This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft File: aaUdRFt2erm2YncC5KKzkE0gP3c.mft (raw, json) Hash identifier: dmVMbD87D//+G8ImXa8m7i/w/MBn1SPChKkCHy4b/3Y= Subject key identifier: 54:51:F3:2D:47:98:CA:04:F8:5D:C0:6F:14:95:E8:0D:E4:08:0D:8C Authority key identifier: 69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77 Certificate issuer: /CN=69a51d445b767ab9b6627702e4a2b3904d203f77 Certificate serial: 019B3CB500BB6E0429615E08EC1105949419 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 17:00:53 +0000 Manifest this update: Sat 20 Dec 2025 17:00:53 +0000 Manifest next update: Sun 21 Dec 2025 17:00:53 +0000 Files and hashes: 1: aaUdRFt2erm2YncC5KKzkE0gP3c.crl (hash: mwBos+CUKKgrJMWo96Q2gw1+ygSQgIONYstXhnt1gJM=) 2: gvJBtDmrBY4y1m9tVe-S6ndjy20.roa (hash: e9qz/rQIxQf43DTjLpdblCilaun5V9rCKHAnrG6oKJA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b5:00:bb:6e:04:29:61:5e:08:ec:11:05:94:94:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69a51d445b767ab9b6627702e4a2b3904d203f77 Validity Not Before: Dec 20 17:00:53 2025 GMT Not After : Dec 21 17:00:53 2025 GMT Subject: CN=5451f32d4798ca04f85dc06f1495e80de4080d8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:47:df:0c:35:51:77:07:09:e0:63:7a:a0:5a: 26:eb:21:e6:a6:00:b9:18:33:51:6b:d8:96:29:7b: 99:c9:e5:13:8f:09:6f:bb:a3:2b:89:bf:fc:47:27: c1:75:ad:46:51:a1:1e:da:39:ed:36:30:d5:f9:15: e9:66:1d:07:8d:c2:94:a9:7b:35:f1:fd:84:57:b7: 1d:32:3c:a2:5a:c9:d0:af:05:ad:2e:4d:35:27:1f: 53:6c:15:02:4b:dc:37:b5:4f:99:3b:0f:db:b8:4b: 80:cd:dc:c7:2a:a2:1f:f5:40:44:e9:e7:00:e6:a8: 4b:3b:a1:88:b0:6c:07:70:a4:8e:54:d8:9f:40:e3: ec:ef:f9:95:fd:6a:6c:cd:a9:f2:a7:4d:b4:70:9e: 3f:6c:de:5a:ef:0a:b1:e1:84:11:2e:ca:ab:a1:17: a4:ef:7e:aa:5a:dc:ab:fb:46:6d:37:15:f2:86:a4: 9a:6a:d7:5e:29:a3:e2:1c:db:79:69:2d:08:1d:30: 57:00:85:6c:45:4f:4d:2e:7a:41:bd:df:4e:bd:fc: 72:19:d3:8e:7b:bf:a4:16:a0:53:d9:3a:4c:0e:e6: 29:44:84:76:59:f7:dc:63:9a:34:c7:0c:b1:43:89: 77:68:0e:99:ef:4e:88:73:fd:84:de:38:4d:8d:0b: 00:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:51:F3:2D:47:98:CA:04:F8:5D:C0:6F:14:95:E8:0D:E4:08:0D:8C X509v3 Authority Key Identifier: keyid:69:A5:1D:44:5B:76:7A:B9:B6:62:77:02:E4:A2:B3:90:4D:20:3F:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaUdRFt2erm2YncC5KKzkE0gP3c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/2ba66e-5b3e-41fe-8a09-70520ea76369/1/aaUdRFt2erm2YncC5KKzkE0gP3c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:c9:69:f5:ce:b8:a7:01:b9:94:2a:18:06:58:5b:87:eb:7c: