This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft File: aIt13GcpXVhht31RoCEYtg3FWGg.mft (raw, json) Hash identifier: 7YT4a8JTI3QlIORsgck2X9dfxvycxOYuxKaNScj1I/0= Subject key identifier: FA:93:47:9A:D5:B7:9B:A9:26:E9:65:B2:2C:C7:59:FD:DE:C2:4F:E1 Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68 Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868 Certificate serial: 019B4E8456DA316AC2112BE0D7EE232484A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft Manifest number: 0E9B Signing time: Wed 24 Dec 2025 04:00:54 +0000 Manifest this update: Wed 24 Dec 2025 04:00:54 +0000 Manifest next update: Thu 25 Dec 2025 04:00:54 +0000 Files and hashes: 1: ArfVzV_ad27WSg6MSNAJVOVO4Jk.roa (hash: 7YOwLzYn+04mEiM6zjtu45GNMFpON/tmtRVeglwvQWQ=) 2: aIt13GcpXVhht31RoCEYtg3FWGg.crl (hash: WgKRsv+rMSiY4bPyRQIcL+oSOMUx14+Vn6aH+v534RA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 04:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:84:56:da:31:6a:c2:11:2b:e0:d7:ee:23:24:84:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868 Validity Not Before: Dec 24 04:00:54 2025 GMT Not After : Dec 25 04:00:54 2025 GMT Subject: CN=fa93479ad5b79ba926e965b22cc759fddec24fe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:52:24:61:75:d6:02:90:eb:e2:1d:4e:cb:85: 4a:08:71:85:b6:8e:e9:cd:60:39:07:07:0c:46:89: 12:83:19:1d:81:39:0e:0e:b0:fa:54:1d:54:0c:89: d0:7f:f1:f9:28:e4:eb:45:f9:ca:e9:cb:36:e2:8c: f4:c6:04:bd:c7:12:36:6d:1b:18:68:54:d8:1e:8c: 4c:09:ee:d8:b6:d8:8a:6a:07:b3:45:13:ce:f0:c1: be:8a:46:02:94:56:77:0a:a5:52:9c:1b:8f:2c:8b: 7d:e0:f4:21:83:fd:c7:68:70:00:5c:1d:9f:03:42: 89:99:81:e1:c7:13:4b:ba:3f:3b:32:76:03:29:81: f7:94:67:ee:20:76:81:9b:da:31:dc:25:e6:69:26: 42:81:21:c8:35:7c:09:d2:d8:1d:be:3f:cf:16:43: 37:fd:e0:52:63:ca:f6:5c:58:8f:42:75:83:df:99: da:ba:bf:48:6f:25:5f:19:9e:9d:f4:b0:77:3d:f8: 73:f9:25:ea:bf:24:0d:66:02:9b:98:d8:bf:a9:e9: 63:0e:f4:87:e9:87:70:f1:60:b5:ce:71:96:19:ff: 7e:26:7c:e3:29:06:b5:9a:e8:8c:d2:88:2a:f4:b5: ec:5e:0a:92:09:2d:a8:be:35:f7:81:70:53:a0:42: 06:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:93:47:9A:D5:B7:9B:A9:26:E9:65:B2:2C:C7:59:FD:DE:C2:4F:E1 X509v3 Authority Key Identifier: keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:4d:cc:c5:60:43:a8:4f:40:b1:46:91:8f:5c:34:ab:bf:f2: 98:4e:83:fc:6b:0b:e4:39:86:a7:47:80:fd:f2:3c:d9:3b:0b: 5e:6b:8c:74:7e:fb:4a:75:02:82:44:a8:24:b5:b5:f4:c3:52: 3b:f4:29:86:f4:50:9f:11:fa:25:d0:26:9f:13:4f:65:d9:60: 20:6c:23:86:9c:4d:05:31:17:da:c1:23:ea:82:14:f1:d0:c5: 40:b1:80:5e:bd:ee:80:d9:7a:48:75:4f:65:7f:2a:43:70:fc: e2:21:e5:1a:9d:57:00:57:38:c3:a9:b0:68:59:11:c6:5a:33: 8c:6f:09:71:0b:ab:a3:d6:7b:3e:a4:cb:75:6b:f9:ca:ba:c8: c4:7b:37:d9:5c:54:28:c5:b2:d4:fc:9e:91:6b:63:40:02:e1: d5:31:17:f3:2a:5f:e6:dd:6a:6b:d4:ab:27:74:f2:34:05:20: 07:30:83:bb:21:0d:1f:c0:b1:27:39:20:3d:57:98:25:a4:cd: 41:90:9d:76:c4:27:b4:e8:d5:95:c3:97:b9:c7:61:9d:d3:ed: e5:c2:5f:07:c9:8c:f7:33:ba:2d:9a:a2:dc:64:3a:d9:94:2d: 71:52:e4:cf:d1:4a:68:9c:36:a7:f7:e3:16:06:a0:c0:58:37: 73:d9:ed:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOhFbaMWrCESvg1+4jJISlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj NTU4NjgwHhcNMjUxMjI0MDQwMDU0WhcNMjUxMjI1MDQwMDU0WjAzMTEwLwYDVQQD EyhmYTkzNDc5YWQ1Yjc5YmE5MjZlOTY1YjIyY2M3NTlmZGRlYzI0ZmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1IkYXXWApDr4h1Oy4VKCHGFto7p zWA5BwcMRokSgxkdgTkODrD6VB1UDInQf/H5KOTrRfnK6cs24oz0xgS9xxI2bRsY aFTYHoxMCe7YttiKagezRRPO8MG+ikYClFZ3CqVSnBuPLIt94PQhg/3HaHAAXB2f A0KJmYHhxxNLuj87MnYDKYH3lGfuIHaBm9ox3CXmaSZCgSHINXwJ0tgdvj/PFkM3 /eBSY8r2XFiPQnWD35naur9IbyVfGZ6d9LB3Pfhz+SXqvyQNZgKbmNi/qeljDvSH 6Ydw8WC1znGWGf9+JnzjKQa1muiM0ogq9LXsXgqSCS2ovjX3gXBToEIGjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPqTR5rVt5upJullsizHWf3ewk/hMB8GA1UdIwQY MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt NTE4ZWU3YmRlMWY4LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4 LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOE3MxWBD qE9AsUaRj1w0q7/ymE6D/GsL5DmGp0eA/fI82TsLXmuMdH77SnUCgkSoJLW19MNS O/QphvRQnxH6JdAmnxNPZdlgIGwjhpxNBTEX2sEj6oIU8dDFQLGAXr3ugNl6SHVP ZX8qQ3D84iHlGp1XAFc4w6mwaFkRxlozjG8JcQuro9Z7PqTLdWv5yrrIxHs32VxU KMWy1PyekWtjQALh1TEX8ypf5t1qa9SrJ3TyNAUgBzCDuyENH8CxJzkgPVeYJaTN QZCddsQntOjVlcOXucdhndPt5cJfB8mM9zO6LZqi3GQ62ZQtcVLkz9FKaJw2p/fj FgagwFg3c9ntjA== -----END CERTIFICATE-----Generated at Wed Dec 24 10:31:03 2025 by rpki-client