ZGQtNzkyODAyYzQzOTI1 LzEvYVBnLUtqUVVXdFItRE1Leng1X0dNU3V1TEhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbnAygNwI qz9LtsPZglfgKPvVHptN77oYjYfhDdt7K54ZK0RANtGlo6JMgCBQuOoombAqKNGs Fkhd3piBXByN0ao2/i+mWPKqUQ38BIBaio16bTQT8OlvPFe4jsIAJECTeOHL42Qz VfmrtMqDyzr9oaGs9YvdUqGEpIqiNDx1BtwP4oOXaZ9dMnRaQyEgMCmdLg4nvXCH jbomzyI6rjbUjcF+uRhg0TXtMDjbM58wEGH6cbVpYC5oLmF9mfYsSehEzS6NtToh xjk7BgDtkLYI0nx/efBdt14PQEVT+xD5gItJP9WPIrjW2AEi8cLUXC6iwnbhatC2 OaVPM2R0S2lY9w== -----END CERTIFICATE-----Generated at Thu Dec 25 12:48:08 2025 by rpki-client