This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.mft File: 1aiQlOEuVN2QHjLTPOUTHgRu5ww.mft (raw, json) Hash identifier: zWTq9aKZF8qZSoob+1NKIV1dWdasKBmgdGV86IpQYn4= Subject key identifier: 18:2F:45:05:B0:14:0C:9D:66:22:F0:A4:9D:3D:9D:F1:FF:AE:72:28 Authority key identifier: D5:A8:90:94:E1:2E:54:DD:90:1E:32:D3:3C:E5:13:1E:04:6E:E7:0C Certificate issuer: /CN=d5a89094e12e54dd901e32d33ce5131e046ee70c Certificate serial: 019B44DCFBA4126CEFCE0CD3B8E85618C9DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aiQlOEuVN2QHjLTPOUTHgRu5ww.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.mft Manifest number: 0422 Signing time: Mon 22 Dec 2025 07:01:31 +0000 Manifest this update: Mon 22 Dec 2025 07:01:31 +0000 Manifest next update: Tue 23 Dec 2025 07:01:31 +0000 Files and hashes: 1: 1aiQlOEuVN2QHjLTPOUTHgRu5ww.crl (hash: 4k9X9PKg6NU9gTPecSruY9RUwayf5TjR6gILre2TNAc=) 2: d97Ch2oOF5rboQAm4Ny7S68pdDs.roa (hash: GTey3KF1CvpIvjeJCgqABtZ3XGUGtGoEyAaxaxLHaVc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.mft rsync://rpki.ripe.net/repository/DEFAULT/1aiQlOEuVN2QHjLTPOUTHgRu5ww.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 07:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:dc:fb:a4:12:6c:ef:ce:0c:d3:b8:e8:56:18:c9:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5a89094e12e54dd901e32d33ce5131e046ee70c Validity Not Before: Dec 22 07:01:31 2025 GMT Not After : Dec 23 07:01:31 2025 GMT Subject: CN=182f4505b0140c9d6622f0a49d3d9df1ffae7228 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:b7:79:f6:6e:e6:ae:7c:e3:50:e7:18:6e:0a: fc:b3:68:6c:f8:2c:55:d4:97:69:99:8b:76:8c:5c: 1a:6f:c3:63:3c:0d:56:8a:0b:76:e0:8f:9b:9a:98: 93:26:b4:7c:c5:fd:ab:71:35:49:59:82:ad:85:66: 4e:ac:2b:8b:47:28:4e:a6:fa:21:87:4e:7c:66:01: c8:cd:78:bd:b4:2d:cd:77:11:50:4f:ca:22:ae:86: a0:d9:69:9b:13:80:81:0c:f3:57:64:9a:f4:63:9b: 36:5e:30:1f:c1:ee:8b:12:42:b7:a9:37:cc:ea:9d: cf:b2:5c:4f:9d:45:d7:2d:b9:31:82:bd:10:12:d2: fd:12:01:c7:ce:23:c2:68:49:11:94:c5:81:b2:95: 87:fd:75:ed:b9:9a:66:40:65:90:56:db:d5:21:6e: 05:11:3e:ed:eb:f6:0a:17:bf:86:57:3d:ed:c9:98: 2c:3a:aa:8d:f6:a4:3c:01:1f:b6:ce:ff:ab:5e:d1: 89:64:18:4f:ae:20:b6:1f:f0:86:90:5f:57:2b:39: 1a:36:6e:41:9e:da:19:30:93:a7:e6:a8:d4:ee:f8: e6:37:29:38:a1:fb:a4:49:f3:ee:4c:c1:30:67:bf: 5b:21:b3:2c:5b:cc:fd:5d:2a:15:72:d5:0e:a9:b6: ad:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:2F:45:05:B0:14:0C:9D:66:22:F0:A4:9D:3D:9D:F1:FF:AE:72:28 X509v3 Authority Key Identifier: keyid:D5:A8:90:94:E1:2E:54:DD:90:1E:32:D3:3C:E5:13:1E:04:6E:E7:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aiQlOEuVN2QHjLTPOUTHgRu5ww.