This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json) Hash identifier: KI4NBZcmD4H1b3vncZ6iz3e86WB3Z2PViutsH7Wk2L4= Subject key identifier: F1:53:C9:12:87:35:C2:9E:5A:88:19:2F:E5:85:D0:E2:6F:0A:99:34 Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50 Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450 Certificate serial: 019B729252A2C0927A692B4FE02FE0BD83E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft Manifest number: 17A6 Signing time: Wed 31 Dec 2025 04:02:30 +0000 Manifest this update: Wed 31 Dec 2025 04:02:30 +0000 Manifest next update: Thu 01 Jan 2026 04:02:30 +0000 Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=) 2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: ynAcBldwHUjxPO62s4kWGoLlgHbaWETkJlzE4jqNMaQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:72:92:52:a2:c0:92:7a:69:2b:4f:e0:2f:e0:bd:83:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450 Validity Not Before: Dec 31 04:02:30 2025 GMT Not After : Jan 1 04:02:30 2026 GMT Subject: CN=f153c9128735c29e5a88192fe585d0e26f0a9934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:41:17:c4:f1:c1:de:8c:64:5f:3b:7d:7d:76: f7:14:f5:0b:9c:26:6a:88:46:9b:b6:b8:0b:79:16: 71:1f:60:2f:60:72:8c:06:39:94:2d:be:5f:ee:88: b4:76:d9:96:63:be:a8:e7:a0:bd:d2:20:1c:4f:1f: a2:d3:4a:8f:6d:d8:c9:41:1f:18:ed:61:1f:cb:15: ec:a7:8b:ff:d6:3f:e4:a3:64:a0:58:93:4e:73:4a: dc:89:9e:a5:f6:97:1a:d7:9f:a2:e5:cf:1c:2b:d3: 2c:d3:20:f7:33:61:92:e7:6f:03:31:bd:58:6f:2a: a2:da:ad:2a:24:c1:b0:88:70:e0:c7:ac:15:af:c7: 7d:51:e4:81:1a:bd:7d:34:de:ed:79:f8:05:01:41: 4b:fd:11:72:36:40:51:1b:a4:a2:ef:83:09:13:04: 1c:22:00:c9:3d:dc:6d:81:ad:eb:47:23:30:d3:ce: 82:2a:06:12:56:05:6e:89:dc:f6:fc:aa:0a:a0:a0: 83:dc:a6:af:53:a3:74:39:39:3d:99:d6:df:a3:9b: bf:ba:e1:c9:bb:71:9c:89:fa:2b:10:e0:84:75:6e: f3:74:d6:8e:13:9a:b0:84:b2:9e:52:0a:91:a0:4c: 71:3b:2f:56:d0:b5:7c:ca:97:d6:01:72:88:3e:a4: 5d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:53:C9:12:87:35:C2:9E:5A:88:19:2F:E5:85:D0:E2:6F:0A:99:34 X509v3 Authority Key Identifier: keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:af:f2:be:20:80:0c:4d:5c:ff:5c:57:be:19:b2:5a:63:fd: 3d:5d:c5:33:3e:9b:57:55:15:79:44:7c:22:8d:4d:2c:43:c8: c9:29:4e:29:c8:c3:21:e0:7a:f0:03:23:06:3a:f9:8f:00:62: d5:a2:ba:be:64:99:af:d6:49:3e:58:55:c2:fb:08:a1:42:f4: 8c:a3:4f:d9:84:d9:05:75:4b:8c:fe:9a:9a:ef:a6:fc:12:c7: c0:58:0c:3f:d4:88:dc:91:98:9d:f8:52:2e:d7:3e:11:4b:fb: fc:49:e2:b4:f3:5c:5f:17:cb:48:61:38:91:41:09:d4:bc:42: 32:19:14:00:05:6e:ae:3a:10:f5:0a:79:c9:80:d8:98:92:04: df:6c:76:82:fb:8d:7b:a8:5a:01:00:78:ca:f2:1d:57:15:e8: e4:08:15:89:dc:a5:47:01:37:65:31:b4:fe:d7:f5:45:f4:d4: 68:ea:a0:91:5c:5a:3f:49:48:1e:ad:81:b5:ce:48:79:03:8d: 8b:43:7f:da:fa:0b:5c:cb:83:c5:64:ca:bd:e4:c9:5e:7f:f2: 15:69:27:af:0b:c4:1e:7f:92:05:56:bb:15:41:a8:30:7f:08: a3:0b:a1:96:1e:b7:ba:2b:d7:7b:06:b0:5f:5c:f7:a5:37:90: c2:ff:f8:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtyklKiwJJ6aStP4C/gvYPmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx YmE0NTAwHhcNMjUxMjMxMDQwMjMwWhcNMjYwMTAxMDQwMjMwWjAzMTEwLwYDVQQD EyhmMTUzYzkxMjg3MzVjMjllNWE4ODE5MmZlNTg1ZDBlMjZmMGE5OTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEEXxPHB3oxkXzt9fXb3FPULnCZq iEabtrgLeRZxH2AvYHKMBjmULb5f7oi0dtmWY76o56C90iAcTx+i00qPbdjJQR8Y 7WEfyxXsp4v/1j/ko2SgWJNOc0rciZ6l9pca15+i5c8cK9Ms0yD3M2GS528DMb1Y byqi2q0qJMGwiHDgx6wVr8d9UeSBGr19NN7tefgFAUFL/RFyNkBRG6Si74MJEwQc IgDJPdxtga3rRyMw086CKgYSVgVuidz2/KoKoKCD3KavU6N0OTk9mdbfo5u/uuHJ u3GciforEOCEdW7zdNaOE5qwhLKeUgqRoExxOy9W0LV8ypfWAXKIPqRddwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPFTyRKHNcKeWogZL+WF0OJvCpk0MB8GA1UdIwQY MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1 LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD6/yviCA DE1c/1xXvhmyWmP9PV3FMz6bV1UVeUR8Io1NLEPIySlOKcjDIeB68AMjBjr5jwBi 1aK6vmSZr9ZJPlhVwvsIoUL0jKNP2YTZBXVLjP6amu+m/BLHwFgMP9SI3JGYnfhS Ltc+EUv7/EnitPNcXxfLSGE4kUEJ1LxCMhkUAAVurjoQ9Qp5yYDYmJIE32x2gvuN e6haAQB4yvIdVxXo5AgVidylRwE3ZTG0/tf1RfTUaOqgkVxaP0lIHq2Btc5IeQON i0N/2voLXMuDxWTKveTJXn/yFWknrwvEHn+SBVa7FUGoMH8Iowuhlh63uivXewaw X1z3pTeQwv/4qQ== -----END CERTIFICATE-----Generated at Wed Dec 31 05:21:46 2025 by rpki-client