This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft File: aDCZAOZItlowenhgECv3ixb1XXU.mft (raw, json) Hash identifier: RgTkAgTqCeJC4VBLPz7w6Qp3LQZBn9qbzMDHpMgmpeo= Subject key identifier: D5:46:3D:3F:B4:0E:95:32:6F:10:3C:11:B3:15:38:FC:6C:B3:CF:B0 Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75 Certificate issuer: /CN=68309900e648b65a307a7860102bf78b16f55d75 Certificate serial: 019B40C988FA3D598C38EF34B13EB4917005 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft Manifest number: 03E8 Signing time: Sun 21 Dec 2025 12:01:48 +0000 Manifest this update: Sun 21 Dec 2025 12:01:48 +0000 Manifest next update: Mon 22 Dec 2025 12:01:48 +0000 Files and hashes: 1: MyHgwE9JQ37sKu_CcRwNe642FMI.roa (hash: UWTUq6zuuwDHpYw/C8xNP37TF6tAxhLymuOUDHs6DJk=) 2: aDCZAOZItlowenhgECv3ixb1XXU.crl (hash: oCg75HeVB/qnU1Hp1CoFtZwhOUU0XUBal37J/y8A548=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c9:88:fa:3d:59:8c:38:ef:34:b1:3e:b4:91:70:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75 Validity Not Before: Dec 21 12:01:48 2025 GMT Not After : Dec 22 12:01:48 2025 GMT Subject: CN=d5463d3fb40e95326f103c11b31538fc6cb3cfb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:98:da:a2:43:4b:c9:e5:2e:04:6f:7c:04:da: 28:52:2f:2b:d0:9e:b4:4f:5d:a7:9d:f8:ae:b2:26: 62:ff:d6:1e:5d:5d:ee:81:db:06:f4:1e:03:f5:12: 77:a5:50:68:c2:05:06:93:b7:8b:20:9e:62:bd:91: d0:55:cd:25:77:a5:46:8f:01:eb:e8:e8:87:0e:16: ef:a7:6d:21:ab:03:77:6f:71:de:67:5b:c4:ac:1b: 5f:d5:65:01:4b:d6:06:4e:8c:77:d0:d6:62:61:69: e9:b4:ec:55:b9:c9:58:5f:ea:42:8e:fe:de:e7:f2: d5:fd:81:06:94:f0:db:af:f4:9c:f4:63:51:72:88: fc:43:21:78:35:ad:cc:c5:55:e8:00:ed:82:41:bf: fe:c0:35:37:c2:7f:5a:0b:84:6c:35:5e:f8:5f:e5: 15:33:e1:95:dd:0f:18:a3:3e:e0:0e:f3:7c:3e:6b: 56:cd:cc:6c:84:a8:43:b6:e0:23:54:df:85:01:e0: 9a:74:19:dc:b4:01:67:45:5a:bc:95:69:38:fd:14: d2:37:a5:43:7c:54:fb:40:5b:a1:0b:96:99:fd:5c: 11:21:b2:47:76:2d:43:a1:b7:c6:ee:42:b6:d8:61: e5:89:a3:5d:0d:6b:f7:17:79:89:7f:83:5c:0c:73: e5:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:46:3D:3F:B4:0E:95:32:6F:10:3C:11:B3:15:38:FC:6C:B3:CF:B0 X509v3 Authority Key Identifier: keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:a3:4f:80:e8:80:3a:be:b7:bc:0d:cb:8e:0b:f6:36:f4:c2: 03:ea:9e:59:1e:2f:c6:08:5c:c5:f5:b4:16:4c:86:c5:55:8a: e4:33:f2:dd:63:8e:e8:f3:27:e1:26:76:63:58:f0:2c:65:38: ed:d3:c9:57:68:be:5e:35:0d:53:b9:b0:8d:4d:54:b3:c4:e6: 39:83:fe:e3:49:bb:c8:f7:b0:9b:25:ca:b1:b8:0a:b2:58:6d: bd:00:0e:32:a5:08:03:5e:09:b6:65:21:f7:e8:c5:e3:11:1b: 9d:36:bd:c8:33:d0:eb:0f:77:79:af:65:d0:58:cc:4f:af:7f: a6:a8:f3:5e:53:37:48:20:82:5c:f8:d4:16:4b:41:0f:00:a0: 41:3f:20:95:0c:81:16:d8:6e:9f:1d:e1:ef:f8:97:1e:e0:a7: fa:1c:92:4f:51:0d:37:9e:95:ea:80:31:73:f5:b0:1f:77:6c: 9d:a1:36:52:07:d5:24:17:2d:ea:0a:7c:89:37:59:a9:c5:da: 60:fc:0a:29:9b:62:3c:79:ab:ef:99:d3:9d:98:17:b4:6b:7e: d1:71:de:92:11:14:a5:f6:c9:85:3a:1d:71:0b:7e:e7:63:b4: d4:91:1d:62:46:4d:18:7e:99:91:ae:55:b5:31:7f:5b:f6:d6: 7d:aa:a5:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyYj6PVmMOO80sT60kXAFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm NTVkNzUwHhcNMjUxMjIxMTIwMTQ4WhcNMjUxMjIyMTIwMTQ4WjAzMTEwLwYDVQQD EyhkNTQ2M2QzZmI0MGU5NTMyNmYxMDNjMTFiMzE1MzhmYzZjYjNjZmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5jaokNLyeUuBG98BNooUi8r0J60 T12nnfiusiZi/9YeXV3ugdsG9B4D9RJ3pVBowgUGk7eLIJ5ivZHQVc0ld6VGjwHr 6OiHDhbvp20hqwN3b3HeZ1vErBtf1WUBS9YGTox30NZiYWnptOxVuclYX+pCjv7e 5/LV/YEGlPDbr/Sc9GNRcoj8QyF4Na3MxVXoAO2CQb/+wDU3wn9aC4RsNV74X+UV M+GV3Q8Yoz7gDvN8PmtWzcxshKhDtuAjVN+FAeCadBnctAFnRVq8lWk4/RTSN6VD fFT7QFuhC5aZ/VwRIbJHdi1DobfG7kK22GHliaNdDWv3F3mJf4NcDHPllwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVGPT+0DpUybxA8EbMVOPxss8+wMB8GA1UdIwQY MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt OWZhNzgwNzUzMzBiLzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYtOWZhNzgwNzUzMzBi LzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbqNPgOiA Or63vA3Ljgv2NvTCA+qeWR4vxghcxfW0FkyGxVWK5DPy3WOO6PMn4SZ2Y1jwLGU4 7dPJV2i+XjUNU7mwjU1Us8TmOYP+40m7yPewmyXKsbgKslhtvQAOMqUIA14JtmUh 9+jF4xEbnTa9yDPQ6w93ea9l0FjMT69/pqjzXlM3SCCCXPjUFktBDwCgQT8glQyB Fthunx3h7/iXHuCn+hyST1ENN56V6oAxc/WwH3dsnaE2UgfVJBct6gp8iTdZqcXa YPwKKZtiPHmr75nTnZgXtGt+0XHekhEUpfbJhTodcQt+52O01JEdYkZNGH6Zka5V tTF/W/bWfaqlMw== -----END CERTIFICATE-----Generated at Sun Dec 21 15:59:28 2025 by rpki-client