This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft File: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft (raw, json) Hash identifier: pHxh2rGnblHIq0GZ/jIucIZJwLllBxBbGdnAhy5y68Q= Subject key identifier: 4B:49:1A:80:68:E8:83:02:E1:C5:BC:1D:25:32:E3:8E:7F:F2:E7:58 Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93 Certificate serial: 019B4092142B2D123A9C8CBF12C664B62966 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft Manifest number: 1796 Signing time: Sun 21 Dec 2025 11:01:13 +0000 Manifest this update: Sun 21 Dec 2025 11:01:13 +0000 Manifest next update: Mon 22 Dec 2025 11:01:13 +0000 Files and hashes: 1: Mmi06jAh1KR0NNHlTuLcdFXGdm4.roa (hash: Q9joIkxkfDcIZMMuVnLQE37iPkqzALSBCPVV1CY/m7A=) 2: aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl (hash: +WXYkFzVdRr03zo2cm3ApSDkzjXrnh3UdfmrBM3+wTg=) 3: bObL7vPF35vh9LuEyJYMk5yU3-U.roa (hash: eG1lFL25ltcNTKgnhPFmeY0axMsTOI37jTMaagRA/AM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 11:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:92:14:2b:2d:12:3a:9c:8c:bf:12:c6:64:b6:29:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93 Validity Not Before: Dec 21 11:01:13 2025 GMT Not After : Dec 22 11:01:13 2025 GMT Subject: CN=4b491a8068e88302e1c5bc1d2532e38e7ff2e758 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:32:c9:e9:ee:88:0e:6b:39:c0:8e:25:26:6a: 02:e5:51:eb:22:90:ca:23:5e:ab:58:a7:4f:d8:c9: c6:e7:c8:0f:aa:43:0d:ae:62:94:68:79:66:d1:81: 9a:3b:04:9f:dc:01:36:f4:7d:78:15:f9:66:bf:1e: d2:5a:d5:76:83:f0:a1:7e:cc:a5:54:08:89:55:ab: 35:c9:77:8b:23:9a:95:0c:8d:34:31:7a:62:f3:71: f7:69:8d:7d:ee:a5:d8:24:6b:f0:42:98:51:4a:59: 9f:50:d6:78:b6:a9:b6:48:8f:4c:bb:e3:66:22:47: 73:d3:bf:f2:d2:30:ba:60:12:09:be:d7:db:81:eb: 7b:9c:1a:b8:c8:c4:6f:8e:83:5a:8b:19:2a:bc:28: c0:c2:f8:09:9e:41:f9:69:0a:70:c6:7e:83:f0:19: 7d:bd:3f:94:ef:28:48:fd:76:c5:ab:57:2f:55:1b: 31:f6:95:a6:0d:2d:9e:58:ea:47:84:c4:e7:4b:e9: 4f:b5:36:f7:ea:fc:41:7a:b4:7c:4b:1f:3e:ea:d1: c9:ae:98:a4:dd:82:c4:d7:02:aa:6a:04:65:e7:c1: 51:a4:9f:c6:63:0d:a0:69:ab:a1:a0:da:1d:1b:9b: d0:d9:94:31:f7:70:79:fd:cb:4b:a6:97:cd:31:9d: 65:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:49:1A:80:68:E8:83:02:E1:C5:BC:1D:25:32:E3:8E:7F:F2:E7:58 X509v3 Authority Key Identifier: keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:96:0f:93:fe:dd:ff:73:99:62:c8:68:94:11:6c:0d:b4:cc: 52:13:b2:1e:54:3a:c6:f6:60:90:a3:cf:49:a5:85:6a:d2:78: 71:36:bc:4c:c8:61:f7:73:7e:22:22:c6:88:ef:1f:71:a8:39: 04:ce:57:bb:3e:b7:74:1e:e5:7b:29:5e:26:cd:10:41:75:97: 4a:df:26:bb:94:4a:22:4d:77:f7:84:e7:9b:47:ba:1d:c6:db: f0:16:9e:c1:6b:99:4e:76:28:82:62:c9:de:f6:01:78:b9:0f: 8c:6e:49:f4:2a:37:b6:a4:c8:08:6e:50:df:b3:fe:ec:b7:23: 89:97:44:df:e2:91:f3:13:ca:ec:e5:1d:3b:2b:b5:23:59:71: fd:1c:2c:55:ef:98:4a:94:36:4a:dd:f3:5b:f7:a9:3e:2e:22: 11:e9:d8:d1:d0:97:9f:3e:c4:de:be:ee:d0:9e:f8:f3:3a:7b: 19:58:2a:d0:5e:95:74:e8:b1:f8:e3:d8:19:b7:5d:85:41:46: d5:2a:3c:5e:76:23:19:1a:7a:a1:a7:24:bf:f5:ee:0d:2e:67: e7:f5:94:4b:dc:ab:f2:b0:9a:1f:52:94:c4:0b:53:32:af:c0: f1:f7:8c:58:e9:7e:62:f3:b4:90:40:08:b8:87:ed:ba:80:a0: 62:7c:83:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAkhQrLRI6nIy/EsZktilmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz NTNlOTMwHhcNMjUxMjIxMTEwMTEzWhcNMjUxMjIyMTEwMTEzWjAzMTEwLwYDVQQD Eyg0YjQ5MWE4MDY4ZTg4MzAyZTFjNWJjMWQyNTMyZTM4ZTdmZjJlNzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzLJ6e6IDms5wI4lJmoC5VHrIpDK I16rWKdP2MnG58gPqkMNrmKUaHlm0YGaOwSf3AE29H14Fflmvx7SWtV2g/Chfsyl VAiJVas1yXeLI5qVDI00MXpi83H3aY197qXYJGvwQphRSlmfUNZ4tqm2SI9Mu+Nm Ikdz07/y0jC6YBIJvtfbget7nBq4yMRvjoNaixkqvCjAwvgJnkH5aQpwxn6D8Bl9 vT+U7yhI/XbFq1cvVRsx9pWmDS2eWOpHhMTnS+lPtTb36vxBerR8Sx8+6tHJrpik 3YLE1wKqagRl58FRpJ/GYw2gaauhoNodG5vQ2ZQx93B5/ctLppfNMZ1lBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEtJGoBo6IMC4cW8HSUy445/8udYMB8GA1UdIwQY MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt MjVkZDRjYmIzNjk4LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4 LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFJYPk/7d /3OZYsholBFsDbTMUhOyHlQ6xvZgkKPPSaWFatJ4cTa8TMhh93N+IiLGiO8fcag5 BM5Xuz63dB7leyleJs0QQXWXSt8mu5RKIk1394Tnm0e6Hcbb8BaewWuZTnYogmLJ 3vYBeLkPjG5J9Co3tqTICG5Q37P+7LcjiZdE3+KR8xPK7OUdOyu1I1lx/RwsVe+Y SpQ2St3zW/epPi4iEenY0dCXnz7E3r7u0J748zp7GVgq0F6VdOix+OPYGbddhUFG 1So8XnYjGRp6oackv/XuDS5n5/WUS9yr8rCaH1KUxAtTMq/A8feMWOl+YvO0kEAI uIftuoCgYnyDJA== -----END CERTIFICATE-----Generated at Sun Dec 21 17:14:57 2025 by rpki-client