This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft File: aPYGg7N3JXQn279uzjXixYWjsB0.mft (raw, json) Hash identifier: ENcYYy0M5jGobCxblu+aJu3rkxbDwGfGay5d02M0VxA= Subject key identifier: 75:28:15:A1:A5:F9:8C:5F:AF:E0:7B:39:37:90:6B:6C:DC:25:6D:F4 Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d Certificate serial: 019B43C989C21C4FE95E9BD46E1AEF6B5B53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft Manifest number: 178C Signing time: Mon 22 Dec 2025 02:00:39 +0000 Manifest this update: Mon 22 Dec 2025 02:00:39 +0000 Manifest next update: Tue 23 Dec 2025 02:00:39 +0000 Files and hashes: 1: aPYGg7N3JXQn279uzjXixYWjsB0.crl (hash: oJ0gD7YUdh3CE7Hbjh2wkmn/6PfBauYeesYNzcl4vhk=) 2: nJZ2h-CE2RpObbNuUbuQAsAe9wo.roa (hash: XjXLrJ8ZAfMXOtdh84OSK02UeKqf16aa2sgmGiELBao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 02:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:c9:89:c2:1c:4f:e9:5e:9b:d4:6e:1a:ef:6b:5b:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d Validity Not Before: Dec 22 02:00:39 2025 GMT Not After : Dec 23 02:00:39 2025 GMT Subject: CN=752815a1a5f98c5fafe07b3937906b6cdc256df4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:17:59:54:f0:b1:92:de:36:99:53:6e:83:cd: 46:18:57:cd:5f:85:57:1d:54:9a:98:5b:2a:a3:e0: 4c:8e:fa:d6:7c:67:ab:63:0f:1a:23:ce:07:cf:f2: e0:39:f8:e2:f3:7a:bd:59:f8:dc:b4:dc:7e:e1:34: 2c:02:d2:f3:ca:34:df:c9:9d:4b:ac:fd:06:65:c8: ae:7e:b3:9a:b4:25:13:73:e3:4f:d0:d2:86:bf:55: ee:04:f6:f8:7c:3c:65:c4:e5:8c:48:50:2b:cb:a0: b8:44:0f:b8:e8:a9:dd:5f:f2:03:40:61:fb:7a:ab: a3:82:e9:a1:b9:41:c9:13:a1:92:19:e1:2e:6e:6e: 0a:97:74:78:65:3a:8e:ee:a6:04:00:9a:fb:9e:09: 6c:c4:83:ab:31:db:14:e0:6b:e6:38:7a:a1:b2:26: 0f:24:8d:10:6b:42:3b:cd:68:df:0a:2f:03:cc:a5: be:e0:52:2a:dd:4b:8f:57:7b:ba:26:fd:a5:d9:a0: b7:27:87:dd:f4:90:68:03:67:14:c0:ea:3c:c9:30: 8f:5d:93:1a:7a:c6:d8:18:1a:59:17:7f:71:aa:39: f9:40:b4:9a:ad:a7:89:ff:a1:e3:bf:68:7d:9f:e2: 15:33:0b:6e:6a:a1:84:89:6a:c7:24:48:c6:2c:09: 36:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:28:15:A1:A5:F9:8C:5F:AF:E0:7B:39:37:90:6B:6C:DC:25:6D:F4 X509v3 Authority Key Identifier: keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:c3:94:01:96:61:68:96:ba:c0:46:27:ef:f6:b0:b2:5c:5f: a7:bb:76:13:64:bf:3a:46:f9:17:e5:1e:b4:4c:c6:9d:e1:cc: bc:2d:3b:d1:23:9b:74:11:47:f9:53:cc:bf:c9:aa:8d:1e:2f: 1f:41:65:0b:32:3e:c3:e7:3b:de:5f:f2:65:7a:23:f2:72:3d: fd:6e:85:4b:2a:24:2b:2d:07:9f:b1:f9:ea:86:1f:a9:23:74: 01:05:4b:43:4a:0f:d1:06:60:df:6d:17:3b:4f:e1:0b:bd:37: eb:1a:de:7e:39:b5:9b:1d:e4:7a:ce:a6:1b:6c:88:9b:fb:05: dd:56:81:1f:19:8d:8f:94:e2:69:e8:49:94:39:a4:9a:b3:a7: 19:04:c2:8a:ef:1c:60:7e:99:08:f0:2c:fc:60:0a:7b:41:02: 5b:99:e9:26:f5:34:92:d2:75:79:06:40:06:7b:c3:5a:70:b2: d8:62:49:36:77:af:a4:1e:87:97:74:e9:a2:70:db:d4:e0:a2: 90:4a:79:ac:6a:76:2a:a9:e1:6c:57:cb:61:43:5f:41:4d:83: 8b:c3:6f:74:e3:d4:f7:21:88:11:57:dc:22:c3:52:38:76:f6: 2e:63:5d:19:dc:11:07:73:c7:4b:3b:23:94:db:36:64:f2:b3: 9a:fe:d2:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDyYnCHE/pXpvUbhrva1tTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjYwNjgzYjM3NzI1NzQyN2RiYmY2ZWNlMzVlMmM1ODVh M2IwMWQwHhcNMjUxMjIyMDIwMDM5WhcNMjUxMjIzMDIwMDM5WjAzMTEwLwYDVQQD Eyg3NTI4MTVhMWE1Zjk4YzVmYWZlMDdiMzkzNzkwNmI2Y2RjMjU2ZGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBdZVPCxkt42mVNug81GGFfNX4VX HVSamFsqo+BMjvrWfGerYw8aI84Hz/LgOfji83q9WfjctNx+4TQsAtLzyjTfyZ1L rP0GZciufrOatCUTc+NP0NKGv1XuBPb4fDxlxOWMSFAry6C4RA+46KndX/IDQGH7 equjgumhuUHJE6GSGeEubm4Kl3R4ZTqO7qYEAJr7nglsxIOrMdsU4GvmOHqhsiYP JI0Qa0I7zWjfCi8DzKW+4FIq3UuPV3u6Jv2l2aC3J4fd9JBoA2cUwOo8yTCPXZMa esbYGBpZF39xqjn5QLSaraeJ/6Hjv2h9n+IVMwtuaqGEiWrHJEjGLAk2swIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHUoFaGl+Yxfr+B7OTeQa2zcJW30MB8GA1UdIwQY MBaAFGj2BoOzdyV0J9u/bs414sWFo7AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQt MzU0NzQwMzZhOWQ3LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8yZWI5NjktODYzYS00NjJkLTlmOWQtMzU0NzQwMzZhOWQ3 LzEvYVBZR2c3TjNKWFFuMjc5dXpqWGl4WVdqc0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXsOUAZZh aJa6wEYn7/awslxfp7t2E2S/Okb5F+UetEzGneHMvC070SObdBFH+VPMv8mqjR4v H0FlCzI+w+c73l/yZXoj8nI9/W6FSyokKy0Hn7H56oYfqSN0AQVLQ0oP0QZg320X O0/hC7036xrefjm1mx3kes6mG2yIm/sF3VaBHxmNj5TiaehJlDmkmrOnGQTCiu8c YH6ZCPAs/GAKe0ECW5npJvU0ktJ1eQZABnvDWnCy2GJJNnevpB6Hl3TponDb1OCi kEp5rGp2KqnhbFfLYUNfQU2Di8NvdOPU9yGIEVfcIsNSOHb2LmNdGdwRB3PHSzsj lNs2ZPKzmv7SSg== -----END CERTIFICATE-----Generated at Mon Dec 22 10:37:42 2025 by rpki-client