This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft File: aa24Jfn9vKDNfHkB3reiKuF5fAY.mft (raw, json) Hash identifier: Lqot3AbM6eGF/Qx8ep7jkskhSz3rAhVDMOST1nYDmKE= Subject key identifier: 98:A3:B1:78:1B:D1:E5:97:0D:A5:A9:A7:4A:E7:C0:F6:46:1C:47:1A Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06 Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06 Certificate serial: 019B3D90C38FA496B415EDDFF82B6F58CAAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft Manifest number: 14A3 Signing time: Sat 20 Dec 2025 21:00:55 +0000 Manifest this update: Sat 20 Dec 2025 21:00:55 +0000 Manifest next update: Sun 21 Dec 2025 21:00:55 +0000 Files and hashes: 1: CcO4X5owbp8OTsQUAi4Se0U0bGo.roa (hash: Rjhil4a1bZ7IivISF1+emC+myyX4/SSXPPEDg9r6bJ4=) 2: aa24Jfn9vKDNfHkB3reiKuF5fAY.crl (hash: AxMeGCabGJyvY9Q8i1yfxN/w0U6LZbM4B/7dQPX14rs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:c3:8f:a4:96:b4:15:ed:df:f8:2b:6f:58:ca:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06 Validity Not Before: Dec 20 21:00:55 2025 GMT Not After : Dec 21 21:00:55 2025 GMT Subject: CN=98a3b1781bd1e5970da5a9a74ae7c0f6461c471a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:96:ba:4c:98:86:4e:1d:31:85:b8:c8:9a:32: 28:67:ab:25:92:ff:53:5f:a3:3f:3e:c9:92:75:87: 23:d4:fe:1b:07:1f:e6:e8:92:50:d5:be:75:75:45: 7e:49:b4:13:1a:e9:e0:bb:18:2f:57:43:b8:cb:e0: 4c:ce:2c:ef:4f:04:94:1d:4c:97:da:72:06:52:f8: c4:99:de:b7:5f:ac:3c:88:95:a4:55:c7:7d:26:2f: d1:21:bb:02:b7:23:01:ed:05:9f:95:72:bd:d6:6c: 03:bf:98:01:39:a0:35:18:cd:b1:9c:5a:1e:37:50: 14:af:1d:cb:c7:c0:7f:fb:4d:81:f6:c5:be:44:04: d0:e4:03:d3:82:4f:1f:dc:38:85:83:96:82:65:9e: 63:36:2f:d0:ec:29:8c:20:b1:87:99:31:3c:ec:bb: a9:ac:b8:ec:ee:68:28:1f:3e:a8:2b:8e:ab:b8:99: 01:94:7d:14:77:79:e5:97:a1:8f:eb:3e:53:23:a2: 71:ae:a4:49:cb:ff:c1:b3:7b:52:b1:1d:86:6d:ed: 2f:df:f3:43:c1:12:4b:13:54:6f:c9:31:6a:e9:8b: a4:c1:a7:0f:8f:eb:10:1a:b1:ed:7c:5f:ca:47:23: 35:7d:ae:5b:e9:ad:29:f7:21:50:49:55:0d:ac:70: fb:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:A3:B1:78:1B:D1:E5:97:0D:A5:A9:A7:4A:E7:C0:F6:46:1C:47:1A X509v3 Authority Key Identifier: keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:97:bd:af:ba:ea:d8:b7:e6:29:7e:e1:e5:0a:56:d8:91:c6: c2:a6:db:33:ea:39:67:f9:4e:7b:d5:f5:98:9b:c7:c9:e2:cc: 27:dd:cf:94:7c:79:89:df:53:10:88:11:26:cd:5a:2f:86:4f: e9:77:01:ef:68:eb:09:13:7a:87:04:7c:22:50:fb:71:09:5c: 60:4f:8e:ae:58:dc:b7:e1:ef:1a:f6:76:e1:a4:d7:4f:26:43: 04:06:32:d5:ee:b4:3c:bf:74:1a:f5:80:16:1a:c2:76:99:89: 96:24:35:1b:07:ab:e3:60:35:b0:21:c4:45:c3:fe:a6:e6:f2: 5e:c2:11:00:39:68:9f:c6:10:2f:d2:1b:7a:fd:01:50:a6:37: 90:c5:b8:d1:e7:be:b4:df:0b:e9:46:c0:4a:89:fc:2d:81:fc: 46:65:90:0a:bd:93:c5:23:db:2d:40:11:c8:8a:e7:0e:97:3b: c3:75:16:0c:14:50:f7:6f:af:32:56:15:b7:df:46:f2:eb:eb: 4d:b1:77:08:6e:bf:f0:50:f3:36:94:72:13:7b:82:e2:95:2b: 5f:33:6e:c5:d2:2d:36:92:60:35:0e:b2:5a:8b:3f:e6:9d:de: 78:d5:73:c8:4c:33:77:32:b5:6d:ee:99:3d:1d:c3:4d:39:08: df:4c:2a:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kMOPpJa0Fe3f+CtvWMqrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3 OTdjMDYwHhcNMjUxMjIwMjEwMDU1WhcNMjUxMjIxMjEwMDU1WjAzMTEwLwYDVQQD Eyg5OGEzYjE3ODFiZDFlNTk3MGRhNWE5YTc0YWU3YzBmNjQ2MWM0NzFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5a6TJiGTh0xhbjImjIoZ6slkv9T X6M/PsmSdYcj1P4bBx/m6JJQ1b51dUV+SbQTGunguxgvV0O4y+BMzizvTwSUHUyX 2nIGUvjEmd63X6w8iJWkVcd9Ji/RIbsCtyMB7QWflXK91mwDv5gBOaA1GM2xnFoe N1AUrx3Lx8B/+02B9sW+RATQ5APTgk8f3DiFg5aCZZ5jNi/Q7CmMILGHmTE87Lup rLjs7mgoHz6oK46ruJkBlH0Ud3nll6GP6z5TI6JxrqRJy//Bs3tSsR2Gbe0v3/ND wRJLE1RvyTFq6YukwacPj+sQGrHtfF/KRyM1fa5b6a0p9yFQSVUNrHD7ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJijsXgb0eWXDaWpp0rnwPZGHEcaMB8GA1UdIwQY MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt MzIzNjI2N2M4Nzk5LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5 LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJe9r7rq 2LfmKX7h5QpW2JHGwqbbM+o5Z/lOe9X1mJvHyeLMJ93PlHx5id9TEIgRJs1aL4ZP 6XcB72jrCRN6hwR8IlD7cQlcYE+Orljct+HvGvZ24aTXTyZDBAYy1e60PL90GvWA FhrCdpmJliQ1Gwer42A1sCHERcP+pubyXsIRADlon8YQL9Ibev0BUKY3kMW40ee+ tN8L6UbASon8LYH8RmWQCr2TxSPbLUARyIrnDpc7w3UWDBRQ92+vMlYVt99G8uvr TbF3CG6/8FDzNpRyE3uC4pUrXzNuxdItNpJgNQ6yWos/5p3eeNVzyEwzdzK1be6Z PR3DTTkI30wq7g== -----END CERTIFICATE-----Generated at Sun Dec 21 01:11:07 2025 by rpki-client