This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft File: AOLDNzGtylfcwzsvuCM_wDiwlek.mft (raw, json) Hash identifier: jEkH3wsRHql9hfCxe1pPDQ5/oaPDORMCh0MjVoJCF70= Subject key identifier: 18:0E:E0:52:06:B3:C0:C3:DD:47:ED:0D:39:15:2C:F5:61:F0:E4:3F Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9 Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9 Certificate serial: 019B4FCE9294A8407A005DE688FD8DB9C31B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft Manifest number: 12D0 Signing time: Wed 24 Dec 2025 10:01:36 +0000 Manifest this update: Wed 24 Dec 2025 10:01:36 +0000 Manifest next update: Thu 25 Dec 2025 10:01:36 +0000 Files and hashes: 1: AOLDNzGtylfcwzsvuCM_wDiwlek.crl (hash: QxNQrsfA2sv5DmHSsPQJWegqNsLWKi7xQucmYBqIpwY=) 2: lx4r-_of66D7nj4_JxEX4B7iGSo.roa (hash: nBmUpTvMg37xBiu7Iw7rIz0CmSBaScYekCzZq9oCvAo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:ce:92:94:a8:40:7a:00:5d:e6:88:fd:8d:b9:c3:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9 Validity Not Before: Dec 24 10:01:36 2025 GMT Not After : Dec 25 10:01:36 2025 GMT Subject: CN=180ee05206b3c0c3dd47ed0d39152cf561f0e43f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:db:50:9f:bf:cd:16:36:83:84:50:73:59:94: 8f:84:81:1a:d8:07:3d:0d:20:f7:cd:eb:df:b1:46: b5:37:a7:c8:c0:a1:a8:0a:82:ac:5c:38:80:7f:5d: 7f:c7:30:08:8e:21:ec:a7:ae:cd:a5:01:be:45:96: 10:ce:6b:8f:00:a8:76:0e:32:fb:5e:19:ae:a4:2d: 21:19:56:25:c6:13:86:f3:ad:6e:f5:28:80:1e:ee: f6:06:47:75:42:ca:82:21:13:60:1f:f3:c9:c9:ca: 81:c2:1c:dd:6a:ff:42:85:45:f0:02:58:c9:3c:2b: 46:b1:e3:0c:16:6c:51:6f:78:54:d3:27:47:71:1f: 46:eb:74:3c:0e:5e:3e:e3:65:75:94:59:34:bd:4c: 40:16:6b:a8:18:04:1c:d9:f1:d8:d5:ba:b3:15:79: bd:9c:26:11:18:e5:67:f1:9c:92:82:e5:4e:6d:1a: 36:58:00:7a:ae:73:f8:4a:cb:5e:f7:5f:65:3a:22: b1:31:ab:57:11:37:04:e6:fc:dc:31:3e:96:1a:21: ac:d2:a4:cc:47:3e:c4:19:8f:12:46:9d:d0:e8:08: 36:7d:20:c8:e6:f1:45:0f:0f:f6:2f:12:c5:4e:43: 33:5c:62:39:53:59:03:fb:8e:10:95:df:a2:ce:41: 3c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:0E:E0:52:06:B3:C0:C3:DD:47:ED:0D:39:15:2C:F5:61:F0:E4:3F X509v3 Authority Key Identifier: keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:12:de:2c:7c:c9:42:37:08:5d:1e:29:fe:4e:53:8a:de:6c: 15:3c:78:c2:9e:b3:24:86:c5:d3:97:e2:bd:7f:60:06:82:b7: 2f:2f:d3:c1:73:4f:05:36:21:4a:bf:64:01:14:1d:a5:00:67: a6:8d:07:a3:20:47:0e:48:53:db:c6:c0:53:e6:12:c9:e0:99: 53:09:0d:0f:f2:5e:89:c5:4f:8c:9c:25:14:be:d7:e9:d3:42: 36:91:19:fd:13:a2:56:3c:f0:5c:11:ad:a6:a2:ee:c2:19:cf: 38:de:2c:a8:3f:7c:c8:d4:28:42:9c:92:55:97:17:7e:06:65: 8b:6c:01:1b:59:6b:bb:f6:b4:01:1f:6d:4e:6c:ab:8e:20:fb: 1c:45:07:8d:8a:d4:0f:75:11:c4:5a:68:2a:e7:30:97:4e:11: a1:c0:71:ed:3e:ea:38:0b:7d:83:e9:11:52:12:d4:dc:e8:94: 70:20:ff:e9:99:09:86:70:29:ba:3a:24:79:90:f2:0b:69:89: 5b:b5:da:f6:0c:7a:a5:71:68:70:e2:2a:5d:be:97:e9:40:98: 3c:30:2e:0a:7d:f3:5d:e0:2c:5e:97:dc:10:bd:55:28:d0:92: f5:23:98:f3:8a:05:85:cf:06:9a:a7:0f:f5:23:c6:5f:1f:f8: 6a:02:62:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzpKUqEB6AF3miP2NucMbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi MDk1ZTkwHhcNMjUxMjI0MTAwMTM2WhcNMjUxMjI1MTAwMTM2WjAzMTEwLwYDVQQD EygxODBlZTA1MjA2YjNjMGMzZGQ0N2VkMGQzOTE1MmNmNTYxZjBlNDNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdtQn7/NFjaDhFBzWZSPhIEa2Ac9 DSD3zevfsUa1N6fIwKGoCoKsXDiAf11/xzAIjiHsp67NpQG+RZYQzmuPAKh2DjL7 XhmupC0hGVYlxhOG861u9SiAHu72Bkd1QsqCIRNgH/PJycqBwhzdav9ChUXwAljJ PCtGseMMFmxRb3hU0ydHcR9G63Q8Dl4+42V1lFk0vUxAFmuoGAQc2fHY1bqzFXm9 nCYRGOVn8ZySguVObRo2WAB6rnP4Sste919lOiKxMatXETcE5vzcMT6WGiGs0qTM Rz7EGY8SRp3Q6Ag2fSDI5vFFDw/2LxLFTkMzXGI5U1kD+44Qld+izkE8dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBgO4FIGs8DD3UftDTkVLPVh8OQ/MB8GA1UdIwQY MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt YzlhZDM3Zjk0Y2Q3LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3 LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGhLeLHzJ QjcIXR4p/k5Tit5sFTx4wp6zJIbF05fivX9gBoK3Ly/TwXNPBTYhSr9kARQdpQBn po0HoyBHDkhT28bAU+YSyeCZUwkND/JeicVPjJwlFL7X6dNCNpEZ/ROiVjzwXBGt pqLuwhnPON4sqD98yNQoQpySVZcXfgZli2wBG1lru/a0AR9tTmyrjiD7HEUHjYrU D3URxFpoKucwl04RocBx7T7qOAt9g+kRUhLU3OiUcCD/6ZkJhnApujokeZDyC2mJ W7Xa9gx6pXFocOIqXb6X6UCYPDAuCn3zXeAsXpfcEL1VKNCS9SOY84oFhc8GmqcP 9SPGXx/4agJixw== -----END CERTIFICATE-----Generated at Wed Dec 24 12:34:14 2025 by rpki-client