This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft File: A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json) Hash identifier: aYNirOfefWnX2nhEB1L7S6c2HY5uZyWSNAX323vyFSU= Subject key identifier: 5E:21:FD:7B:6E:A1:73:ED:54:E0:86:13:E0:B2:0F:E1:F6:13:05:93 Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 Certificate issuer: /CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Certificate serial: 019B42B6C0A9E1ADD30F96623F6D7364AE4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft Manifest number: 0A62 Signing time: Sun 21 Dec 2025 21:00:31 +0000 Manifest this update: Sun 21 Dec 2025 21:00:31 +0000 Manifest next update: Mon 22 Dec 2025 21:00:31 +0000 Files and hashes: 1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: mTnXQu2jBYgimmOG5M/U/cpmgJWv0Oh5T0pg+EbJN2Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b6:c0:a9:e1:ad:d3:0f:96:62:3f:6d:73:64:ae:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129 Validity Not Before: Dec 21 21:00:31 2025 GMT Not After : Dec 22 21:00:31 2025 GMT Subject: CN=5e21fd7b6ea173ed54e08613e0b20fe1f6130593 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ad:cf:15:95:e4:14:da:f3:6d:2c:ed:95:42: 55:54:13:2d:fa:b7:24:23:6d:4b:a3:c4:1b:70:f9: 80:44:d8:d4:d1:97:85:60:4a:43:4b:53:c0:94:8b: 6c:77:c4:44:07:2e:7b:92:72:3e:e1:af:bb:27:16: fb:d0:be:01:98:79:f1:cc:1b:77:2b:03:d9:15:09: 52:36:8d:1b:ba:c3:6b:31:c0:66:e8:02:19:b3:6f: fa:8f:92:04:51:58:9a:dd:04:68:3b:44:3f:f8:55: 0c:05:c1:f3:d0:22:13:ee:75:0d:fc:d9:02:5c:6a: cf:02:f7:b9:0d:9a:00:fa:d3:d0:4f:0e:29:f6:32: 74:d9:df:a2:36:ba:38:da:b5:57:3a:bc:17:17:aa: 56:63:45:a2:2b:88:87:b7:b1:6a:60:81:af:59:c8: 87:48:32:8f:e3:aa:96:27:60:85:4a:d4:6b:a3:7c: 33:df:54:5a:d3:c6:fa:44:83:f9:7a:8f:6b:bf:17: b3:97:b5:c6:48:f6:92:80:b4:67:cb:19:cf:aa:09: f8:f5:9f:64:6d:1d:95:80:6d:71:33:d0:bf:3a:3d: 13:eb:ce:c2:50:6b:31:f8:f2:f5:a5:79:05:50:d6: dc:4e:e6:55:3a:e7:1b:72:f2:a6:da:87:93:6a:cb: 74:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:21:FD:7B:6E:A1:73:ED:54:E0:86:13:E0:B2:0F:E1:F6:13:05:93 X509v3 Authority Key Identifier: keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:99:0d:6d:44:9f:a2:5e:17:30:16:18:3c:ff:f2:47:e1:59: db:5f:23:7d:cc:0d:5f:34:b3:a2:ac:4c:bc:55:00:11:35:97: 07:79:e3:11:c5:b7:04:3a:90:bd:30:28:7e:09:7f:26:53:9b: dd:c3:2a:5b:fc:95:50:bf:9b:5e:b4:17:44:53:b0:bf:a1:d5: bf:b6:fb:3d:00:f0:ab:90:61:4a:00:5f:46:b5:0d:03:8d:c3: 22:e3:c7:0e:a4:fd:96:19:ab:56:2e:b7:c5:f7:1c:e3:da:54: ae:c6:54:e9:f8:ea:05:bd:82:f3:29:a9:ba:3c:c0:1c:f4:a0: 23:7c:4b:8e:11:68:3e:fd:e0:19:c4:43:fd:b1:86:5c:34:77: 2d:cc:66:9a:f8:24:cf:8b:e5:ce:9b:51:c4:0b:f8:e9:41:cc: 98:98:78:a6:61:60:d7:b9:67:b2:a0:96:47:a3:7e:1b:84:2a: 18:ea:73:72:9c:6c:5e:21:d3:14:b5:36:10:62:96:5b:ff:53: 1f:c9:9e:06:f7:3c:dc:dd:49:69:84:ba:75:4d:c6:46:57:42: 4a:2c:d6:f8:b8:a5:27:e8:e1:cc:59:d3:82:04:30:3e:1c:85: be:1a:50:e3:21:f1:03:58:b5:18:fa:6e:2f:75:c1:09:7c:31: 46:98:e2:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCtsCp4a3TD5ZiP21zZK5LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh OTIxMjkwHhcNMjUxMjIxMjEwMDMxWhcNMjUxMjIyMjEwMDMxWjAzMTEwLwYDVQQD Eyg1ZTIxZmQ3YjZlYTE3M2VkNTRlMDg2MTNlMGIyMGZlMWY2MTMwNTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K3PFZXkFNrzbSztlUJVVBMt+rck I21Lo8QbcPmARNjU0ZeFYEpDS1PAlItsd8REBy57knI+4a+7Jxb70L4BmHnxzBt3 KwPZFQlSNo0busNrMcBm6AIZs2/6j5IEUVia3QRoO0Q/+FUMBcHz0CIT7nUN/NkC XGrPAve5DZoA+tPQTw4p9jJ02d+iNro42rVXOrwXF6pWY0WiK4iHt7FqYIGvWciH SDKP46qWJ2CFStRro3wz31Ra08b6RIP5eo9rvxezl7XGSPaSgLRnyxnPqgn49Z9k bR2VgG1xM9C/Oj0T687CUGsx+PL1pXkFUNbcTuZVOucbcvKm2oeTast0LwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF4h/XtuoXPtVOCGE+CyD+H2EwWTMB8GA1UdIwQY MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4 LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG5kNbUSf ol4XMBYYPP/yR+FZ218jfcwNXzSzoqxMvFUAETWXB3njEcW3BDqQvTAofgl/JlOb 3cMqW/yVUL+bXrQXRFOwv6HVv7b7PQDwq5BhSgBfRrUNA43DIuPHDqT9lhmrVi63 xfcc49pUrsZU6fjqBb2C8ympujzAHPSgI3xLjhFoPv3gGcRD/bGGXDR3Lcxmmvgk z4vlzptRxAv46UHMmJh4pmFg17lnsqCWR6N+G4QqGOpzcpxsXiHTFLU2EGKWW/9T H8meBvc83N1JaYS6dU3GRldCSizW+LilJ+jhzFnTggQwPhyFvhpQ4yHxA1i1GPpu L3XBCXwxRpjiOA== -----END CERTIFICATE-----Generated at Mon Dec 22 04:40:02 2025 by rpki-client