This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft File: ajqLdK1O1nN5ep9rd0nCI0VpedA.mft (raw, json) Hash identifier: WBdhKOAjcyvQJx15dgb6fw9tUOLT1DvvOmToWS1iEzU= Subject key identifier: C2:B2:C0:48:33:C1:98:15:94:56:AE:07:9B:DE:B8:41:0D:D2:86:01 Authority key identifier: 6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 Certificate issuer: /CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Certificate serial: 019B38A2DF390BA819346E903CAC2DB08A98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft Manifest number: 1649 Signing time: Fri 19 Dec 2025 22:02:36 +0000 Manifest this update: Fri 19 Dec 2025 22:02:36 +0000 Manifest next update: Sat 20 Dec 2025 22:02:36 +0000 Files and hashes: 1: ajqLdK1O1nN5ep9rd0nCI0VpedA.crl (hash: 77HS+BQDWAChGrQ0guvmOywP65BMjZQN7Y/h0iERRFs=) 2: jkQdp6EX7jHh6f31YxZYZhR0C8U.roa (hash: FmayEZ/+k7yvcImZRXEurVZdNlGpk+kZM2DFLPiqTu8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:df:39:0b:a8:19:34:6e:90:3c:ac:2d:b0:8a:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a3a8b74ad4ed673797a9f6b7749c223456979d0 Validity Not Before: Dec 19 22:02:36 2025 GMT Not After : Dec 20 22:02:36 2025 GMT Subject: CN=c2b2c04833c198159456ae079bdeb8410dd28601 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:f6:64:99:ce:9a:62:7f:28:63:0a:90:47:3a: d5:91:36:e3:a3:d9:f5:0d:c3:8a:21:ec:5a:69:2f: b5:98:b5:05:63:71:36:10:88:ce:53:c4:a2:2a:22: ab:7f:42:b9:b6:28:7d:a1:34:5d:28:6a:2a:6d:4c: cf:5f:b9:bb:4c:5d:3e:8d:02:94:4e:59:f4:65:7c: bc:bc:de:45:4c:df:7b:2a:59:9b:f6:93:33:b9:0c: 0f:32:10:d8:3e:66:07:a7:b1:29:a0:78:48:30:53: fb:9b:f5:a2:2c:42:ef:8e:35:e7:e4:59:5d:96:23: 9b:78:64:a2:7f:fa:98:39:21:dc:c3:82:c7:61:fa: 7a:5b:90:eb:de:47:59:93:0f:d0:ef:fe:aa:3c:88: 87:91:cd:c3:c8:fa:79:85:70:64:7b:8e:c7:20:9f: 46:50:f3:39:84:2a:85:af:81:c9:9f:bf:b9:59:5b: 89:3a:d0:bc:c0:f0:1e:87:d5:6d:9e:d1:bd:53:0a: 09:b5:54:80:2e:47:50:78:58:84:e6:08:55:6c:dd: 35:4a:e0:75:ef:23:c5:bb:08:b2:8c:61:1c:e1:df: 92:84:6c:7b:15:08:f3:98:23:6b:ed:65:60:b3:16: 35:8b:0c:c6:ff:67:d2:ae:8c:c5:3e:0d:01:74:97: 96:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:B2:C0:48:33:C1:98:15:94:56:AE:07:9B:DE:B8:41:0D:D2:86:01 X509v3 Authority Key Identifier: keyid:6A:3A:8B:74:AD:4E:D6:73:79:7A:9F:6B:77:49:C2:23:45:69:79:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajqLdK1O1nN5ep9rd0nCI0VpedA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/53aca2-e888-421c-b59a-c958bf4f8991/1/ajqLdK1O1nN5ep9rd0nCI0VpedA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:f6:f8:d3:40:db:0b:d3:5b:cc:6f:78:fc:ef:f2:3e:f2:c3: