This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft File: aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft (raw, json) Hash identifier: fWwkvvaQfHzJrQQCaqvWKGrM0qdSlVgKoBoGzNqj/qI= Subject key identifier: B5:2E:BF:A6:45:FE:03:7B:88:A3:8C:45:CE:D7:88:57:6D:3E:7A:05 Authority key identifier: 69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00 Certificate issuer: /CN=699710a1693710ac835f0b6745f90d2d680a1200 Certificate serial: 019B51BC0060A02A5E513A12E1A06DBEBBA2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft Manifest number: 1725 Signing time: Wed 24 Dec 2025 19:00:33 +0000 Manifest this update: Wed 24 Dec 2025 19:00:33 +0000 Manifest next update: Thu 25 Dec 2025 19:00:33 +0000 Files and hashes: 1: aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl (hash: Oy2CTnfpvknK7/MulAEjq4Y3UZ4XnCxeHSHnDXUqBrY=) 2: koGXGlmTeestynS-D79F1iRgKe8.roa (hash: t/wGg6Ba4t68swMex8wPDhVXcBtDTQUAFrp4xf0H+oE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:00:60:a0:2a:5e:51:3a:12:e1:a0:6d:be:bb:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=699710a1693710ac835f0b6745f90d2d680a1200 Validity Not Before: Dec 24 19:00:33 2025 GMT Not After : Dec 25 19:00:33 2025 GMT Subject: CN=b52ebfa645fe037b88a38c45ced788576d3e7a05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:c1:a5:33:4c:05:08:b2:eb:f1:3f:ff:d1:c8: 89:da:36:a8:3b:6b:bf:aa:01:81:cc:6b:28:f4:46: a8:dd:e6:5b:2d:f1:7f:2e:f1:af:74:d8:00:0f:a4: 3f:b7:3f:0c:8f:6b:42:21:f2:23:67:42:9a:67:9c: 11:2f:0f:c7:c0:13:f3:bd:92:b6:63:90:39:b8:70: a1:09:b8:8b:b9:94:d0:d0:be:51:8f:db:38:64:2a: b7:86:95:d7:46:2f:04:f3:33:07:6d:42:00:0c:70: a8:77:8c:6b:b1:02:95:33:90:06:7a:e5:ac:01:76: b1:22:76:59:2f:76:08:d6:07:24:5e:c6:22:f3:16: 59:ce:b8:83:c6:17:4f:ed:e0:c1:ee:db:a5:79:45: 02:cb:10:f9:31:2f:bb:4a:d7:6c:1b:1d:d1:ad:79: 58:72:fe:aa:4b:f1:11:08:2c:9a:08:f9:13:73:bf: 0e:50:1c:e9:a5:65:fa:38:8d:7d:69:9f:4d:7c:4c: 7e:c4:b1:53:bb:0a:09:13:00:d7:e6:7a:b6:d6:a7: 2d:d2:61:1a:e1:5c:f4:8c:59:25:be:e5:5e:0e:71: 25:4e:8f:02:34:21:bd:27:29:ef:bd:df:b3:1b:22: d0:79:33:f7:d0:cb:39:34:b8:73:7e:c2:5b:eb:3f: a6:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:2E:BF:A6:45:FE:03:7B:88:A3:8C:45:CE:D7:88:57:6D:3E:7A:05 X509v3 Authority Key Identifier: keyid:69:97:10:A1:69:37:10:AC:83:5F:0B:67:45:F9:0D:2D:68:0A:12:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZcQoWk3EKyDXwtnRfkNLWgKEgA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/07745c-47c1-4002-950f-29b98ecdff12/1/aZcQoWk3EKyDXwtnRfkNLWgKEgA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:32:6c:fe:30:2d:e9:39:08:5d:cd:a1:51:23:ba:b3:24:12: 