This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft File: o52_aHirAKRS-LB_iQ06s0g3Yns.mft (raw, json) Hash identifier: DwXLRf+Q5guWAz96X4HcRxaEQYNzXVZz0dzM4KsDbKs= Subject key identifier: F4:E7:73:33:E2:05:85:E7:68:24:5B:BE:AA:65:7A:9B:B3:28:3D:09 Authority key identifier: A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B Certificate issuer: /CN=a39dbf6878ab00a452f8b07f890d3ab34837627b Certificate serial: 019B3A908799A167F7B4AB0E9A5234309714 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft Manifest number: 064A Signing time: Sat 20 Dec 2025 07:01:48 +0000 Manifest this update: Sat 20 Dec 2025 07:01:48 +0000 Manifest next update: Sun 21 Dec 2025 07:01:48 +0000 Files and hashes: 1: ExGaGMHRMHV6Wwq7HUUBGaTmIOs.roa (hash: GrRPycpKBiqBeJAl7ze1jROyMQik0DJu7nFgEpAVFB8=) 2: o52_aHirAKRS-LB_iQ06s0g3Yns.crl (hash: hXOzLaAtbH7cvbJA6qEhDSbtAwp4TsXRPPZkzc/NZ9s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:87:99:a1:67:f7:b4:ab:0e:9a:52:34:30:97:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a39dbf6878ab00a452f8b07f890d3ab34837627b Validity Not Before: Dec 20 07:01:48 2025 GMT Not After : Dec 21 07:01:48 2025 GMT Subject: CN=f4e77333e20585e768245bbeaa657a9bb3283d09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ff:d4:9c:fc:47:2b:f9:0c:85:25:d9:c9:bf: 1f:fe:8f:87:17:35:c6:9b:0c:c1:44:2d:c6:7e:8d: 3a:de:b6:c6:aa:ee:15:1f:d4:8a:cb:22:05:39:61: 8e:25:ad:27:75:ee:16:5e:04:15:9e:b5:0b:4f:7a: e5:a1:e5:9e:2a:93:0a:f7:a7:64:7f:61:ba:24:45: fd:6b:c7:e5:61:e9:ac:c6:77:4d:8f:8d:1f:c0:2b: 50:d9:00:a9:99:b0:50:a8:85:df:91:8b:5c:47:29: d8:08:dc:84:a7:5a:1d:06:f3:3b:71:af:22:3c:57: 52:bb:8f:b4:69:eb:03:43:73:6e:af:bf:04:14:e3: e9:ff:46:c5:b7:69:63:3e:ec:78:df:4b:46:6f:8c: 5f:0a:9c:91:07:bb:21:b1:64:b4:f6:ff:11:b6:62: 82:6b:b6:f1:10:6e:a2:56:af:6b:69:75:68:cf:79: d4:a0:de:ab:12:26:f1:c9:ff:94:c1:b8:70:8b:02: b5:44:cc:fe:e2:6b:3c:e5:0b:3c:be:32:1f:05:75: 9a:26:9b:bc:2b:a4:78:c2:ce:25:22:0f:87:bf:24: 00:0f:fd:fa:12:b6:01:ee:20:d1:68:30:3f:c2:d7: 83:c8:89:0e:9f:a8:cc:6b:d0:1e:b4:cb:dc:21:71: a6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:E7:73:33:E2:05:85:E7:68:24:5B:BE:AA:65:7A:9B:B3:28:3D:09 X509v3 Authority Key Identifier: keyid:A3:9D:BF:68:78:AB:00:A4:52:F8:B0:7F:89:0D:3A:B3:48:37:62:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o52_aHirAKRS-LB_iQ06s0g3Yns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/22696d-e72f-4cfd-bae0-ad4423765892/1/o52_aHirAKRS-LB_iQ06s0g3Yns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:a6:60:bb:56:77:d6:e0:0c:2f:61:36:d1:33:0b:45:64:80: 