This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json) Hash identifier: fzE4lhihQ7imJIDyM82mzFPfc/kv/XJqdZXnDrjIISQ= Subject key identifier: 65:BB:0C:A9:C2:CE:06:5C:EB:17:D0:EA:1E:3F:04:B5:0A:89:38:80 Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Certificate serial: 019B50E0ADE62E3FAAB8F939FD6630E5FCAF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft Manifest number: 0B83 Signing time: Wed 24 Dec 2025 15:01:00 +0000 Manifest this update: Wed 24 Dec 2025 15:01:00 +0000 Manifest next update: Thu 25 Dec 2025 15:01:00 +0000 Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: 5lfc8Kim4jZzYsTzqDx8RRm6BndiJTZ4PKUxlZiL+VI=) 2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:e0:ad:e6:2e:3f:aa:b8:f9:39:fd:66:30:e5:fc:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Validity Not Before: Dec 24 15:01:00 2025 GMT Not After : Dec 25 15:01:00 2025 GMT Subject: CN=65bb0ca9c2ce065ceb17d0ea1e3f04b50a893880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:78:3f:48:d3:58:7e:bc:4e:16:b1:18:db:40: 38:27:d3:97:ab:c9:84:d9:be:62:dd:d9:36:c1:39: de:81:99:50:c0:bc:da:16:23:e7:7e:04:70:8c:e7: f9:bc:e7:de:7b:3c:34:68:ba:89:d6:3e:2c:9b:04: 40:4d:25:b7:cb:aa:3f:08:65:6a:67:c5:cc:b0:b1: b8:ff:17:54:7c:59:fd:9b:aa:5a:c9:bb:b2:d1:46: 3b:59:64:6f:7f:ac:e4:a6:69:fd:8f:62:26:5e:01: 42:3c:30:de:59:bb:07:5e:c3:80:de:7a:1f:8b:3d: 57:c0:47:59:d0:b5:c5:b9:b2:c4:a2:41:43:a9:8e: 4f:98:ef:d1:db:93:5e:1f:8f:6b:37:88:56:e7:aa: 8b:fa:91:ad:17:38:a9:5a:2e:23:13:c8:cc:3a:5a: 8c:76:7b:83:91:e2:ea:c6:9e:77:7b:f3:3b:8e:2a: 07:26:2d:f9:ff:37:ec:dc:be:20:c7:2a:d3:3e:4a: e4:ae:a4:4e:63:1a:f1:fa:9a:51:d0:70:63:97:38: 3a:22:7b:ae:44:dd:85:de:58:84:fa:ba:69:d0:04: 57:cc:33:61:a4:b8:d6:b9:29:ce:df:cb:f4:ce:e9: d7:c1:1d:56:74:94:3a:dc:48:54:bb:42:d1:09:63: a1:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:BB:0C:A9:C2:CE:06:5C:EB:17:D0:EA:1E:3F:04:B5:0A:89:38:80 X509v3 Authority Key Identifier: keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:65:ef:d7:96:6f:b4:6c:d3:59:ad:d4:be:aa:86:2e:25:68: 95:aa:1f:af:a8:92:07:aa:1f:fe:00:37:61:2f:51:10:f8:ff: ff:9b:2d:20:2c:97:30:f6:45:59:80:a3:4e:f5:db:93:69:1f: 86:d3:d8:aa:76:c7:e2:b5:ac:e4:8a:4b:18:e6:9e:f5:01:71: 59:df:7b:72:24:e6:d0:05:35:72:04:e1:4a:6b:83:49:74:55: 5f:ba:7f:9d:06:fa:5b:2a:90:ff:93:ce:91:53:cb:43:c4:f7: f8:7e:61:06:49:69:65:0e:3b:c6:4a:b4:42:2e:df:77:f9:a6: 98:9e:f0:ba:ba:0a:a1:1b:d1:48:f9:a7:e4:7b:8d:78:f3:37: db:c5:62:4c:4d:22:69:86:b0:27:87:7f:ab:0d:a3:32:e5:9e: f1:f7:f1:bf:c9:7e:3e:ee:e6:90:f8:70:44:d7:b4:0d:3f:ee: e1:b8:13:cf:fe:8f:04:40:6f:c7:ff:ce:9e:16:4d:30:da:83: e1:14:ca:06:7d:fd:25:81:54:49:8f:c6:b5:13:cd:71:d6:9d: 65:05:b2:bf:28:2f:33:3c:9c:3a:6f:d5:05:aa:1b:25:8b:5a: 6b:09:cb:ca:ce:b3:ec:9e:f6:81:f6:18:80:eb:e3:34:fe:30: e3:8d:a5:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQ4K3mLj+quPk5/WYw5fyvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj ZTljOTgwHhcNMjUxMjI0MTUwMTAwWhcNMjUxMjI1MTUwMTAwWjAzMTEwLwYDVQQD Eyg2NWJiMGNhOWMyY2UwNjVjZWIxN2QwZWExZTNmMDRiNTBhODkzODgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73g/SNNYfrxOFrEY20A4J9OXq8mE 2b5i3dk2wTnegZlQwLzaFiPnfgRwjOf5vOfeezw0aLqJ1j4smwRATSW3y6o/CGVq Z8XMsLG4/xdUfFn9m6paybuy0UY7WWRvf6zkpmn9j2ImXgFCPDDeWbsHXsOA3nof iz1XwEdZ0LXFubLEokFDqY5PmO/R25NeH49rN4hW56qL+pGtFzipWi4jE8jMOlqM dnuDkeLqxp53e/M7jioHJi35/zfs3L4gxyrTPkrkrqROYxrx+ppR0HBjlzg6Inuu RN2F3liE+rpp0ARXzDNhpLjWuSnO38v0zunXwR1WdJQ63EhUu0LRCWOhRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGW7DKnCzgZc6xfQ6h4/BLUKiTiAMB8GA1UdIwQY MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALWXv15Zv tGzTWa3UvqqGLiVolaofr6iSB6of/gA3YS9REPj//5stICyXMPZFWYCjTvXbk2kf htPYqnbH4rWs5IpLGOae9QFxWd97ciTm0AU1cgThSmuDSXRVX7p/nQb6WyqQ/5PO kVPLQ8T3+H5hBklpZQ47xkq0Qi7fd/mmmJ7wuroKoRvRSPmn5HuNePM328ViTE0i aYawJ4d/qw2jMuWe8ffxv8l+Pu7mkPhwRNe0DT/u4bgTz/6PBEBvx//OnhZNMNqD 4RTKBn39JYFUSY/GtRPNcdadZQWyvygvMzycOm/VBaobJYtaawnLys6z7J72gfYY gOvjNP4w442lrg== -----END CERTIFICATE-----Generated at Wed Dec 24 23:23:21 2025 by rpki-client