This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft File: aEZbnPs2jGnssOP-o7VCupxzAfQ.mft (raw, json) Hash identifier: axJoGBF9c0PZ/rtJl1kZuUPT2dV6IP0THrj3AQwF+tg= Subject key identifier: EA:34:DD:B4:BC:35:9D:74:FF:AD:63:CC:3E:CA:A6:D3:7C:03:B9:6F Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Certificate serial: 019B3DC7B649BC24E829BD9C75D69A04B51B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft Manifest number: 14A1 Signing time: Sat 20 Dec 2025 22:00:57 +0000 Manifest this update: Sat 20 Dec 2025 22:00:57 +0000 Manifest next update: Sun 21 Dec 2025 22:00:57 +0000 Files and hashes: 1: aEZbnPs2jGnssOP-o7VCupxzAfQ.crl (hash: ge4bu/PbZQ9IYcHfc7zb9lkXyfGN29qs1eQWT4QkSOQ=) 2: s3MszUL2Sssrqjezj_btDkPTmQg.roa (hash: rgkSdfEiUESbKFQA8EcHOyD2UnXv2kAlPQ3EqnLhSNk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:b6:49:bc:24:e8:29:bd:9c:75:d6:9a:04:b5:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4 Validity Not Before: Dec 20 22:00:57 2025 GMT Not After : Dec 21 22:00:57 2025 GMT Subject: CN=ea34ddb4bc359d74ffad63cc3ecaa6d37c03b96f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:4a:91:91:30:d2:5e:53:0d:b9:1f:4b:bf:91: fd:b4:31:47:20:bf:45:a7:5a:86:bf:a8:c3:a0:1b: bb:70:00:b5:30:df:39:fa:86:1a:b8:4f:25:54:24: ad:75:28:71:7a:b7:6b:5f:a6:4a:a6:4c:62:51:4a: b5:d9:8f:15:45:36:99:3d:07:1d:5e:b5:d9:82:ea: 76:fb:89:8c:09:2d:60:bd:87:61:97:19:a9:e5:0c: 22:ac:ea:ab:38:a0:9b:ad:74:f7:dc:06:e2:48:c4: d4:cd:1a:0f:87:4b:d1:1e:65:2e:71:a8:bf:dd:9a: 0f:fb:58:ea:e9:3c:90:2e:e6:47:ad:d7:ac:d5:cb: 40:d0:c9:63:07:2a:15:3a:4f:b3:50:16:00:da:b0: e8:40:1f:7a:1d:91:c4:dd:ec:63:29:08:1d:57:a5: 4c:a6:c4:c9:b2:5c:60:8a:59:81:30:35:d7:f5:4d: e3:e7:b4:36:4a:1f:a7:ae:16:07:90:55:16:12:8f: bd:a8:ad:d6:41:2e:88:53:e4:a4:78:cd:5f:08:d4: fe:3b:76:18:5d:18:26:fb:1c:cf:41:ed:e4:86:78: d6:fc:a9:07:0b:d5:2a:16:2c:bd:26:f2:a4:75:7f: cf:b8:ff:bf:aa:aa:3f:48:4d:7e:68:6c:ac:8d:7e: aa:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:34:DD:B4:BC:35:9D:74:FF:AD:63:CC:3E:CA:A6:D3:7C:03:B9:6F X509v3 Authority Key Identifier: keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:50:dd:86:20:a4:90:a9:88:7e:72:94:46:3e:3a:da:b3:b2: b5:91:8d:9d:ec:59:e2:8e:ac:2e:ca:8f:54:3b:e7:28:4e:35: d9:cb:ed:11:57:a3:8b:8d:80:b5:9b:a8:36:94:98:ac:9c:d3: 82:fa:16:23:44:96:59:50:32:76:27:c7:15:40:47:ee:c3:2c: 5a:14:a8:89:cd:14:a5:eb:17:e0:e1:23:8d:f5:f2:f8:b2:16: 21:e6:c9:d9:a1:9e:67:9b:94:70:1d:41:51:b7:d6:a7:a1:c4: e9:17:9c:03:02:42:6e:e0:86:e2:87:e2:9a:3f:f9:92:bf:a0: cb:ac:00:01:49:9e:e5:64:21:36:af:d9:0e:ba:b9:09:b4:87: 5b:fc:61:5c:0e:05:f2:85:79:90:e2:c4:c6:d8:9a:b2:7b:8d: 39:b9:50:e4:b9:ee:bd:0f:a8:bd:af:12:16:03:69:fd:97:5e: 9a:65:05:73:9d:7b:5b:de:7f:b4:b0:d7:ca:e7:0c:01:ce:f4: a5:64:b2:f2:85:7e:62:2b:f9:cd:a8:db:04:87:e9:1c:d2:7e: 1d:7f:2e:f8:3b:bb:8c:d5:76:e3:16:22:e3:73:aa:44:27:90: be:e3:63:57:5e:85:32:fe:78:a0:0d:6a:f3:4e:c7:96:a0:31: 95:ed:39:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x7ZJvCToKb2cddaaBLUbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3 MzAxZjQwHhcNMjUxMjIwMjIwMDU3WhcNMjUxMjIxMjIwMDU3WjAzMTEwLwYDVQQD EyhlYTM0ZGRiNGJjMzU5ZDc0ZmZhZDYzY2MzZWNhYTZkMzdjMDNiOTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkqRkTDSXlMNuR9Lv5H9tDFHIL9F p1qGv6jDoBu7cAC1MN85+oYauE8lVCStdShxerdrX6ZKpkxiUUq12Y8VRTaZPQcd XrXZgup2+4mMCS1gvYdhlxmp5QwirOqrOKCbrXT33AbiSMTUzRoPh0vRHmUucai/ 3ZoP+1jq6TyQLuZHrdes1ctA0MljByoVOk+zUBYA2rDoQB96HZHE3exjKQgdV6VM psTJslxgilmBMDXX9U3j57Q2Sh+nrhYHkFUWEo+9qK3WQS6IU+SkeM1fCNT+O3YY XRgm+xzPQe3khnjW/KkHC9UqFiy9JvKkdX/PuP+/qqo/SE1+aGysjX6qFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOo03bS8NZ10/61jzD7KptN8A7lvMB8GA1UdIwQY MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt MWFlYTViZTE1MGZhLzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD1DdhiCk kKmIfnKURj462rOytZGNnexZ4o6sLsqPVDvnKE412cvtEVeji42AtZuoNpSYrJzT gvoWI0SWWVAydifHFUBH7sMsWhSoic0UpesX4OEjjfXy+LIWIebJ2aGeZ5uUcB1B UbfWp6HE6RecAwJCbuCG4ofimj/5kr+gy6wAAUme5WQhNq/ZDrq5CbSHW/xhXA4F 8oV5kOLExtiasnuNOblQ5LnuvQ+ova8SFgNp/ZdemmUFc517W95/tLDXyucMAc70 pWSy8oV+Yiv5zajbBIfpHNJ+HX8u+Du7jNV24xYi43OqRCeQvuNjV16FMv54oA1q 807HlqAxle052g== -----END CERTIFICATE-----Generated at Sun Dec 21 01:22:59 2025 by rpki-client