This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
File: AOLDNzGtylfcwzsvuCM_wDiwlek.mft (raw, json)
Hash identifier: jEkH3wsRHql9hfCxe1pPDQ5/oaPDORMCh0MjVoJCF70=
Subject key identifier: 18:0E:E0:52:06:B3:C0:C3:DD:47:ED:0D:39:15:2C:F5:61:F0:E4:3F
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 019B4FCE9294A8407A005DE688FD8DB9C31B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
Manifest number: 12D0
Signing time: Wed 24 Dec 2025 10:01:36 +0000
Manifest this update: Wed 24 Dec 2025 10:01:36 +0000
Manifest next update: Thu 25 Dec 2025 10:01:36 +0000
Files and hashes: 1: AOLDNzGtylfcwzsvuCM_wDiwlek.crl (hash: QxNQrsfA2sv5DmHSsPQJWegqNsLWKi7xQucmYBqIpwY=)
2: lx4r-_of66D7nj4_JxEX4B7iGSo.roa (hash: nBmUpTvMg37xBiu7Iw7rIz0CmSBaScYekCzZq9oCvAo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Dec 2025 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:4f:ce:92:94:a8:40:7a:00:5d:e6:88:fd:8d:b9:c3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Dec 24 10:01:36 2025 GMT
Not After : Dec 25 10:01:36 2025 GMT
Subject: CN=180ee05206b3c0c3dd47ed0d39152cf561f0e43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:50:9f:bf:cd:16:36:83:84:50:73:59:94:
8f:84:81:1a:d8:07:3d:0d:20:f7:cd:eb:df:b1:46:
b5:37:a7:c8:c0:a1:a8:0a:82:ac:5c:38:80:7f:5d:
7f:c7:30:08:8e:21:ec:a7:ae:cd:a5:01:be:45:96:
10:ce:6b:8f:00:a8:76:0e:32:fb:5e:19:ae:a4:2d:
21:19:56:25:c6:13:86:f3:ad:6e:f5:28:80:1e:ee:
f6:06:47:75:42:ca:82:21:13:60:1f:f3:c9:c9:ca:
81:c2:1c:dd:6a:ff:42:85:45:f0:02:58:c9:3c:2b:
46:b1:e3:0c:16:6c:51:6f:78:54:d3:27:47:71:1f:
46:eb:74:3c:0e:5e:3e:e3:65:75:94:59:34:bd:4c:
40:16:6b:a8:18:04:1c:d9:f1:d8:d5:ba:b3:15:79:
bd:9c:26:11:18:e5:67:f1:9c:92:82:e5:4e:6d:1a:
36:58:00:7a:ae:73:f8:4a:cb:5e:f7:5f:65:3a:22:
b1:31:ab:57:11:37:04:e6:fc:dc:31:3e:96:1a:21:
ac:d2:a4:cc:47:3e:c4:19:8f:12:46:9d:d0:e8:08:
36:7d:20:c8:e6:f1:45:0f:0f:f6:2f:12:c5:4e:43:
33:5c:62:39:53:59:03:fb:8e:10:95:df:a2:ce:41:
3c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0E:E0:52:06:B3:C0:C3:DD:47:ED:0D:39:15:2C:F5:61:F0:E4:3F
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:12:de:2c:7c:c9:42:37:08:5d:1e:29:fe:4e:53:8a:de:6c:
15:3c:78:c2:9e:b3:24:86:c5:d3:97:e2:bd:7f:60:06:82:b7:
2f:2f:d3:c1:73:4f:05:36:21:4a:bf:64:01:14:1d:a5:00:67:
a6:8d:07:a3:20:47:0e:48:53:db:c6:c0:53:e6:12:c9:e0:99:
53:09:0d:0f:f2:5e:89:c5:4f:8c:9c:25:14:be:d7:e9:d3:42:
36:91:19:fd:13:a2:56:3c:f0:5c:11:ad:a6:a2:ee:c2:19:cf:
38:de:2c:a8:3f:7c:c8:d4:28:42:9c:92:55:97:17:7e:06:65:
8b:6c:01:1b:59:6b:bb:f6:b4:01:1f:6d:4e:6c:ab:8e:20:fb:
1c:45:07:8d:8a:d4:0f:75:11:c4:5a:68:2a:e7:30:97:4e:11:
a1:c0:71:ed:3e:ea:38:0b:7d:83:e9:11:52:12:d4:dc:e8:94:
70:20:ff:e9:99:09:86:70:29:ba:3a:24:79:90:f2:0b:69:89:
5b:b5:da:f6:0c:7a:a5:71:68:70:e2:2a:5d:be:97:e9:40:98:
3c:30:2e:0a:7d:f3:5d:e0:2c:5e:97:dc:10:bd:55:28:d0:92:
f5:23:98:f3:8a:05:85:cf:06:9a:a7:0f:f5:23:c6:5f:1f:f8:
6a:02:62:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtPzpKUqEB6AF3miP2NucMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjUxMjI0MTAwMTM2WhcNMjUxMjI1MTAwMTM2WjAzMTEwLwYDVQQD
EygxODBlZTA1MjA2YjNjMGMzZGQ0N2VkMGQzOTE1MmNmNTYxZjBlNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdtQn7/NFjaDhFBzWZSPhIEa2Ac9
DSD3zevfsUa1N6fIwKGoCoKsXDiAf11/xzAIjiHsp67NpQG+RZYQzmuPAKh2DjL7
XhmupC0hGVYlxhOG861u9SiAHu72Bkd1QsqCIRNgH/PJycqBwhzdav9ChUXwAljJ
PCtGseMMFmxRb3hU0ydHcR9G63Q8Dl4+42V1lFk0vUxAFmuoGAQc2fHY1bqzFXm9
nCYRGOVn8ZySguVObRo2WAB6rnP4Sste919lOiKxMatXETcE5vzcMT6WGiGs0qTM
Rz7EGY8SRp3Q6Ag2fSDI5vFFDw/2LxLFTkMzXGI5U1kD+44Qld+izkE8dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgO4FIGs8DD3UftDTkVLPVh8OQ/MB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhLeLHzJ
QjcIXR4p/k5Tit5sFTx4wp6zJIbF05fivX9gBoK3Ly/TwXNPBTYhSr9kARQdpQBn
po0HoyBHDkhT28bAU+YSyeCZUwkND/JeicVPjJwlFL7X6dNCNpEZ/ROiVjzwXBGt
pqLuwhnPON4sqD98yNQoQpySVZcXfgZli2wBG1lru/a0AR9tTmyrjiD7HEUHjYrU
D3URxFpoKucwl04RocBx7T7qOAt9g+kRUhLU3OiUcCD/6ZkJhnApujokeZDyC2mJ
W7Xa9gx6pXFocOIqXb6X6UCYPDAuCn3zXeAsXpfcEL1VKNCS9SOY84oFhc8GmqcP
9SPGXx/4agJixw==
-----END CERTIFICATE-----
Generated at Wed Dec 24 12:34:14 2025 by rpki-client