This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft File: aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json) Hash identifier: xkmljTZTrpg0t4ZHQ6f246bMMq/jceQQPqQ71YnjtWQ= Subject key identifier: B3:8D:23:5E:16:2F:79:9F:5C:8C:0F:74:C1:A6:47:06:66:0F:D2:54 Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 Certificate issuer: /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Certificate serial: 019B27E4C288C10A760211D713A95B29949E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft Manifest number: 0E97 Signing time: Tue 16 Dec 2025 16:01:01 +0000 Manifest this update: Tue 16 Dec 2025 16:01:01 +0000 Manifest next update: Wed 17 Dec 2025 16:01:01 +0000 Files and hashes: 1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: D1sAhfRbsG6UEGLRL38HAzektiDeFYoVTRMaLY4/EOs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:e4:c2:88:c1:0a:76:02:11:d7:13:a9:5b:29:94:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1 Validity Not Before: Dec 16 16:01:01 2025 GMT Not After : Dec 17 16:01:01 2025 GMT Subject: CN=b38d235e162f799f5c8c0f74c1a64706660fd254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:95:da:63:8e:58:b3:de:d2:13:34:44:fe:c5: c4:c3:3e:84:a6:12:0e:de:17:a4:0c:a6:7b:1d:7c: 0f:fd:76:c0:a6:a2:76:a3:2d:a3:4d:08:f8:2e:b8: ba:74:49:43:b0:09:15:fd:04:62:e0:67:3f:71:9d: 5b:33:8c:e0:74:eb:1d:3c:52:5c:f6:9a:33:76:00: 26:eb:ab:cb:36:6e:3a:10:63:56:44:4c:cc:2d:12: b5:0b:01:07:3a:f8:8d:5f:69:6b:de:a0:66:ed:c1: c2:36:a5:1a:6c:2c:bc:64:66:2f:60:77:d7:cc:7c: 9a:a4:05:ed:62:d3:05:f2:c7:9a:66:87:22:8d:e5: b5:6a:c2:f3:96:1d:c9:24:e7:98:5c:30:9b:1b:6d: fe:b7:53:2b:28:4d:5d:92:21:5f:de:48:06:f2:f1: 5d:6d:42:78:45:46:32:cf:ea:76:d4:71:24:e6:27: 4a:ff:9d:85:8e:ce:24:89:5c:d8:37:6e:d1:0a:70: ee:c0:46:29:1f:40:70:c5:ff:c4:49:1d:f1:35:70: 62:a5:be:97:5e:fb:9a:ef:c5:39:e8:68:f9:0a:41: be:d9:45:41:a4:49:ee:7e:a2:59:88:de:fe:af:f2: 54:43:bb:47:5a:f6:96:f4:49:84:da:a7:8c:91:74: 17:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:8D:23:5E:16:2F:79:9F:5C:8C:0F:74:C1:A6:47:06:66:0F:D2:54 X509v3 Authority Key Identifier: keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:1a:58:1a:cf:a1:58:7d:5d:d0:0d:f7:06:51:2a:c2:85:2d: bf:f6:85:60:80:88:41:ce:e1:44:98:c6:eb:ab:22:33:31:2d: 87:d8:7e:b0:e1:98:00:c9:76:74:a1:b0:83:f5:26:31:fb:30: b3:16:a4:e9:fe:8c:e6:23:ec:15:49:29:0e:e3:83:54:51:c0: 4f:d8:f4:98:b6:4d:00:1e:ea:e4:41:54:79:1a:81:6e:05:56: 1d:23:65:de:e0:ad:ee:5d:44:fa:5c:b7:0a:83:9d:24:62:4c: d9:d4:86:1d:b5:3c:05:1e:38:4b:7f:b6:78:81:25:68:2d:2e: 60:02:a7:e0:03:26:35:f3:f7:e6:2c:be:b7:a6:30:6b:07:3a: 84:db:87:0b:78:fb:9d:59:9b:92:87:7c:87:7c:c0:12:93:11: 2a:dd:5c:be:68:49:c7:c7:ca:f0:7a:a9:73:7a:ac:58:a4:b9: 43:49:0b:da:00:0b:d7:1a:b5:a4:40:95:ee:18:e7:c8:46:0e: 26:ef:97:d7:42:30:68:b1:3e:33:75:ae:59:4a:f1:20:d3:74: 6a:f4:27:cc:79:c9:f8:c2:2d:e2:05:b0:19:2f:b3:36:91:ed: 58:f5:aa:e4:e0:23:2e:b8:cf:48:92:e4:bf:d1:40:77:d4:5e: 63:59:a1:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsn5MKIwQp2AhHXE6lbKZSeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1 OTYwYTEwHhcNMjUxMjE2MTYwMTAxWhcNMjUxMjE3MTYwMTAxWjAzMTEwLwYDVQQD EyhiMzhkMjM1ZTE2MmY3OTlmNWM4YzBmNzRjMWE2NDcwNjY2MGZkMjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZXaY45Ys97SEzRE/sXEwz6EphIO 3hekDKZ7HXwP/XbApqJ2oy2jTQj4Lri6dElDsAkV/QRi4Gc/cZ1bM4zgdOsdPFJc 9pozdgAm66vLNm46EGNWREzMLRK1CwEHOviNX2lr3qBm7cHCNqUabCy8ZGYvYHfX zHyapAXtYtMF8seaZocijeW1asLzlh3JJOeYXDCbG23+t1MrKE1dkiFf3kgG8vFd bUJ4RUYyz+p21HEk5idK/52Fjs4kiVzYN27RCnDuwEYpH0Bwxf/ESR3xNXBipb6X Xvua78U56Gj5CkG+2UVBpEnufqJZiN7+r/JUQ7tHWvaW9EmE2qeMkXQX3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLONI14WL3mfXIwPdMGmRwZmD9JUMB8GA1UdIwQY MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACBpYGs+h WH1d0A33BlEqwoUtv/aFYICIQc7hRJjG66siMzEth9h+sOGYAMl2dKGwg/UmMfsw sxak6f6M5iPsFUkpDuODVFHAT9j0mLZNAB7q5EFUeRqBbgVWHSNl3uCt7l1E+ly3 CoOdJGJM2dSGHbU8BR44S3+2eIElaC0uYAKn4AMmNfP35iy+t6Ywawc6hNuHC3j7 nVmbkod8h3zAEpMRKt1cvmhJx8fK8Hqpc3qsWKS5Q0kL2gAL1xq1pECV7hjnyEYO Ju+X10IwaLE+M3WuWUrxINN0avQnzHnJ+MIt4gWwGS+zNpHtWPWq5OAjLrjPSJLk v9FAd9ReY1mhOg== -----END CERTIFICATE-----Generated at Tue Dec 16 23:19:28 2025 by rpki-client