This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft File: aJQuPste6nkqdvray-wBqFaOl_Q.mft (raw, json) Hash identifier: fFXg0icQqyoonLH3FbJN1+6K1FHm+EyGvZvXHzw770g= Subject key identifier: A5:22:EA:EE:27:35:12:D3:29:B3:E2:12:F3:10:4C:F9:DC:E8:DA:39 Authority key identifier: 68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4 Certificate issuer: /CN=68942e3ecb5eea792a76fadacbec01a8568e97f4 Certificate serial: 019B3DFE8A8D3AC9A8CACE441330E8C84D3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 23:00:50 +0000 Manifest this update: Sat 20 Dec 2025 23:00:50 +0000 Manifest next update: Sun 21 Dec 2025 23:00:50 +0000 Files and hashes: 1: 2I7Ug_0TKUirYBKdCRFB3X-yPVM.roa (hash: OuAKBuCtiZrdtqQo3Ia+YQ9DdlyXDqDuhn9BW+I9wGc=) 2: aJQuPste6nkqdvray-wBqFaOl_Q.crl (hash: p18qMkNZNKJcJsePSVI9kP7MKdCoLAI1MUzYPYDYvNs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:8a:8d:3a:c9:a8:ca:ce:44:13:30:e8:c8:4d:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68942e3ecb5eea792a76fadacbec01a8568e97f4 Validity Not Before: Dec 20 23:00:50 2025 GMT Not After : Dec 21 23:00:50 2025 GMT Subject: CN=a522eaee273512d329b3e212f3104cf9dce8da39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:54:2a:93:32:58:5e:91:62:e5:d8:ed:5f:fe: 0b:67:14:32:a7:5f:2d:42:b6:26:45:15:de:93:c1: 1e:fc:16:43:59:bc:f7:17:34:26:30:f2:43:02:a9: 2e:f7:30:b1:7a:9c:87:95:09:e6:f1:77:fa:85:5c: 2e:57:c2:7b:42:28:dd:b9:ce:5b:12:9d:db:44:fc: 33:88:95:95:14:9b:5d:a0:c7:6a:28:a2:8b:44:a9: f4:ce:68:88:0e:8f:82:e7:30:85:77:48:ee:a0:30: b2:ff:5e:b2:9a:05:43:9b:f1:22:51:1f:4b:06:b9: 38:57:ff:f5:56:46:ef:7d:0b:20:d9:eb:99:d7:58: d6:39:fb:c5:16:7c:7c:d0:93:3b:5b:04:ab:63:a9: a1:85:6a:40:1f:1d:11:00:49:ad:5f:e2:ce:9b:03: 9f:f7:42:39:d2:f3:80:7c:51:50:1a:3d:64:32:7f: 54:c2:24:bb:e3:04:f3:6f:88:ca:b9:40:c3:8b:d4: 54:d4:0d:ad:30:da:b9:94:e5:e4:3a:55:78:d8:54: a7:b1:40:16:90:ca:b2:c6:20:87:fe:68:b5:6c:29: ce:8d:0e:7f:63:d9:e0:1a:00:5a:8e:ee:60:08:c8: 98:b0:00:61:53:c5:9d:1d:95:3b:46:d2:fa:61:24: f0:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:22:EA:EE:27:35:12:D3:29:B3:E2:12:F3:10:4C:F9:DC:E8:DA:39 X509v3 Authority Key Identifier: keyid:68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:37:5c:47:00:5c:a0:99:43:97:80:e1:3e:b0:05:be:2a:e6: a3:44:0b:4b:3f:17:a6:dd:b1:95:4d:1b:8a:b2:5f:56:85:2a: 96:78:47:02:b9:fb:ee:46:eb:61:ac:e7:27:aa:91:7f:52:45: 8f:25:de:6e:be:21:91:0a:89:67:ba:40:36:f0:fb:3f:6d:6d: 16:74:c3:c1:16:5d:9a:08:de:e0:be:3b:0a:6e:0e:0f:4a:af: 93:91:54:e1:22:3d:4c:9b:7a:ce:f5:34:18:87:0d:12:61:ba: 73:3b:13:e1:ea:7c:5c:4f:1c:02:af:c4:ec:d1:90:67:b9:bb: 57:d8:a7:79:21:7c:29:ab:28:b3:15:ef:24:21:7c:15:2e:60: 13:d1:4a:71:c5:27:ca:b3:c0:b9:9c:c9:4d:19:40:d6:f6:98: 99:25:7b:17:54:d8:4e:e5:62:58:89:5e:6e:0c:09:fc:01:10: 60:90:17:07:58:a7:71:1b:ed:61:8b:af:7c:f4:a4:54:c6:e6: cc:9a:23:7d:e7:57:c3:14:39:20:e9:49:11:88:9b:77:b4:e4: fb:c1:8b:f6:dc:01:8e:72:af:bf:87:2c:2e:bc:81:76:be:81: 2a:e8:a1:f8:7d:38:a5:31:24:ff:1f:94:ea:5c:62:6f:a8:9c: f7:3e:be:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/oqNOsmoys5EEzDoyE08MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4OTQyZTNlY2I1ZWVhNzkyYTc2ZmFkYWNiZWMwMWE4NTY4 ZTk3ZjQwHhcNMjUxMjIwMjMwMDUwWhcNMjUxMjIxMjMwMDUwWjAzMTEwLwYDVQQD EyhhNTIyZWFlZTI3MzUxMmQzMjliM2UyMTJmMzEwNGNmOWRjZThkYTM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1QqkzJYXpFi5djtX/4LZxQyp18t QrYmRRXek8Ee/BZDWbz3FzQmMPJDAqku9zCxepyHlQnm8Xf6hVwuV8J7Qijduc5b Ep3bRPwziJWVFJtdoMdqKKKLRKn0zmiIDo+C5zCFd0juoDCy/16ymgVDm/EiUR9L Brk4V//1VkbvfQsg2euZ11jWOfvFFnx80JM7WwSrY6mhhWpAHx0RAEmtX+LOmwOf 90I50vOAfFFQGj1kMn9UwiS74wTzb4jKuUDDi9RU1A2tMNq5lOXkOlV42FSnsUAW kMqyxiCH/mi1bCnOjQ5/Y9ngGgBaju5gCMiYsABhU8WdHZU7RtL6YSTwfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUi6u4nNRLTKbPiEvMQTPnc6No5MB8GA1UdIwQY MBaAFGiULj7LXup5Knb62svsAahWjpf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQt MDNjY2UzOTY5ZjljLzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQtMDNjY2UzOTY5Zjlj LzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATjdcRwBc oJlDl4DhPrAFvirmo0QLSz8Xpt2xlU0birJfVoUqlnhHArn77kbrYaznJ6qRf1JF jyXebr4hkQqJZ7pANvD7P21tFnTDwRZdmgje4L47Cm4OD0qvk5FU4SI9TJt6zvU0 GIcNEmG6czsT4ep8XE8cAq/E7NGQZ7m7V9ineSF8KasosxXvJCF8FS5gE9FKccUn yrPAuZzJTRlA1vaYmSV7F1TYTuViWIlebgwJ/AEQYJAXB1incRvtYYuvfPSkVMbm zJojfedXwxQ5IOlJEYibd7Tk+8GL9twBjnKvv4csLryBdr6BKuih+H04pTEk/x+U 6lxib6ic9z6+Gw== -----END CERTIFICATE-----Generated at Sun Dec 21 04:06:59 2025 by rpki-client