a4:61:dd:6b:74:79:6b:24:57:aa:bd:3b:36:5e:02:43:e3:1c: fa:31:c4:82:b8:79:c5:81:c9:36:fb:02:90:b1:4c:3e:49:2e: 33:b6:16:c7:67:07:f3:47:59:f5:d1:9f:9f:5c:e9:c4:88:33: 81:01:c0:4f:94:bd:b7:51:28:b2:7c:f4:0e:f9:63:62:ef:1c: 18:f4:7f:6a:5b:22:ad:30:ed:11:41:0e:7c:e0:39:0c:e7:5a: 09:f0:72:69:c4:e3:83:28:ed:16:86:83:85:ac:23:29:d7:56: 1a:7e:0f:bb:3c:48:53:36:52:48:e2:b5:4b:1b:e4:73:6f:2b: 67:22:23:f7:24:a4:cd:db:f7:77:a1:eb:9e:69:33:4a:8c:f2: 38:77:07:11:0f:f9:8f:39:32:4e:a5:35:52:d9:25:2e:d4:3d: 00:4f:5a:9e:5d:5b:0b:55:9a:0c:4a:ae:29:09:b2:09:64:ad: e9:d1:76:0e:78:9b:c3:1d:9a:3a:63:66:d6:9e:0f:87:6a:df: 5a:b2:61:41:54:3d:60:03:87:3d:00:2f:a4:26:1f:54:b5:03: 7a:18:95:1f:c7:5c:95:f1:89:77:8f:64:11:9b:8a:bd:6c:99: 31:35:ba:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tQC7bgQpYV4I7BEFlJQZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YTUxZDQ0NWI3NjdhYjliNjYyNzcwMmU0YTJiMzkwNGQy MDNmNzcwHhcNMjUxMjIwMTcwMDUzWhcNMjUxMjIxMTcwMDUzWjAzMTEwLwYDVQQD Eyg1NDUxZjMyZDQ3OThjYTA0Zjg1ZGMwNmYxNDk1ZTgwZGU0MDgwZDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUffDDVRdwcJ4GN6oFom6yHmpgC5 GDNRa9iWKXuZyeUTjwlvu6Mrib/8RyfBda1GUaEe2jntNjDV+RXpZh0HjcKUqXs1 8f2EV7cdMjyiWsnQrwWtLk01Jx9TbBUCS9w3tU+ZOw/buEuAzdzHKqIf9UBE6ecA 5qhLO6GIsGwHcKSOVNifQOPs7/mV/Wpszanyp020cJ4/bN5a7wqx4YQRLsqroRek 736qWtyr+0ZtNxXyhqSaatdeKaPiHNt5aS0IHTBXAIVsRU9NLnpBvd9OvfxyGdOO e7+kFqBT2TpMDuYpRIR2WffcY5o0xwyxQ4l3aA6Z706Ic/2E3jhNjQsA/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRR8y1HmMoE+F3AbxSV6A3kCA2MMB8GA1UdIwQY MBaAFGmlHURbdnq5tmJ3AuSis5BNID93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDkt NzA1MjBlYTc2MzY5LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8yYmE2NmUtNWIzZS00MWZlLThhMDktNzA1MjBlYTc2MzY5 LzEvYWFVZFJGdDJlcm0yWW5jQzVLS3prRTBnUDNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8lp9c64 pwG5lCoYBlhbh+t8pGHda3R5ayRXqr07Nl4CQ+Mc+jHEgrh5xYHJNvsCkLFMPkku M7YWx2cH80dZ9dGfn1zpxIgzgQHAT5S9t1Eosnz0DvljYu8cGPR/alsirTDtEUEO fOA5DOdaCfByacTjgyjtFoaDhawjKddWGn4PuzxIUzZSSOK1Sxvkc28rZyIj9ySk zdv3d6HrnmkzSozyOHcHEQ/5jzkyTqU1UtklLtQ9AE9anl1bC1WaDEquKQmyCWSt 6dF2Dnibwx2aOmNm1p4Ph2rfWrJhQVQ9YAOHPQAvpCYfVLUDehiVH8dclfGJd49k EZuKvWyZMTW6RA== -----END CERTIFICATE-----Generated at Sun Dec 21 01:31:24 2025 by rpki-client