This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json) Hash identifier: 1OgktFywO1lgyK+2mi/3Y9X8xPsK/7wSEPu4a+Vjpe0= Subject key identifier: 8E:A1:58:14:94:F9:06:9A:9E:49:BD:A5:E3:B0:C2:43:F0:55:2A:D7 Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Certificate serial: 019B44392380D19C2CB8DB834DA239932158 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft Manifest number: 164F Signing time: Mon 22 Dec 2025 04:02:33 +0000 Manifest this update: Mon 22 Dec 2025 04:02:33 +0000 Manifest next update: Tue 23 Dec 2025 04:02:33 +0000 Files and hashes: 1: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: Mq7iPs4K232C94Y9w7ykY2TYYpK8rAR5Qr90PZ7T7jI=) 2: jkQdp6EX7jHh6f31YxZYZhR0C8U.roa (hash: FmayEZ/+k7yvcImZRXEurVZdNlGpk+kZM2DFLPiqTu8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:39:23:80:d1:9c:2c:b8:db:83:4d:a2:39:93:21:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Validity Not Before: Dec 22 04:02:33 2025 GMT Not After : Dec 23 04:02:33 2025 GMT Subject: CN=8ea1581494f9069a9e49bda5e3b0c243f0552ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:b1:ab:6f:f0:ac:48:d4:cf:60:18:6c:27:ec: 6d:91:c1:ab:f8:bd:ba:30:70:4e:89:5f:49:b7:67: cc:9e:72:6a:a6:48:1b:45:1c:8d:68:f2:4b:e1:54: 22:4c:62:3a:0a:1b:97:85:fe:56:e0:eb:4e:85:5a: ca:ee:11:39:38:7b:2d:81:1e:8a:95:82:f0:33:dd: f5:84:63:4c:23:1b:27:57:11:6c:e4:78:52:9e:4b: 58:41:0e:15:07:49:cf:23:7d:eb:30:0f:3e:1f:81: ec:65:52:18:a9:b9:00:c0:b0:8a:08:d0:94:70:dc: 72:bc:f6:10:84:f4:ed:05:6c:7b:6e:08:2a:2e:64: c0:a1:c0:e9:62:03:76:24:cf:82:3c:65:c8:07:73: 88:6b:b1:90:55:0e:e9:4d:ba:d2:f0:34:5d:76:c2: 0a:83:0a:e0:ac:13:ed:ac:5f:98:aa:52:11:16:84: 01:f8:a4:5e:fe:3f:d0:5f:90:09:ba:16:de:3a:b3: 4b:e8:eb:23:12:93:44:c1:a1:28:38:96:c5:a3:26: 52:c5:d0:0f:81:9b:89:ef:aa:7e:49:ae:33:f5:81: a1:79:13:af:4e:7f:e0:e9:50:5c:2a:11:fd:b6:e6: 05:b1:0f:ab:fc:21:a9:4e:ce:ec:df:21:ab:94:f6: 9f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A1:58:14:94:F9:06:9A:9E:49:BD:A5:E3:B0:C2:43:F0:55:2A:D7 X509v3 Authority Key Identifier: keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:c7:00:78:5f:4a:13:e8:88:80:ce:e4:4a:ac:2e:aa:4d:6d: d9:d8:ce:ef:6c:01:1b:ab:7a:10:ed:11:72:af:67:74:c8:f4: 37:a0:d0:d3:43:a3:02:83:51:14:26:6e:cd:af:f1:11:e7:a8: 02:c8:68:51:c1:db:37:ba:8f:75:f9:7f:e1:8f:6c:e5:0b:dd: af:49:58:34:1a:24:45:bf:8e:7e:c4:e9:61:af:5a:ce:da:87: 45:3c:5b:60:40:43:21:56:c5:39:4b:14:d4:7c:56:b2:72:d1: 78:20:66:8a:cb:c3:74:ca:b6:5f:cd:25:1f:a5:21:32:b9:6a: 6d:bd:76:b4:0a:34:b3:8c:c5:02:1b:d5:41:09:02:a8:60:9a: 16:11:53:25:4f:a5:9b:b8:32:b7:b2:ec:1f:0e:f8:f6:0f:f6: ab:40:23:ba:12:35:d4:d2:a3:e6:99:b2:a9:69:7d:49:7c:a6: 4a:95:d5:f1:0b:52:d5:ff:e2:37:59:dc:15:62:c0:c4:d3:ae: f6:d3:28:4a:c6:90:32:b5:cd:5f:01:8a:f1:c3:33:8f:68:11: 4b:ad:02:90:9d:e6:d3:41:51:c7:25:e2:37:e6:60:38:e7:d9: 04:0d:bc:da:b9:e4:66:59:c4:f1:37:b3:f8:0c:2c:c9:7c:70: 46:d6:c4:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOSOA0ZwsuNuDTaI5kyFYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2 OTc5ZDAwHhcNMjUxMjIyMDQwMjMzWhcNMjUxMjIzMDQwMjMzWjAzMTEwLwYDVQQD Eyg4ZWExNTgxNDk0ZjkwNjlhOWU0OWJkYTVlM2IwYzI0M2YwNTUyYWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7Grb/CsSNTPYBhsJ+xtkcGr+L26 MHBOiV9Jt2fMnnJqpkgbRRyNaPJL4VQiTGI6ChuXhf5W4OtOhVrK7hE5OHstgR6K lYLwM931hGNMIxsnVxFs5HhSnktYQQ4VB0nPI33rMA8+H4HsZVIYqbkAwLCKCNCU cNxyvPYQhPTtBWx7bggqLmTAocDpYgN2JM+CPGXIB3OIa7GQVQ7pTbrS8DRddsIK gwrgrBPtrF+YqlIRFoQB+KRe/j/QX5AJuhbeOrNL6OsjEpNEwaEoOJbFoyZSxdAP gZuJ76p+Sa4z9YGheROvTn/g6VBcKhH9tuYFsQ+r/CGpTs7s3yGrlPafzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI6hWBSU+Qaankm9peOwwkPwVSrXMB8GA1UdIwQY MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAMcAeF9K E+iIgM7kSqwuqk1t2djO72wBG6t6EO0Rcq9ndMj0N6DQ00OjAoNRFCZuza/xEeeo AshoUcHbN7qPdfl/4Y9s5Qvdr0lYNBokRb+OfsTpYa9aztqHRTxbYEBDIVbFOUsU 1HxWsnLReCBmisvDdMq2X80lH6UhMrlqbb12tAo0s4zFAhvVQQkCqGCaFhFTJU+l m7gyt7LsHw749g/2q0AjuhI11NKj5pmyqWl9SXymSpXV8QtS1f/iN1ncFWLAxNOu 9tMoSsaQMrXNXwGK8cMzj2gRS60CkJ3m00FRxyXiN+ZgOOfZBA282rnkZlnE8Tez +AwsyXxwRtbEqA== -----END CERTIFICATE-----Generated at Mon Dec 22 09:35:28 2025 by rpki-client