This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft File: aO_MqEmPXSbBIK802EbAKB_2Ka8.mft (raw, json) Hash identifier: fOrO0XpcNBIPlTr6lZeMLOXMv/OfHvGrp82acdQjqGE= Subject key identifier: 50:2A:6D:6A:85:67:3A:65:31:79:FE:DA:0E:90:A6:EC:53:C7:35:33 Authority key identifier: 68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF Certificate issuer: /CN=68efcca8498f5d26c120af34d846c0281ff629af Certificate serial: 019B6D6A292AAF133D0D89612F3E37C1CEFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft Manifest number: 1210 Signing time: Tue 30 Dec 2025 04:00:32 +0000 Manifest this update: Tue 30 Dec 2025 04:00:32 +0000 Manifest next update: Wed 31 Dec 2025 04:00:32 +0000 Files and hashes: 1: aO_MqEmPXSbBIK802EbAKB_2Ka8.crl (hash: cAN8iXkK15ds7OLkDG6rEdwfHcjoZT6txa86ooAQO3E=) 2: bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa (hash: iWv2k5/cNl7lJrUkdCeVYiFcY+HPf8sJg4JbV1Gwcrc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.crl rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:6a:29:2a:af:13:3d:0d:89:61:2f:3e:37:c1:ce:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68efcca8498f5d26c120af34d846c0281ff629af Validity Not Before: Dec 30 04:00:32 2025 GMT Not After : Dec 31 04:00:32 2025 GMT Subject: CN=502a6d6a85673a653179feda0e90a6ec53c73533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4a:a9:e2:dd:9b:43:aa:b4:40:1d:a3:49:81: bd:3d:5e:2b:14:41:09:11:e6:cb:73:40:58:14:cf: 32:72:b9:ef:ec:55:0c:ec:92:26:ad:f3:08:bf:78: 94:25:a3:00:df:31:cc:1d:7c:b1:43:23:31:c4:f8: 58:9c:d1:28:ca:79:54:5c:21:00:a1:f3:e4:ed:00: 28:02:1f:09:8f:7a:08:ae:e1:c8:67:7d:8a:ab:46: 36:fd:74:95:3a:76:6a:73:5d:6e:ca:44:59:49:0c: ee:7a:14:e3:3f:26:b2:d4:b0:f8:7c:f0:3e:64:e2: 1a:e0:45:cb:e5:c9:13:b4:05:d3:f7:7f:04:34:af: ac:31:cd:f7:3d:ce:ea:95:4f:99:6b:aa:44:ce:27: 71:ac:e3:71:ba:10:26:39:f6:f8:57:0f:f1:24:1f: c0:45:47:b8:7f:a1:82:70:4a:97:46:eb:66:a3:2c: b2:8a:bf:3d:24:8e:f9:40:02:6f:5c:9c:e2:87:a4: c8:f2:3f:d6:fc:bc:d9:8b:05:9b:e6:c8:9d:89:7f: 29:b1:2d:a4:19:83:e9:a1:ce:36:a5:e6:91:68:3c: db:db:63:f8:8d:47:40:a9:a3:f8:5c:03:f8:25:c7: fd:8e:25:89:ac:ac:72:a8:44:54:19:8c:2f:0c:06: 2a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:2A:6D:6A:85:67:3A:65:31:79:FE:DA:0E:90:A6:EC:53:C7:35:33 X509v3 Authority Key Identifier: keyid:68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:b0:24:f1:34:2b:3d:d1:d6:38:72:e1:68:c0:3b:ff:5a:25: 93:ff:5d:2b:23:37:5a:c7:8d:a0:b4:dc:0f:36:07:db:4e:7f: e2:ff:5a:65:08:cc:38:bf:08:da:b9:3f:93:4b:a2:3f:93:c5: e6:ee:18:be:77:07:91:d7:a6:71:a8:1e:04:50:6e:b4:9a:42: 80:12:f5:27:5d:ac:85:5b:42:71:c5:2c:23:df:e5:76:a8:7a: b1:0d:50:eb:15:95:4a:13:4d:28:25:97:3a:17:6c:42:12:83: 09:62:a1:04:35:64:70:18:aa:ba:03:1d:11:ee:54:1b:0d:9f: a6:62:79:80:e3:ec:e6:8f:1f:9b:4b:73:b4:00:c1:5e:52:44: 5e:d4:26:26:a3:aa:ae:93:74:4d:ee:a7:4e:98:be:e0:27:ae: 6c:18:7d:cb:14:5c:42:b1:a1:18:f0:99:78:f9:2e:3a:51:a9: 26:1e:1d:d5:20:82:be:e9:3f:65:79:58:cb:06:d1:e2:c1:b3: 87:9d:f6:af:84:b1:37:4a:dd:fb:19:c2:b7:5b:02:de:ef:58: a2:f2:dc:0b:9a:b1:bf:86:39:a3:ac:68:a7:8e:85:b8:fd:9f: 3e:37:82:65:44:62:27:a3:a5:07:ef:27:97:3c:23:22:a5:d4: f3:2c:bb:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttaikqrxM9DYlhLz43wc77MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZWZjY2E4NDk4ZjVkMjZjMTIwYWYzNGQ4NDZjMDI4MWZm NjI5YWYwHhcNMjUxMjMwMDQwMDMyWhcNMjUxMjMxMDQwMDMyWjAzMTEwLwYDVQQD Eyg1MDJhNmQ2YTg1NjczYTY1MzE3OWZlZGEwZTkwYTZlYzUzYzczNTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUqp4t2bQ6q0QB2jSYG9PV4rFEEJ EebLc0BYFM8ycrnv7FUM7JImrfMIv3iUJaMA3zHMHXyxQyMxxPhYnNEoynlUXCEA ofPk7QAoAh8Jj3oIruHIZ32Kq0Y2/XSVOnZqc11uykRZSQzuehTjPyay1LD4fPA+ ZOIa4EXL5ckTtAXT938ENK+sMc33Pc7qlU+Za6pEzidxrONxuhAmOfb4Vw/xJB/A RUe4f6GCcEqXRutmoyyyir89JI75QAJvXJzih6TI8j/W/LzZiwWb5sidiX8psS2k GYPpoc42peaRaDzb22P4jUdAqaP4XAP4Jcf9jiWJrKxyqERUGYwvDAYq7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFAqbWqFZzplMXn+2g6QpuxTxzUzMB8GA1UdIwQY MBaAFGjvzKhJj10mwSCvNNhGwCgf9imvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMt MzU4MTQ1ZDlhODFkLzEvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMtMzU4MTQ1ZDlhODFk LzEvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7Ak8TQr PdHWOHLhaMA7/1olk/9dKyM3WseNoLTcDzYH205/4v9aZQjMOL8I2rk/k0uiP5PF 5u4YvncHkdemcageBFButJpCgBL1J12shVtCccUsI9/ldqh6sQ1Q6xWVShNNKCWX OhdsQhKDCWKhBDVkcBiqugMdEe5UGw2fpmJ5gOPs5o8fm0tztADBXlJEXtQmJqOq rpN0Te6nTpi+4CeubBh9yxRcQrGhGPCZePkuOlGpJh4d1SCCvuk/ZXlYywbR4sGz h532r4SxN0rd+xnCt1sC3u9YovLcC5qxv4Y5o6xop46FuP2fPjeCZURiJ6OlB+8n lzwjIqXU8yy78g== -----END CERTIFICATE-----Generated at Tue Dec 30 09:06:19 2025 by rpki-client