This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft File: AyHqOVCODhemUf6SrCnqOIMtC_8.mft (raw, json) Hash identifier: 3Cul4yqzKl6dNu5NNS0fDlsfoliP27cCZ9AgtmtUV0E= Subject key identifier: D3:80:76:E3:44:F4:E3:53:70:69:A2:E8:B0:27:A7:48:EF:0D:C5:67 Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF Certificate issuer: /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Certificate serial: 019B35321C92654190BA4005B059446CB070 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft Manifest number: 1622 Signing time: Fri 19 Dec 2025 06:00:35 +0000 Manifest this update: Fri 19 Dec 2025 06:00:35 +0000 Manifest next update: Sat 20 Dec 2025 06:00:35 +0000 Files and hashes: 1: AyHqOVCODhemUf6SrCnqOIMtC_8.crl (hash: yJAEo3wg08HWdTPptcusEC7SvXqziJsz4Ic050zh3uA=) 2: bOONrlZHdROoIahZ7NmIjgIdExM.roa (hash: 1aT2l6/v3aO2MOldiF+P6gsdMx47ItIcMI7fEC/C0L0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:1c:92:65:41:90:ba:40:05:b0:59:44:6c:b0:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff Validity Not Before: Dec 19 06:00:35 2025 GMT Not After : Dec 20 06:00:35 2025 GMT Subject: CN=d38076e344f4e3537069a2e8b027a748ef0dc567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:65:0b:46:96:a2:c0:10:ce:ac:bb:09:14:77: 65:7b:e5:c3:4e:e9:f4:cc:7e:ba:01:33:82:93:1e: d5:fd:7c:6e:6c:70:7e:1e:a1:9d:41:d4:83:8b:6f: 72:2a:4a:b5:17:e4:49:cd:14:7a:96:36:24:d4:45: b0:f3:25:87:d3:fa:54:1b:07:bb:21:1c:30:c4:59: 4f:d0:e4:23:20:16:d3:8e:f2:6d:bb:8b:d9:52:c2: 0c:d2:70:36:17:72:fc:fe:78:16:22:9a:ea:71:d5: 84:bc:76:8e:89:60:76:18:3c:02:4c:25:fb:e5:ce: 57:89:c5:96:43:aa:db:c5:4c:e4:6c:9c:05:64:e9: ae:58:06:8c:27:34:15:86:fe:bd:17:96:10:38:a3: be:e5:34:b9:4e:29:c4:54:6a:af:21:85:9e:b1:82: 0b:fc:68:43:78:c9:3e:ca:35:a6:3b:7d:0c:4c:fd: de:fd:6b:a0:94:6a:1c:72:e5:d7:73:02:56:81:6a: 1b:3e:bf:20:7e:27:d4:70:00:39:58:2b:bb:89:36: 5c:ca:0c:ca:e3:1e:83:d4:50:c0:37:c7:55:ef:dc: fd:5b:46:d0:90:5e:2f:13:20:aa:98:cc:91:4e:99: d0:8b:b2:b9:ab:bd:cd:28:43:75:46:3d:bf:f8:0a: e3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:80:76:E3:44:F4:E3:53:70:69:A2:E8:B0:27:A7:48:EF:0D:C5:67 X509v3 Authority Key Identifier: keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:1d:39:66:11:48:a1:35:fa:e4:80:e4:05:1f:6d:39:a7:38: 3c:8c:77:60:51:da:d6:8e:99:43:91:ac:9c:8a:f8:0c:86:6f: 1e:a8:9b:0e:b1:52:40:50:8e:05:84:2d:02:01:9a:59:dd:1a: 0a:1d:9b:dc:9a:62:c5:e2:f8:4e:a4:21:bb:b4:d7:bc:d2:23: 29:f4:e3:3e:bd:e3:c4:f1:0b:b5:8e:9d:9a:3c:ff:a8:0b:2e: 92:48:18:a4:7e:1b:03:93:b7:7f:51:78:bb:51:83:29:65:be: 58:73:6d:85:44:bb:2c:1a:ff:71:57:4e:fd:07:a8:70:83:7a: 75:24:92:8f:5e:37:5c:0b:25:d2:84:cf:da:47:52:5d:b5:41: f1:32:2d:1a:85:bf:6f:a0:e1:6b:d7:e9:c0:5e:aa:c4:f2:30: b6:6c:aa:e4:57:20:e7:38:43:5a:b1:30:a8:8f:a9:7c:b4:90: dd:ef:73:d4:1d:ac:ac:a7:62:e4:35:b7:bf:a9:75:14:a6:60: 2c:f2:c1:e7:02:fe:60:d8:56:d0:93:83:94:06:78:93:3a:e5: 2e:a9:c0:35:2e:e5:b6:c6:6a:e2:fe:44:8a:78:08:8b:e4:f9: 7a:23:6d:56:26:49:24:8b:85:be:23:60:03:b1:64:e6:77:62: 96:97:f3:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1MhySZUGQukAFsFlEbLBwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzMjFlYTM5NTA4ZTBlMTdhNjUxZmU5MmFjMjllYTM4ODMy ZDBiZmYwHhcNMjUxMjE5MDYwMDM1WhcNMjUxMjIwMDYwMDM1WjAzMTEwLwYDVQQD EyhkMzgwNzZlMzQ0ZjRlMzUzNzA2OWEyZThiMDI3YTc0OGVmMGRjNTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWULRpaiwBDOrLsJFHdle+XDTun0 zH66ATOCkx7V/XxubHB+HqGdQdSDi29yKkq1F+RJzRR6ljYk1EWw8yWH0/pUGwe7 IRwwxFlP0OQjIBbTjvJtu4vZUsIM0nA2F3L8/ngWIprqcdWEvHaOiWB2GDwCTCX7 5c5XicWWQ6rbxUzkbJwFZOmuWAaMJzQVhv69F5YQOKO+5TS5TinEVGqvIYWesYIL /GhDeMk+yjWmO30MTP3e/WuglGoccuXXcwJWgWobPr8gfifUcAA5WCu7iTZcygzK 4x6D1FDAN8dV79z9W0bQkF4vEyCqmMyRTpnQi7K5q73NKEN1Rj2/+ArjGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNOAduNE9ONTcGmi6LAnp0jvDcVnMB8GA1UdIwQY MBaAFAMh6jlQjg4XplH+kqwp6jiDLQv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQt OGNmODA1NTExMDAyLzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9jNDgxN2UtODI4MS00MmY3LTlmNGQtOGNmODA1NTExMDAy LzEvQXlIcU9WQ09EaGVtVWY2U3JDbnFPSU10Q184LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoh05ZhFI oTX65IDkBR9tOac4PIx3YFHa1o6ZQ5GsnIr4DIZvHqibDrFSQFCOBYQtAgGaWd0a Ch2b3JpixeL4TqQhu7TXvNIjKfTjPr3jxPELtY6dmjz/qAsukkgYpH4bA5O3f1F4 u1GDKWW+WHNthUS7LBr/cVdO/QeocIN6dSSSj143XAsl0oTP2kdSXbVB8TItGoW/ b6Dha9fpwF6qxPIwtmyq5Fcg5zhDWrEwqI+pfLSQ3e9z1B2srKdi5DW3v6l1FKZg LPLB5wL+YNhW0JODlAZ4kzrlLqnANS7ltsZq4v5EingIi+T5eiNtViZJJIuFviNg A7Fk5ndilpfz7g== -----END CERTIFICATE-----Generated at Fri Dec 19 08:25:27 2025 by rpki-client