This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft File: aO_MqEmPXSbBIK802EbAKB_2Ka8.mft (raw, json) Hash identifier: EZWTMDUPqDsqw6Ktib6oKZPKZDMpRff2EdS8wHZvFQc= Subject key identifier: 1C:3C:3F:4F:97:F1:BF:21:E9:41:55:6C:B0:08:2E:68:94:46:E4:8F Authority key identifier: 68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF Certificate issuer: /CN=68efcca8498f5d26c120af34d846c0281ff629af Certificate serial: 019B3D236115B08A5B721F24F158B25FD3B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft Manifest number: 11F7 Signing time: Sat 20 Dec 2025 19:01:27 +0000 Manifest this update: Sat 20 Dec 2025 19:01:27 +0000 Manifest next update: Sun 21 Dec 2025 19:01:27 +0000 Files and hashes: 1: aO_MqEmPXSbBIK802EbAKB_2Ka8.crl (hash: B/cq3v1BcHWqAIYBhARAGghyS2/tRkgHBNzicgHG2po=) 2: bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa (hash: iWv2k5/cNl7lJrUkdCeVYiFcY+HPf8sJg4JbV1Gwcrc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.crl rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:61:15:b0:8a:5b:72:1f:24:f1:58:b2:5f:d3:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68efcca8498f5d26c120af34d846c0281ff629af Validity Not Before: Dec 20 19:01:27 2025 GMT Not After : Dec 21 19:01:27 2025 GMT Subject: CN=1c3c3f4f97f1bf21e941556cb0082e689446e48f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:f0:a7:2a:03:ad:e7:d4:1c:14:0c:08:b6:fd: d6:f5:e8:e8:7e:3f:47:01:27:9c:59:ac:f1:c6:c1: a1:b2:a5:77:ce:7e:7c:52:42:63:14:d6:c1:66:31: 24:f0:c7:d9:df:56:1b:1d:e5:bf:a8:9c:4c:56:fa: 8a:ec:5a:ef:99:69:7d:16:18:6d:4a:e2:5e:bc:bc: e3:d0:f9:42:b5:fe:52:e1:15:80:f9:ef:2e:bb:f1: ed:6b:f1:ce:00:a5:ee:ef:54:e1:e0:cb:6c:7a:bd: 54:9d:bb:c0:32:d4:b5:f7:90:73:13:d1:30:66:16: 7a:87:f7:60:d4:59:13:5b:f5:cd:8b:59:58:bb:39: aa:83:76:c8:b4:44:6b:bb:38:a1:36:98:5a:dd:17: 58:da:07:5e:b2:04:a8:ab:97:17:c7:d9:5a:c0:7a: 23:50:05:3d:f6:54:36:35:40:24:76:24:59:a6:8b: 04:fe:0a:66:10:d2:8c:82:a8:d2:c1:40:52:6c:37: 16:fb:2a:7e:f0:ff:19:b9:19:d9:59:6f:9e:b2:db: 1a:03:3f:46:98:c8:b4:28:f3:25:da:c8:ab:12:34: 4f:f2:58:93:bb:e7:c2:65:43:d9:49:1a:5b:ae:95: 85:13:03:fb:84:ad:db:bb:fd:39:a5:f8:05:85:2d: f3:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:3C:3F:4F:97:F1:BF:21:E9:41:55:6C:B0:08:2E:68:94:46:E4:8F X509v3 Authority Key Identifier: keyid:68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:c6:9f:da:e7:5e:80:3b:5c:69:38:0d:21:e0:d4:d0:08:b5: 9d:a4:6f:fe:a7:b3:47:35:6f:54:f0:38:a8:fd:c1:b1:34:0b: 80:a4:c0:db:e2:1d:ad:5d:3a:2b:25:27:ca:50:08:2b:86:4b: f7:87:c7:29:38:da:fc:94:66:fa:88:d0:5d:1c:b8:37:3c:02: 5e:ac:0f:02:91:31:a3:a0:a7:57:f0:2f:0f:78:2e:e0:68:f0: d7:52:23:94:14:86:fd:8b:ec:02:a7:4d:6e:73:6e:0e:8b:3e: fb:6d:01:ea:dd:66:07:26:bb:d8:3b:72:bd:ec:5d:77:78:67: 4e:e5:a7:79:ac:e9:cf:a5:dc:ce:b4:d6:10:82:76:71:0c:0b: 63:d8:d4:0d:9c:80:90:01:29:66:c8:27:dc:87:00:af:e0:ad: e4:e1:91:74:69:c0:39:a0:b8:1e:e1:fa:52:52:5c:8f:13:ac: fc:7a:eb:b6:61:12:a8:51:85:96:99:cc:3a:5c:91:73:8b:42: 76:cb:48:0d:f7:65:c0:d1:9b:ea:3b:71:c1:93:dd:df:c7:22: 16:4f:fd:8e:62:09:0a:1c:32:e1:bc:8c:4e:09:3c:26:6e:22: 10:76:e0:02:4e:fb:49:8a:43:31:6f:40:06:74:d1:92:3f:0b: c5:fe:5f:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I2EVsIpbch8k8ViyX9OwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZWZjY2E4NDk4ZjVkMjZjMTIwYWYzNGQ4NDZjMDI4MWZm NjI5YWYwHhcNMjUxMjIwMTkwMTI3WhcNMjUxMjIxMTkwMTI3WjAzMTEwLwYDVQQD EygxYzNjM2Y0Zjk3ZjFiZjIxZTk0MTU1NmNiMDA4MmU2ODk0NDZlNDhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fCnKgOt59QcFAwItv3W9ejofj9H ASecWazxxsGhsqV3zn58UkJjFNbBZjEk8MfZ31YbHeW/qJxMVvqK7FrvmWl9Fhht SuJevLzj0PlCtf5S4RWA+e8uu/Hta/HOAKXu71Th4Mtser1UnbvAMtS195BzE9Ew ZhZ6h/dg1FkTW/XNi1lYuzmqg3bItERruzihNpha3RdY2gdesgSoq5cXx9lawHoj UAU99lQ2NUAkdiRZposE/gpmENKMgqjSwUBSbDcW+yp+8P8ZuRnZWW+estsaAz9G mMi0KPMl2sirEjRP8liTu+fCZUPZSRpbrpWFEwP7hK3bu/05pfgFhS3zXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBw8P0+X8b8h6UFVbLAILmiURuSPMB8GA1UdIwQY MBaAFGjvzKhJj10mwSCvNNhGwCgf9imvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMt MzU4MTQ1ZDlhODFkLzEvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMtMzU4MTQ1ZDlhODFk LzEvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8af2ude gDtcaTgNIeDU0Ai1naRv/qezRzVvVPA4qP3BsTQLgKTA2+IdrV06KyUnylAIK4ZL 94fHKTja/JRm+ojQXRy4NzwCXqwPApExo6CnV/AvD3gu4Gjw11IjlBSG/YvsAqdN bnNuDos++20B6t1mBya72Dtyvexdd3hnTuWneazpz6XczrTWEIJ2cQwLY9jUDZyA kAEpZsgn3IcAr+Ct5OGRdGnAOaC4HuH6UlJcjxOs/HrrtmESqFGFlpnMOlyRc4tC dstIDfdlwNGb6jtxwZPd38ciFk/9jmIJChwy4byMTgk8Jm4iEHbgAk77SYpDMW9A BnTRkj8Lxf5fmA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:45:22 2025 by rpki-client