This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft File: aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json) Hash identifier: Q6ZKGTyV3yowNozPSq8H6B8FZINovt9rJn9FFSfYnxU= Subject key identifier: 5B:0E:F1:EB:5D:D8:A5:F1:D9:60:F5:B5:DB:12:1A:69:87:8A:E6:90 Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7 Certificate issuer: /CN=68a5023d8e021126997d7926a47701608aace3c7 Certificate serial: 019B4E4D4227D7212FE5C99BA41BDB9C3B78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft Manifest number: 0902 Signing time: Wed 24 Dec 2025 03:00:44 +0000 Manifest this update: Wed 24 Dec 2025 03:00:44 +0000 Manifest next update: Thu 25 Dec 2025 03:00:44 +0000 Files and hashes: 1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: 2TLa5PRcmVI7WMRNH9ZaBZUNljTuMdfcRnK5iW+u0go=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 03:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:42:27:d7:21:2f:e5:c9:9b:a4:1b:db:9c:3b:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7 Validity Not Before: Dec 24 03:00:44 2025 GMT Not After : Dec 25 03:00:44 2025 GMT Subject: CN=5b0ef1eb5dd8a5f1d960f5b5db121a69878ae690 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:92:73:90:a3:9d:e6:c6:3c:11:81:c5:d7:5e: ba:e5:89:43:8b:87:88:cf:bf:f9:0d:df:f5:41:70: 41:03:f7:af:2a:ed:cc:98:88:7a:37:24:af:32:9e: 53:56:d7:3e:dd:30:b6:88:6a:3b:ae:61:bb:3b:09: 07:f8:be:8e:b4:f5:6d:f1:40:98:ee:e5:ce:9a:49: 1d:a8:fb:8c:e4:91:d8:fb:f5:bc:dc:ba:33:c3:82: 45:35:47:4e:44:54:12:d1:c7:04:51:53:ad:69:21: 12:3f:bc:ac:26:db:d4:5a:44:97:d5:28:77:85:4d: f8:5c:84:c8:13:b4:ed:b3:67:09:76:3c:a2:9b:58: 85:cf:40:38:3e:dc:d2:5a:2a:d4:6b:1c:56:47:2b: 06:ce:54:a8:b6:ba:85:5d:3c:79:9f:c8:81:d0:5b: d2:38:1c:47:d9:04:2b:8e:ef:0c:78:d1:af:4f:3a: c7:46:21:05:ad:af:fb:7a:b2:81:59:ec:37:64:72: d5:c6:8a:e0:a7:47:0b:79:15:b3:5e:e2:6c:bc:45: 99:d9:e2:2f:5a:35:49:d5:54:54:dc:e3:b6:35:2c: 4a:f4:d9:3b:03:c2:ae:43:41:8b:bc:46:2c:cc:75: 01:56:bc:49:da:f0:4a:51:fb:64:a7:1a:f8:c6:4a: cd:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:0E:F1:EB:5D:D8:A5:F1:D9:60:F5:B5:DB:12:1A:69:87:8A:E6:90 X509v3 Authority Key Identifier: keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:d6:60:a0:a7:d6:e0:dd:e7:a6:67:98:51:fa:84:cf:aa:47: ce:32:78:09:4a:ab:23:b3:79:1a:9e:32:2f:9b:60:38:9e:78: 93:79:82:af:5b:aa:0b:03:1a:22:12:00:bc:ff:f1:f3:b8:74: e0:d9:ed:94:c3:2f:d4:51:ce:d5:25:52:2e:b3:44:e3:fd:14: b3:83:c1:41:87:5a:35:d1:2d:7f:a2:7f:68:dd:a7:f4:69:9f: bb:3c:50:54:5a:d1:e8:c2:27:b2:bf:a9:62:a8:ee:83:ca:e4: d8:b4:ba:46:a6:03:69:2f:79:84:74:58:8c:8a:44:13:c3:27: 87:7d:28:1b:00:e7:3e:e3:f8:97:c6:aa:c5:49:4d:a1:5b:79: 5a:62:fe:94:d0:30:52:96:03:b1:a4:b0:63:3b:82:0a:1d:ce: bf:8f:76:92:64:a3:0e:4f:b4:0d:3b:65:9b:93:62:9d:96:4e: c3:0e:84:06:48:ed:f3:23:3b:68:a8:31:5a:19:0f:73:15:0f: 4e:af:73:bb:71:14:33:57:24:ef:7c:ee:0b:a3:f2:4c:d5:09: a0:1c:5d:ed:70:6b:bf:ae:0b:38:30:42:33:e3:46:50:cc:71: d5:cd:a5:23:d5:36:00:56:9c:ab:35:da:c1:01:fc:df:dd:69: 19:43:ce:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTUIn1yEv5cmbpBvbnDt4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh Y2UzYzcwHhcNMjUxMjI0MDMwMDQ0WhcNMjUxMjI1MDMwMDQ0WjAzMTEwLwYDVQQD Eyg1YjBlZjFlYjVkZDhhNWYxZDk2MGY1YjVkYjEyMWE2OTg3OGFlNjkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZJzkKOd5sY8EYHF11665YlDi4eI z7/5Dd/1QXBBA/evKu3MmIh6NySvMp5TVtc+3TC2iGo7rmG7OwkH+L6OtPVt8UCY 7uXOmkkdqPuM5JHY+/W83Lozw4JFNUdORFQS0ccEUVOtaSESP7ysJtvUWkSX1Sh3 hU34XITIE7Tts2cJdjyim1iFz0A4PtzSWirUaxxWRysGzlSotrqFXTx5n8iB0FvS OBxH2QQrju8MeNGvTzrHRiEFra/7erKBWew3ZHLVxorgp0cLeRWzXuJsvEWZ2eIv WjVJ1VRU3OO2NSxK9Nk7A8KuQ0GLvEYszHUBVrxJ2vBKUftkpxr4xkrNjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFsO8etd2KXx2WD1tdsSGmmHiuaQMB8GA1UdIwQY MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidZgoKfW 4N3npmeYUfqEz6pHzjJ4CUqrI7N5Gp4yL5tgOJ54k3mCr1uqCwMaIhIAvP/x87h0 4NntlMMv1FHO1SVSLrNE4/0Us4PBQYdaNdEtf6J/aN2n9GmfuzxQVFrR6MInsr+p Yqjug8rk2LS6RqYDaS95hHRYjIpEE8Mnh30oGwDnPuP4l8aqxUlNoVt5WmL+lNAw UpYDsaSwYzuCCh3Ov492kmSjDk+0DTtlm5NinZZOww6EBkjt8yM7aKgxWhkPcxUP Tq9zu3EUM1ck73zuC6PyTNUJoBxd7XBrv64LODBCM+NGUMxx1c2lI9U2AFacqzXa wQH8391pGUPO4A== -----END CERTIFICATE-----Generated at Wed Dec 24 12:29:10 2025 by rpki-client