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/22d20e-0bd6-49fb-b9c3-e20d707c00fb/1/1aiQlOEuVN2QHjLTPOUTHgRu5ww.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:94:7d:35:0d:ef:53:87:ca:da:21:7d:fa:bf:01:63:64:0f: 62:49:93:0d:79:88:c8:ca:a2:e9:04:11:a9:44:4a:38:4c:be: dd:15:ef:c1:d6:9d:62:63:53:f1:1a:02:a3:f6:39:cf:99:2d: a1:ff:62:05:4c:d3:22:6a:4d:96:24:93:d3:6e:79:af:4e:3e: 16:0a:2d:6b:1c:44:91:95:67:ac:25:44:7c:69:53:68:51:eb: 3a:61:f0:f8:51:d1:30:c8:e6:4c:ec:fc:4a:22:cf:66:5e:7b: ed:9a:e1:e5:04:41:f2:d2:ad:80:d1:1f:4c:53:ef:5a:0b:91: 63:ad:3e:dd:2b:c6:b3:ab:d4:8d:37:4d:cb:84:59:37:12:9f: c8:e8:3b:3b:39:95:82:a5:e1:8d:d6:6d:62:d7:09:5b:97:a4: e2:1b:74:6e:ab:31:a5:97:1d:a8:a4:c7:6d:ac:18:62:fe:44: 9e:e6:e8:6c:0f:71:07:44:e4:fa:8c:b8:92:84:b9:f1:b4:23: 4c:29:f1:18:88:bf:ac:d2:e3:01:a5:79:7f:16:fb:01:7f:39: 61:7a:74:9a:8f:44:4b:c6:d6:2e:e8:af:4a:59:ca:bd:bd:2d: 97:7e:a8:1d:90:07:d8:d0:55:f1:d6:5c:3b:ac:66:77:35:4e: 4a:08:11:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtE3PukEmzvzgzTuOhWGMnaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YTg5MDk0ZTEyZTU0ZGQ5MDFlMzJkMzNjZTUxMzFlMDQ2 ZWU3MGMwHhcNMjUxMjIyMDcwMTMxWhcNMjUxMjIzMDcwMTMxWjAzMTEwLwYDVQQD EygxODJmNDUwNWIwMTQwYzlkNjYyMmYwYTQ5ZDNkOWRmMWZmYWU3MjI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ld59m7mrnzjUOcYbgr8s2hs+CxV 1JdpmYt2jFwab8NjPA1Wigt24I+bmpiTJrR8xf2rcTVJWYKthWZOrCuLRyhOpvoh h058ZgHIzXi9tC3NdxFQT8oiroag2WmbE4CBDPNXZJr0Y5s2XjAfwe6LEkK3qTfM 6p3PslxPnUXXLbkxgr0QEtL9EgHHziPCaEkRlMWBspWH/XXtuZpmQGWQVtvVIW4F ET7t6/YKF7+GVz3tyZgsOqqN9qQ8AR+2zv+rXtGJZBhPriC2H/CGkF9XKzkaNm5B ntoZMJOn5qjU7vjmNyk4ofukSfPuTMEwZ79bIbMsW8z9XSoVctUOqbatTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBgvRQWwFAydZiLwpJ09nfH/rnIoMB8GA1UdIwQY MBaAFNWokJThLlTdkB4y0zzlEx4EbucMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWFpUWxPRXVWTjJRSGpMVFBPVVRIZ1J1NXd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yMmQyMGUtMGJkNi00OWZiLWI5YzMt ZTIwZDcwN2MwMGZiLzEvMWFpUWxPRXVWTjJRSGpMVFBPVVRIZ1J1NXd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS8yMmQyMGUtMGJkNi00OWZiLWI5YzMtZTIwZDcwN2MwMGZi LzEvMWFpUWxPRXVWTjJRSGpMVFBPVVRIZ1J1NXd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpR9NQ3v U4fK2iF9+r8BY2QPYkmTDXmIyMqi6QQRqURKOEy+3RXvwdadYmNT8RoCo/Y5z5kt of9iBUzTImpNliST0255r04+FgotaxxEkZVnrCVEfGlTaFHrOmHw+FHRMMjmTOz8 SiLPZl577Zrh5QRB8tKtgNEfTFPvWguRY60+3SvGs6vUjTdNy4RZNxKfyOg7OzmV gqXhjdZtYtcJW5ek4ht0bqsxpZcdqKTHbawYYv5EnubobA9xB0Tk+oy4koS58bQj TCnxGIi/rNLjAaV5fxb7AX85YXp0mo9ES8bWLuivSlnKvb0tl36oHZAH2NBV8dZc O6xmdzVOSggRrw== -----END CERTIFICATE-----Generated at Mon Dec 22 12:15:21 2025 by rpki-client