This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft File: aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json) Hash identifier: HXz44eHH7walb2dI6OL43N0eTqna6t4sZZyV39pitBg= Subject key identifier: 2E:DE:FD:7C:43:2A:5C:41:D7:34:67:09:B8:C7:C9:AB:73:B9:AD:27 Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71 Certificate issuer: /CN=6987d0047fb1d8912c63f911305a714f438b1e71 Certificate serial: 019B4A717184E5B790F5911EBC823FC8AADE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft Manifest number: 178E Signing time: Tue 23 Dec 2025 09:01:47 +0000 Manifest this update: Tue 23 Dec 2025 09:01:47 +0000 Manifest next update: Wed 24 Dec 2025 09:01:47 +0000 Files and hashes: 1: Atkr4h8_-iWKS-lQ1C-yvRl84ME.roa (hash: 2T7HRH5eHvmAemXfiDHO7EMODqi7SWlhFBBbiZ8y44c=) 2: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: /gqhrBDT0mCn3uKcRxoH43C3bZ0fTW0ypZCsrqRl8aI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:71:71:84:e5:b7:90:f5:91:1e:bc:82:3f:c8:aa:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71 Validity Not Before: Dec 23 09:01:47 2025 GMT Not After : Dec 24 09:01:47 2025 GMT Subject: CN=2edefd7c432a5c41d7346709b8c7c9ab73b9ad27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:64:8c:65:64:a9:99:ec:df:74:1a:3c:bc:d7: 9f:ee:3f:e0:be:f0:7c:b3:94:fd:33:e2:f0:77:20: dd:32:89:3a:e2:53:fe:a2:ea:30:30:0f:e8:74:67: ca:19:67:be:d9:c8:99:bb:5e:3e:d6:8e:d2:9f:41: 5f:06:59:5e:bc:91:2e:12:8f:a3:97:55:7b:b2:3f: a8:3e:6f:27:d6:40:ff:e1:da:8d:14:03:45:55:24: cf:c8:80:d9:40:22:ca:2d:95:65:0a:84:6f:94:93: fa:7a:9c:f4:b4:db:cd:f4:05:dc:4b:ef:57:75:c6: 57:7e:2c:a2:4e:da:f0:2e:b5:79:fc:69:02:af:5b: f1:c4:82:2e:6c:1a:46:5e:09:0c:61:58:14:e9:22: 45:aa:ff:4c:6f:19:84:0f:8d:54:95:4d:ca:36:c7: b0:64:fa:5d:66:fc:8e:8b:0c:a5:cf:0d:75:f7:2e: 85:b5:e3:23:11:4b:6f:45:ff:c9:29:c8:00:a0:9e: 9f:8c:97:d1:75:a7:21:69:52:ec:79:b0:d3:ea:67: 16:d5:66:15:9b:1b:82:d7:6a:1c:bd:69:11:0a:47: e9:f8:f6:6a:ad:41:77:f4:dd:f7:ea:44:5c:c4:3b: 46:5c:2a:a3:f1:88:5a:08:4c:18:9b:a9:29:06:a4: 9d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:DE:FD:7C:43:2A:5C:41:D7:34:67:09:B8:C7:C9:AB:73:B9:AD:27 X509v3 Authority Key Identifier: keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:fd:01:ae:75:bd:8d:a8:fa:58:dc:7c:07:c4:1f:b7:a4:c8: 29:dc:18:c6:22:df:84:71:a6:94:4b:ef:30:0d:50:28:f6:8c: fc:72:1d:f8:2f:fc:6c:ea:ef:df:bc:ba:e4:c9:da:73:e4:0f: ef:af:6f:1e:ba:07:3d:8f:81:19:ca:dd:cb:f8:38:7a:aa:11: 05:84:dd:1a:39:9b:ab:64:ab:e6:07:66:22:75:13:0b:50:c3: 35:2d:e4:f1:68:2e:b3:73:85:95:b7:95:43:53:a4:f1:ef:14: 5f:d0:89:6a:dd:fa:43:0e:d8:68:85:e7:b9:75:03:2a:de:cf: ef:fa:ae:a0:34:4f:4f:2b:df:42:cc:1e:78:a2:b5:c3:49:3b: 6e:68:46:c2:ba:6c:a0:e5:ef:cd:f0:eb:46:91:bc:71:4c:fc: 48:08:63:d6:47:35:70:bd:da:7a:9e:ab:f0:ca:76:06:c3:7f: ed:e3:7b:f9:1b:4f:70:3c:30:0e:73:ef:bc:ee:93:9b:5f:cf: 76:91:fe:06:62:5a:bf:61:8b:71:63:ef:8d:3e:ed:4e:d5:b3: d7:17:12:b1:c9:a1:fb:c5:5d:d6:c4:34:d9:36:74:80:b9:c3: ed:d4:00:bc:a6:b5:03:a3:18:dd:ce:d7:94:78:1a:07:9a:ea: 17:d8:ad:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKcXGE5beQ9ZEevII/yKreMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4 YjFlNzEwHhcNMjUxMjIzMDkwMTQ3WhcNMjUxMjI0MDkwMTQ3WjAzMTEwLwYDVQQD EygyZWRlZmQ3YzQzMmE1YzQxZDczNDY3MDliOGM3YzlhYjczYjlhZDI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGSMZWSpmezfdBo8vNef7j/gvvB8 s5T9M+LwdyDdMok64lP+ouowMA/odGfKGWe+2ciZu14+1o7Sn0FfBllevJEuEo+j l1V7sj+oPm8n1kD/4dqNFANFVSTPyIDZQCLKLZVlCoRvlJP6epz0tNvN9AXcS+9X dcZXfiyiTtrwLrV5/GkCr1vxxIIubBpGXgkMYVgU6SJFqv9MbxmED41UlU3KNsew ZPpdZvyOiwylzw119y6FteMjEUtvRf/JKcgAoJ6fjJfRdachaVLsebDT6mcW1WYV mxuC12ocvWkRCkfp+PZqrUF39N336kRcxDtGXCqj8YhaCEwYm6kpBqSd2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC7e/XxDKlxB1zRnCbjHyatzua0nMB8GA1UdIwQY MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0 LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuf0BrnW9 jaj6WNx8B8Qft6TIKdwYxiLfhHGmlEvvMA1QKPaM/HId+C/8bOrv37y65Mnac+QP 769vHroHPY+BGcrdy/g4eqoRBYTdGjmbq2Sr5gdmInUTC1DDNS3k8Wgus3OFlbeV Q1Ok8e8UX9CJat36Qw7YaIXnuXUDKt7P7/quoDRPTyvfQsweeKK1w0k7bmhGwrps oOXvzfDrRpG8cUz8SAhj1kc1cL3aep6r8Mp2BsN/7eN7+RtPcDwwDnPvvO6Tm1/P dpH+BmJav2GLcWPvjT7tTtWz1xcSscmh+8Vd1sQ02TZ0gLnD7dQAvKa1A6MY3c7X lHgaB5rqF9itUw== -----END CERTIFICATE-----Generated at Tue Dec 23 12:38:51 2025 by rpki-client