This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft File: aQomMkmEfPlzRHQiE2RPkpvqqZc.mft (raw, json) Hash identifier: s3PPUEXKyAsQPlphxxPm2qr0udo5CgumWHmalKbr9TY= Subject key identifier: 21:78:F7:95:C8:38:F2:3D:1D:3E:34:D8:D0:B1:61:18:80:7E:10:26 Authority key identifier: 69:0A:26:32:49:84:7C:F9:73:44:74:22:13:64:4F:92:9B:EA:A9:97 Certificate issuer: /CN=690a263249847cf97344742213644f929beaa997 Certificate serial: 019B3E6D0CDF0CA55A006B90A2A9B686831B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft Manifest number: 09E8 Signing time: Sun 21 Dec 2025 01:01:32 +0000 Manifest this update: Sun 21 Dec 2025 01:01:32 +0000 Manifest next update: Mon 22 Dec 2025 01:01:32 +0000 Files and hashes: 1: DY21Bg3oUbtzm77wQkCwRHIkQQk.roa (hash: qZIMcnP47zIIcLpWesPleUJ2XdB9zCYyYyzYWyBj/nk=) 2: aQomMkmEfPlzRHQiE2RPkpvqqZc.crl (hash: N97kSYp3UQNiEEHbbBtMNeJyOWs1uVJqI1D9K8houZY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.crl rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:0c:df:0c:a5:5a:00:6b:90:a2:a9:b6:86:83:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=690a263249847cf97344742213644f929beaa997 Validity Not Before: Dec 21 01:01:32 2025 GMT Not After : Dec 22 01:01:32 2025 GMT Subject: CN=2178f795c838f23d1d3e34d8d0b16118807e1026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1e:5b:2d:a0:6d:7d:4e:44:a1:99:4a:d7:72: 32:68:98:d7:ba:fb:ab:6e:7d:c2:38:39:b2:7d:81: 53:ec:a9:97:77:64:31:ce:f1:6a:9a:2d:e8:45:ca: 6b:6a:47:69:0d:37:9f:3f:ae:ec:cc:55:e2:4b:88: 1e:6f:18:39:6e:c3:71:c7:72:35:ab:c0:1d:c8:64: 97:71:cf:2a:7f:e8:8b:5f:ec:b6:ce:28:84:42:8d: b0:b1:a6:b7:41:a2:2f:b7:9e:6c:07:e0:9a:a1:c7: 40:35:82:31:75:99:d2:c8:71:b3:ef:63:a9:d8:d5: b1:01:24:99:e3:5f:37:65:98:68:20:9a:e5:a3:8b: ff:12:e4:49:cc:1b:63:34:5c:c4:11:ce:4d:f2:88: 9b:09:52:9b:9d:40:b5:aa:74:f4:44:51:a2:6c:b8: 56:97:f6:47:90:83:b8:0f:ed:36:96:c8:a4:7c:b4: da:22:e1:4f:b7:be:4e:a3:06:bb:cd:ad:ea:ac:75: 0f:e1:4b:30:ef:cb:73:0f:1c:0b:58:71:ab:69:36: 03:9a:97:be:8a:31:0a:ad:62:b9:fd:cb:20:44:be: a4:d0:f3:ed:cb:c1:54:13:e3:b6:0c:98:37:46:02: ef:1a:4c:66:d6:04:bf:8d:e7:59:83:cb:0e:c1:09: 21:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:78:F7:95:C8:38:F2:3D:1D:3E:34:D8:D0:B1:61:18:80:7E:10:26 X509v3 Authority Key Identifier: