This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft File: aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft (raw, json) Hash identifier: ZFNKQOgmShG/CXu5fId5Lx9CtpFjUpAVbeDmUw9BhYU= Subject key identifier: 50:92:65:5B:4B:2A:6C:DC:2A:33:4C:39:9A:C9:AC:B9:FB:87:E7:40 Authority key identifier: 68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F Certificate issuer: /CN=68f063ed2e0a2674bc471010189fc77adb31c17f Certificate serial: 019B465D514F561D014A0E0EF18CAC495228 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft Manifest number: 168B Signing time: Mon 22 Dec 2025 14:01:19 +0000 Manifest this update: Mon 22 Dec 2025 14:01:19 +0000 Manifest next update: Tue 23 Dec 2025 14:01:19 +0000 Files and hashes: 1: aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl (hash: c1m6wdJWbfUNjKRa6OUu0VQRH1V7X98JAu5OTJ4N2oI=) 2: cMnqdtCxCnyUSWOfUxTVBWPspak.roa (hash: OOJ4v4cc4LujDvo5fdL7b0ZauPjg9CekPa/sj+wo+LE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 14:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:5d:51:4f:56:1d:01:4a:0e:0e:f1:8c:ac:49:52:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f063ed2e0a2674bc471010189fc77adb31c17f Validity Not Before: Dec 22 14:01:19 2025 GMT Not After : Dec 23 14:01:19 2025 GMT Subject: CN=5092655b4b2a6cdc2a334c399ac9acb9fb87e740 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:b8:c9:28:3d:79:7a:02:29:6c:75:ae:c7:05: 8a:78:7c:04:65:d3:a5:5c:d7:db:ab:96:6a:88:e3: c4:92:23:83:f2:54:2c:c7:b7:1f:6f:9f:42:c6:15: 6d:54:20:8c:10:b6:71:77:3d:db:46:a2:79:9b:7a: 43:13:9c:7d:b1:fb:bd:5f:a5:f3:2b:dd:12:bf:dd: 22:4f:57:82:84:d2:d8:ee:3f:25:3f:5a:2e:49:f9: 2f:6d:20:70:98:8b:5d:7a:b9:5a:51:d5:9e:c8:c6: 78:29:6e:47:b6:9c:7a:81:3b:06:df:91:bb:c0:4b: e6:c0:e9:73:7d:07:ba:79:55:72:10:a3:da:eb:a2: 36:13:6b:15:bf:1a:ac:be:b9:aa:48:05:54:ef:15: c0:f9:19:6a:de:6d:b0:b5:e2:fb:7f:11:17:03:ec: 11:1f:09:e2:69:f8:e2:12:57:20:99:fb:3e:c1:73: b8:3c:2d:84:ee:ac:bb:42:c7:61:86:9d:d3:46:09: 21:a7:19:e2:24:39:fa:db:a1:69:01:8f:3b:9b:47: 73:47:88:9e:3f:e8:33:a3:28:48:27:eb:ea:95:ac: 6c:5c:ab:bc:69:3e:0c:57:f9:a4:af:49:17:58:07: a8:2f:bf:e2:01:09:6d:c9:90:6e:a9:ba:fb:47:29: 1b:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:92:65:5B:4B:2A:6C:DC:2A:33:4C:39:9A:C9:AC:B9:FB:87:E7:40 X509v3 Authority Key Identifier: keyid:68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:3b:dd:f4:13:6e:1d:4d:e8:07:e9:ff:66:4e:65:22:f3:49: 88:f0:da:a5:e5:50:01:fc:58:5a:ff:ec:8f:39:51:ec:82:92: 06:9c:ff:7d:de:52:e0:ff:08:5c:07:9d:8a:d3:e0:b0:3c:63: 16:f6:01:bc:71:c1:6b:12:ef:ad:61:9f:ef:68:af:52:88:b6: 0a:7b:b1:4b:0b:94:72:6f:7e:78:60:bb:7f:61:59:57:6f:91: 3a:0c:18:29:ef:a6:b6:0f:b0:ab:52:b3:43:ec:13:09:50:01: 2d:c9:21:d2:33:1d:f8:60:a2:39:61:2d:47:d9:98:9b:1f:ea: 5e:69:78:0a:a0:cd:0f:83:d6:86:22:39:d7:6b:cb:61:31:9c: 42:2b:32:0b:6b:f2:73:38:57:a3:2b:0b:31:31:98:f9:f8:5d: 12:9d:2a:2e:26:42:54:73:e9:99:92:52:b6:dd:65:13:43:de: 69:2d:24:1b:f9:3c:88:1a:b4:9d:d2:e4:3b:0d:be:b4:4c:5e: 0c:f5:88:8b:0a:c1:15:eb:b9:60:48:3b:5c:61:4a:e0:7b:cb: 0d:38:62:bb:f9:d8:c3:d8:ba:f9:71:05:a0:9f:ba:4f:1f:be: 7c:e0:36:1d:3c:0a:61:40:0f:4a:90:e2:c8:bd:9d:da:c0:94: 8a:ba:f7:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGXVFPVh0BSg4O8YysSVIoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjA2M2VkMmUwYTI2NzRiYzQ3MTAxMDE4OWZjNzdhZGIz MWMxN2YwHhcNMjUxMjIyMTQwMTE5WhcNMjUxMjIzMTQwMTE5WjAzMTEwLwYDVQQD Eyg1MDkyNjU1YjRiMmE2Y2RjMmEzMzRjMzk5YWM5YWNiOWZiODdlNzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rjJKD15egIpbHWuxwWKeHwEZdOl XNfbq5ZqiOPEkiOD8lQsx7cfb59CxhVtVCCMELZxdz3bRqJ5m3pDE5x9sfu9X6Xz K90Sv90iT1eChNLY7j8lP1ouSfkvbSBwmItderlaUdWeyMZ4KW5Htpx6gTsG35G7 wEvmwOlzfQe6eVVyEKPa66I2E2sVvxqsvrmqSAVU7xXA+Rlq3m2wteL7fxEXA+wR HwniafjiElcgmfs+wXO4PC2E7qy7Qsdhhp3TRgkhpxniJDn626FpAY87m0dzR4ie P+gzoyhIJ+vqlaxsXKu8aT4MV/mkr0kXWAeoL7/iAQltyZBuqbr7RykbbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFCSZVtLKmzcKjNMOZrJrLn7h+dAMB8GA1UdIwQY MBaAFGjwY+0uCiZ0vEcQEBifx3rbMcF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMt OTQ2ZmRhZmUyZWM2LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMtOTQ2ZmRhZmUyZWM2 LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKDvd9BNu HU3oB+n/Zk5lIvNJiPDapeVQAfxYWv/sjzlR7IKSBpz/fd5S4P8IXAeditPgsDxj FvYBvHHBaxLvrWGf72ivUoi2CnuxSwuUcm9+eGC7f2FZV2+ROgwYKe+mtg+wq1Kz Q+wTCVABLckh0jMd+GCiOWEtR9mYmx/qXml4CqDND4PWhiI512vLYTGcQisyC2vy czhXoysLMTGY+fhdEp0qLiZCVHPpmZJStt1lE0PeaS0kG/k8iBq0ndLkOw2+tExe DPWIiwrBFeu5YEg7XGFK4HvLDThiu/nYw9i6+XEFoJ+6Tx++fOA2HTwKYUAPSpDi yL2d2sCUirr3mQ== -----END CERTIFICATE-----Generated at Mon Dec 22 20:06:39 2025 by rpki-client