40:25:8d:cb:d6:8b:20:77:e7:88:73:ff:ca:35:8e:14:2a:d9: d3:17:24:26:d0:b2:f4:74:2a:39:ae:c3:12:80:de:48:e9:5f: bd:ee:e0:fd:ac:1a:2c:db:6f:8a:e6:2f:5f:e9:a7:52:c1:77: 98:74:2f:1a:08:ad:5d:64:c8:58:be:1f:12:fe:cd:13:9c:56: 17:2d:29:b5:df:a0:cb:db:64:4f:e8:f3:16:1b:4b:02:35:ce: 4e:8f:cd:97:c2:83:4a:88:8a:82:52:13:ae:0e:01:66:98:e8: 51:80:ac:99:f6:6d:df:f9:b9:d8:2c:6e:1a:93:08:d8:1a:b0: d0:22:31:b3:f6:31:cb:8f:f9:86:97:79:83:ac:ed:02:8d:ca: 33:b3:83:1d:69:d0:91:34:c5:21:1a:01:9a:94:c8:32:20:6f: 6b:b5:5d:15:03:9a:5d:8b:00:ac:ba:97:1b:a0:75:5c:e0:e3: 27:29:97:b5:0d:3d:a1:6d:b0:12:fc:83:d5:a0:e0:5c:a9:3a: 70:0f:76:7e:9b:57:fa:88:6c:5b:05:25:02:d7:0c:45:33:5b: 1c:61:fd:32:81:79:4e:0c:85:59:f9:28:45:ed:d6:e2:29:76: f8:aa:79:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvABgoCpeUToS4aBtvruiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5OTcxMGExNjkzNzEwYWM4MzVmMGI2NzQ1ZjkwZDJkNjgw YTEyMDAwHhcNMjUxMjI0MTkwMDMzWhcNMjUxMjI1MTkwMDMzWjAzMTEwLwYDVQQD EyhiNTJlYmZhNjQ1ZmUwMzdiODhhMzhjNDVjZWQ3ODg1NzZkM2U3YTA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48GlM0wFCLLr8T//0ciJ2jaoO2u/ qgGBzGso9Eao3eZbLfF/LvGvdNgAD6Q/tz8Mj2tCIfIjZ0KaZ5wRLw/HwBPzvZK2 Y5A5uHChCbiLuZTQ0L5Rj9s4ZCq3hpXXRi8E8zMHbUIADHCod4xrsQKVM5AGeuWs AXaxInZZL3YI1gckXsYi8xZZzriDxhdP7eDB7tuleUUCyxD5MS+7StdsGx3RrXlY cv6qS/ERCCyaCPkTc78OUBzppWX6OI19aZ9NfEx+xLFTuwoJEwDX5nq21qct0mEa 4Vz0jFklvuVeDnElTo8CNCG9Jynvvd+zGyLQeTP30Ms5NLhzfsJb6z+mgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLUuv6ZF/gN7iKOMRc7XiFdtPnoFMB8GA1UdIwQY MBaAFGmXEKFpNxCsg18LZ0X5DS1oChIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYt MjliOThlY2RmZjEyLzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8wNzc0NWMtNDdjMS00MDAyLTk1MGYtMjliOThlY2RmZjEy LzEvYVpjUW9XazNFS3lEWHd0blJma05MV2dLRWdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtTJs/jAt 6TkIXc2hUSO6syQSQCWNy9aLIHfniHP/yjWOFCrZ0xckJtCy9HQqOa7DEoDeSOlf ve7g/awaLNtviuYvX+mnUsF3mHQvGgitXWTIWL4fEv7NE5xWFy0ptd+gy9tkT+jz FhtLAjXOTo/Nl8KDSoiKglITrg4BZpjoUYCsmfZt3/m52CxuGpMI2Bqw0CIxs/Yx y4/5hpd5g6ztAo3KM7ODHWnQkTTFIRoBmpTIMiBva7VdFQOaXYsArLqXG6B1XODj JymXtQ09oW2wEvyD1aDgXKk6cA92fptX+ohsWwUlAtcMRTNbHGH9MoF5TgyFWfko Re3W4il2+Kp5Ig== -----END CERTIFICATE-----Generated at Wed Dec 24 23:21:39 2025 by rpki-client