This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft File: aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json) Hash identifier: +Fe/5QPz3Icd3BBcD62uMpt6m2GNm6NzMjNJ9ZwWHT0= Subject key identifier: F6:71:2E:2B:9B:C7:D8:43:16:F4:3E:46:49:58:7B:E1:0D:15:51:AE Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62 Certificate issuer: /CN=69a8e68d12ae293af2369043cd59a020dac24062 Certificate serial: 019B69578681B547B85CF8CA22D7781537F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft Manifest number: 0C91 Signing time: Mon 29 Dec 2025 09:01:42 +0000 Manifest this update: Mon 29 Dec 2025 09:01:42 +0000 Manifest next update: Tue 30 Dec 2025 09:01:42 +0000 Files and hashes: 1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: rAm4pb93rOmsV5Oyu++SjQA60bDU/KRNizWxMlev8OM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 09:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:57:86:81:b5:47:b8:5c:f8:ca:22:d7:78:15:37:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062 Validity Not Before: Dec 29 09:01:42 2025 GMT Not After : Dec 30 09:01:42 2025 GMT Subject: CN=f6712e2b9bc7d84316f43e4649587be10d1551ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d3:3a:8b:83:d2:76:a3:8f:c5:89:e4:1b:b9: 5b:35:84:99:e9:df:bd:ba:4f:fd:2a:c3:16:0e:83: 75:1c:35:62:4e:95:7d:ab:ce:17:78:94:e1:a6:a9: 2d:ca:1d:39:40:87:3b:65:ba:ac:fa:43:c2:8d:f8: 2a:98:9f:ac:ff:0f:15:55:a0:46:85:53:34:b5:b8: 86:43:4f:0a:e6:81:b1:37:fc:87:7e:71:2a:e7:19: 7f:51:a8:b7:90:84:45:69:3d:b0:04:14:23:02:85: 1b:28:b8:81:45:85:e9:75:5e:0e:87:4e:d7:6b:4c: e8:86:64:b3:57:cc:6a:4b:3b:90:db:0c:dd:0a:7e: 6d:fc:38:a0:84:e3:b0:c0:f7:6d:21:44:b7:b7:38: 65:74:70:ea:65:38:ff:23:27:16:f7:93:0f:b7:0d: 12:17:f0:0d:91:86:ed:93:1b:2b:ce:e6:a9:64:5f: 87:c6:fc:63:a3:bf:1a:10:bc:54:e3:cc:ae:28:ab: 72:f3:18:fd:e2:3d:0e:f8:b9:e6:b7:75:20:71:40: ad:aa:e4:9c:ba:dd:17:86:a0:42:71:49:3b:8b:70: 2f:a9:02:9c:a6:95:e1:db:64:f1:25:2f:ff:57:62: 5e:6c:df:78:5a:31:58:72:9d:36:a5:da:c3:ca:e7: 86:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:71:2E:2B:9B:C7:D8:43:16:F4:3E:46:49:58:7B:E1:0D:15:51:AE X509v3 Authority Key Identifier: keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:0c:65:c2:d1:cb:89:c0:82:83:a0:2f:3a:10:4f:7c:13:5b: 50:47:f0:26:41:cc:cc:52:1f:53:f3:b7:07:e6:7a:96:5e:c7: 50:e9:ff:2b:1c:46:54:94:12:ce:e4:5b:e2:0a:35:ac:9c:99: 7d:0a:9f:bc:18:7b:ba:d6:31:1a:46:44:cd:bd:ee:52:bf:f9: 7f:91:b9:7e:24:5d:d5:ae:d7:6c:8c:3c:5b:0f:fc:5d:82:33: 40:48:d0:66:10:9a:48:f8:f9:81:71:d4:30:23:c8:fa:78:50: 2a:c5:50:84:cb:67:cf:27:36:ed:f6:13:72:a4:0f:84:b1:7f: 14:3b:85:2d:c3:99:b2:8f:53:f4:8c:d0:02:9f:2a:1e:20:0b: 59:4e:8c:c6:3f:31:e0:44:86:6c:49:53:e1:55:3a:3f:b6:09: b2:bd:d2:f2:50:f5:d0:9b:b9:e0:04:8b:8a:30:6a:f4:f3:f0: 2e:21:ac:6e:f0:13:88:39:8c:ed:82:45:ef:ef:d6:53:64:9d: c2:fc:a5:92:9f:ed:ce:48:d5:b0:6a:d2:de:54:48:da:9a:28: 96:a7:92:9d:5c:3a:ec:64:d5:ae:13:fc:77:05:31:dc:5d:ce: 4c:12:aa:1d:ae:71:39:80:15:2f:82:36:fb:fc:8c:98:64:61: 0c:93:8d:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtpV4aBtUe4XPjKItd4FTf1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj MjQwNjIwHhcNMjUxMjI5MDkwMTQyWhcNMjUxMjMwMDkwMTQyWjAzMTEwLwYDVQQD EyhmNjcxMmUyYjliYzdkODQzMTZmNDNlNDY0OTU4N2JlMTBkMTU1MWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tM6i4PSdqOPxYnkG7lbNYSZ6d+9 uk/9KsMWDoN1HDViTpV9q84XeJThpqktyh05QIc7Zbqs+kPCjfgqmJ+s/w8VVaBG hVM0tbiGQ08K5oGxN/yHfnEq5xl/Uai3kIRFaT2wBBQjAoUbKLiBRYXpdV4Oh07X a0zohmSzV8xqSzuQ2wzdCn5t/DighOOwwPdtIUS3tzhldHDqZTj/IycW95MPtw0S F/ANkYbtkxsrzuapZF+Hxvxjo78aELxU48yuKKty8xj94j0O+Lnmt3UgcUCtquSc ut0XhqBCcUk7i3AvqQKcppXh22TxJS//V2JebN94WjFYcp02pdrDyueGFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZxLiubx9hDFvQ+RklYe+ENFVGuMB8GA1UdIwQY MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAAxlwtHL icCCg6AvOhBPfBNbUEfwJkHMzFIfU/O3B+Z6ll7HUOn/KxxGVJQSzuRb4go1rJyZ fQqfvBh7utYxGkZEzb3uUr/5f5G5fiRd1a7XbIw8Ww/8XYIzQEjQZhCaSPj5gXHU MCPI+nhQKsVQhMtnzyc27fYTcqQPhLF/FDuFLcOZso9T9IzQAp8qHiALWU6Mxj8x 4ESGbElT4VU6P7YJsr3S8lD10Ju54ASLijBq9PPwLiGsbvATiDmM7YJF7+/WU2Sd wvylkp/tzkjVsGrS3lRI2poolqeSnVw67GTVrhP8dwUx3F3OTBKqHa5xOYAVL4I2 +/yMmGRhDJONng== -----END CERTIFICATE-----Generated at Mon Dec 29 16:19:51 2025 by rpki-client