keyid:69:0A:26:32:49:84:7C:F9:73:44:74:22:13:64:4F:92:9B:EA:A9:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:10:a7:7d:d1:1c:e5:b4:42:32:b2:bf:61:cb:25:65:c3:0d: e8:65:45:3e:b0:c3:07:d1:40:59:a8:eb:dd:a3:75:fc:7d:7a: ef:5d:f7:96:c6:e7:19:3b:48:57:d4:a1:7a:34:c8:b2:8b:6b: 79:f8:db:aa:40:1e:27:b5:7b:af:c2:d5:8c:0c:48:50:aa:ca: b6:66:f9:cb:6d:00:f7:a9:c8:e1:14:1b:45:d2:9e:bb:c0:d0: 0e:08:dc:e1:27:76:64:af:96:c1:ac:86:93:d0:8a:e7:14:0e: 4d:3a:41:f9:ce:b0:a9:17:25:14:97:10:04:4e:29:2b:03:e5: bc:1d:6f:f0:83:79:8d:b8:c3:de:4d:c9:1a:e6:71:89:e2:ad: 10:63:10:6b:4c:6d:98:a6:c7:3f:1f:6c:3c:f1:7a:6e:cc:ed: ff:a5:e0:1c:47:9a:52:cf:07:28:f5:0c:95:c3:8c:d6:6e:b1: 11:87:28:cd:ec:c1:25:58:c5:2e:e8:e1:da:b2:93:09:87:12: 36:62:e7:a8:af:46:8a:c5:db:aa:0b:0d:2a:2f:39:ff:1d:a1: ba:85:2f:7d:19:00:6c:5a:5d:0a:1f:c1:d4:d8:3c:83:f2:20: 32:e5:a0:9a:03:6d:32:7e:97:3e:cf:35:26:e6:88:ce:b5:7d: 28:b7:5a:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bQzfDKVaAGuQoqm2hoMbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5MGEyNjMyNDk4NDdjZjk3MzQ0NzQyMjEzNjQ0ZjkyOWJl YWE5OTcwHhcNMjUxMjIxMDEwMTMyWhcNMjUxMjIyMDEwMTMyWjAzMTEwLwYDVQQD EygyMTc4Zjc5NWM4MzhmMjNkMWQzZTM0ZDhkMGIxNjExODgwN2UxMDI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux5bLaBtfU5EoZlK13IyaJjXuvur bn3CODmyfYFT7KmXd2QxzvFqmi3oRcprakdpDTefP67szFXiS4gebxg5bsNxx3I1 q8AdyGSXcc8qf+iLX+y2ziiEQo2wsaa3QaIvt55sB+CaocdANYIxdZnSyHGz72Op 2NWxASSZ4183ZZhoIJrlo4v/EuRJzBtjNFzEEc5N8oibCVKbnUC1qnT0RFGibLhW l/ZHkIO4D+02lsikfLTaIuFPt75Oowa7za3qrHUP4Usw78tzDxwLWHGraTYDmpe+ ijEKrWK5/csgRL6k0PPty8FUE+O2DJg3RgLvGkxm1gS/jedZg8sOwQkhqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCF495XIOPI9HT402NCxYRiAfhAmMB8GA1UdIwQY MBaAFGkKJjJJhHz5c0R0IhNkT5Kb6qmXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hNzZhODYtNzViMy00Y2VmLWEzNDAt MzFiMmE2MDdiYTk3LzEvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9hNzZhODYtNzViMy00Y2VmLWEzNDAtMzFiMmE2MDdiYTk3 LzEvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxCnfdEc 5bRCMrK/YcslZcMN6GVFPrDDB9FAWajr3aN1/H167133lsbnGTtIV9ShejTIsotr efjbqkAeJ7V7r8LVjAxIUKrKtmb5y20A96nI4RQbRdKeu8DQDgjc4Sd2ZK+WwayG k9CK5xQOTTpB+c6wqRclFJcQBE4pKwPlvB1v8IN5jbjD3k3JGuZxieKtEGMQa0xt mKbHPx9sPPF6bszt/6XgHEeaUs8HKPUMlcOM1m6xEYcozezBJVjFLujh2rKTCYcS NmLnqK9GisXbqgsNKi85/x2huoUvfRkAbFpdCh/B1Ng8g/IgMuWgmgNtMn6XPs81 JuaIzrV9KLdatg== -----END CERTIFICATE-----Generated at Sun Dec 21 06:28:39 2025 by rpki-client