9f:af:2b:c3:25:45:db:73:8f:24:6e:d1:9f:98:96:77:42:8d: 3b:3c:6e:06:41:ff:c4:e0:dc:fe:58:1c:c9:76:f6:b5:2a:98: 93:53:e9:54:88:26:2c:c2:0a:b6:53:8c:d6:3b:5e:58:0e:55: cb:5b:d1:34:eb:6f:a3:98:6b:4d:24:d5:2e:ca:5b:4b:a5:16: 35:fc:e9:57:d9:cd:85:5d:57:dc:46:0f:0f:9d:6f:58:03:25: 91:2d:dc:06:c4:2f:6c:1d:05:37:30:7f:89:9e:be:f6:ab:75: 7a:c9:3e:2a:6d:0f:5d:ea:15:17:02:71:78:30:f4:7a:49:84: a5:d6:d7:00:9d:d1:2f:81:a5:04:62:bd:9a:67:73:bb:21:2b: e0:7a:9b:18:60:8d:72:c9:32:96:e3:87:4d:6e:f8:dc:71:8a: ce:4c:07:10:6a:38:df:08:36:c3:46:74:37:9a:3a:18:5e:94: e7:35:1b:5f:58:e2:cd:be:bb:66:63:d1:35:b6:25:fe:21:ec: 22:5e:cb:f7:24:47:b5:33:4d:72:ff:bc:23:0e:91:5f:33:36: 5f:65:c6:26:c9:09:2e:40:72:34:79:7a:a2:b6:f3:c0:0f:c6: 43:99:3a:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kIeZoWf3tKsOmlI0MJcUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzOWRiZjY4NzhhYjAwYTQ1MmY4YjA3Zjg5MGQzYWIzNDgz NzYyN2IwHhcNMjUxMjIwMDcwMTQ4WhcNMjUxMjIxMDcwMTQ4WjAzMTEwLwYDVQQD EyhmNGU3NzMzM2UyMDU4NWU3NjgyNDViYmVhYTY1N2E5YmIzMjgzZDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs//UnPxHK/kMhSXZyb8f/o+HFzXG mwzBRC3Gfo063rbGqu4VH9SKyyIFOWGOJa0nde4WXgQVnrULT3rloeWeKpMK96dk f2G6JEX9a8flYemsxndNj40fwCtQ2QCpmbBQqIXfkYtcRynYCNyEp1odBvM7ca8i PFdSu4+0aesDQ3Nur78EFOPp/0bFt2ljPux430tGb4xfCpyRB7shsWS09v8RtmKC a7bxEG6iVq9raXVoz3nUoN6rEibxyf+UwbhwiwK1RMz+4ms85Qs8vjIfBXWaJpu8 K6R4ws4lIg+HvyQAD/36ErYB7iDRaDA/wteDyIkOn6jMa9AetMvcIXGmnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPTnczPiBYXnaCRbvqplepuzKD0JMB8GA1UdIwQY MBaAFKOdv2h4qwCkUviwf4kNOrNIN2J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAt YWQ0NDIzNzY1ODkyLzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8yMjY5NmQtZTcyZi00Y2ZkLWJhZTAtYWQ0NDIzNzY1ODky LzEvbzUyX2FIaXJBS1JTLUxCX2lRMDZzMGczWW5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqZgu1Z3 1uAML2E20TMLRWSAn68rwyVF23OPJG7Rn5iWd0KNOzxuBkH/xODc/lgcyXb2tSqY k1PpVIgmLMIKtlOM1jteWA5Vy1vRNOtvo5hrTSTVLspbS6UWNfzpV9nNhV1X3EYP D51vWAMlkS3cBsQvbB0FNzB/iZ6+9qt1esk+Km0PXeoVFwJxeDD0ekmEpdbXAJ3R L4GlBGK9mmdzuyEr4HqbGGCNcskyluOHTW743HGKzkwHEGo43wg2w0Z0N5o6GF6U 5zUbX1jizb67ZmPRNbYl/iHsIl7L9yRHtTNNcv+8Iw6RXzM2X2XGJskJLkByNHl6 orbzwA/GQ5k6tg== -----END CERTIFICATE-----Generated at Sat Dec 20 15:07:04 2025 by rpki-client