eb:5d:c6:a9:ab:05:f0:fe:3c:f7:35:ad:8d:4f:e5:02:17:ad: 93:dc:1c:8c:73:32:e0:8b:60:41:18:62:ff:4b:fa:75:e1:af: 59:73:77:d7:43:8a:45:be:a1:87:ac:25:a7:f5:5f:bd:7b:d7: 18:9f:1f:37:2a:08:5a:c3:92:a9:7a:52:b9:9e:4e:4f:2d:f5: 98:de:dd:9b:cb:a9:3b:26:17:31:54:85:7c:06:1e:2a:e7:a9: 4b:4c:ce:e2:8c:6c:2b:79:ba:43:55:f6:53:35:8f:74:b5:de: 0a:f4:78:8a:a1:a7:a1:01:7e:95:18:5d:93:40:9c:e9:f4:de: be:26:9c:5d:69:39:a7:54:6d:c9:e8:02:35:72:57:00:7d:5a: 69:ec:04:49:65:47:db:c3:79:08:e6:db:63:bf:6b:50:bd:3b: 2a:9b:60:7d:d1:6c:5f:8f:53:5f:9a:28:02:85:13:10:8e:fc: c8:8e:26:3f:85:8e:c5:cb:f2:b6:06:b5:12:ac:57:7f:ea:88: 0e:0a:20:ff:6f:39:e6:d4:41:d3:fd:73:4b:a1:bc:88:38:93: e1:a4:7d:5e:78:d2:c7:43:14:63:f0:5e:32:d0:05:db:70:ea: 79:77:b0:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4ot85C6gZNG6QPKwtsIqYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhM2E4Yjc0YWQ0ZWQ2NzM3OTdhOWY2Yjc3NDljMjIzNDU2 OTc5ZDAwHhcNMjUxMjE5MjIwMjM2WhcNMjUxMjIwMjIwMjM2WjAzMTEwLwYDVQQD EyhjMmIyYzA0ODMzYzE5ODE1OTQ1NmFlMDc5YmRlYjg0MTBkZDI4NjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/Zkmc6aYn8oYwqQRzrVkTbjo9n1 DcOKIexaaS+1mLUFY3E2EIjOU8SiKiKrf0K5tih9oTRdKGoqbUzPX7m7TF0+jQKU Tln0ZXy8vN5FTN97Klmb9pMzuQwPMhDYPmYHp7EpoHhIMFP7m/WiLELvjjXn5Fld liObeGSif/qYOSHcw4LHYfp6W5Dr3kdZkw/Q7/6qPIiHkc3DyPp5hXBke47HIJ9G UPM5hCqFr4HJn7+5WVuJOtC8wPAeh9VtntG9UwoJtVSALkdQeFiE5ghVbN01SuB1 7yPFuwiyjGEc4d+ShGx7FQjzmCNr7WVgsxY1iwzG/2fSrozFPg0BdJeWhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMKywEgzwZgVlFauB5veuEEN0oYBMB8GA1UdIwQY MBaAFGo6i3StTtZzeXqfa3dJwiNFaXnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEt Yzk1OGJmNGY4OTkxLzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS81M2FjYTItZTg4OC00MjFjLWI1OWEtYzk1OGJmNGY4OTkx LzEvYWpxTGRLMU8xbk41ZXA5cmQwbkNJMFZwZWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmPb400Db C9NbzG94/O/yPvLD613GqasF8P489zWtjU/lAhetk9wcjHMy4ItgQRhi/0v6deGv WXN310OKRb6hh6wlp/VfvXvXGJ8fNyoIWsOSqXpSuZ5OTy31mN7dm8upOyYXMVSF fAYeKuepS0zO4oxsK3m6Q1X2UzWPdLXeCvR4iqGnoQF+lRhdk0Cc6fTeviacXWk5 p1RtyegCNXJXAH1aaewESWVH28N5CObbY79rUL07KptgfdFsX49TX5ooAoUTEI78 yI4mP4WOxcvytga1EqxXf+qIDgog/2855tRB0/1zS6G8iDiT4aR9XnjSx0MUY/Be MtAF23DqeXewcA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:30:56 2025 by rpki-client