This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft File: AOLDNzGtylfcwzsvuCM_wDiwlek.mft (raw, json) Hash identifier: YYhKO40xuECNK3wdtdwzZugftuL6iSiNOZQGEw4XdFM= Subject key identifier: 78:76:A5:AB:F2:4D:8C:81:FB:A7:2E:06:27:6B:54:83:D5:2B:58:7D Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9 Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9 Certificate serial: 019B4DE0C7D7F38F0A999D29D4AF7051FF97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft Manifest number: 12CF Signing time: Wed 24 Dec 2025 01:02:15 +0000 Manifest this update: Wed 24 Dec 2025 01:02:15 +0000 Manifest next update: Thu 25 Dec 2025 01:02:15 +0000 Files and hashes: 1: AOLDNzGtylfcwzsvuCM_wDiwlek.crl (hash: bj3GKgNelzupjG3Kax2SHe9EmmniHkHKtXEk1WhTeYY=) 2: lx4r-_of66D7nj4_JxEX4B7iGSo.roa (hash: nBmUpTvMg37xBiu7Iw7rIz0CmSBaScYekCzZq9oCvAo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 01:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:e0:c7:d7:f3:8f:0a:99:9d:29:d4:af:70:51:ff:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9 Validity Not Before: Dec 24 01:02:15 2025 GMT Not After : Dec 25 01:02:15 2025 GMT Subject: CN=7876a5abf24d8c81fba72e06276b5483d52b587d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:bc:b2:5c:86:cd:92:a5:b7:25:48:64:01:62: df:eb:1d:d8:28:12:df:f6:f7:bd:a2:8f:6d:39:c3: 9a:c7:6c:f5:97:7a:8d:b7:19:78:0d:96:0b:13:d6: 69:99:67:89:ad:74:a3:f2:a9:ca:64:b1:53:6c:78: 35:d9:bd:21:0e:ac:35:26:39:ce:18:a3:5b:ee:62: 40:05:74:1b:fc:95:78:70:99:fd:68:80:49:16:40: 0e:6b:b9:25:7d:73:0f:97:03:f6:5b:82:3f:fa:a8: bc:e4:67:41:0c:c6:35:df:d4:ff:9f:9f:5e:af:61: 99:d1:05:d4:51:c9:1f:23:1d:ae:ed:ed:71:90:3a: 96:44:46:81:ab:50:da:e4:90:41:f5:d4:b6:69:5c: f7:05:9b:d8:a4:1c:37:dc:3c:d4:0b:a7:1f:f3:3a: 5f:9a:f9:4b:e5:83:ea:69:a1:0b:5f:71:aa:84:f9: 5d:d4:27:bb:04:94:25:8a:98:7f:22:38:5b:e1:b1: f4:96:2e:78:c8:fd:f1:f9:7d:87:92:81:98:fd:32: f6:b6:e7:2e:67:07:8b:a3:17:76:7a:c6:b6:db:d2: 3a:44:6c:57:9a:26:fd:75:c4:c6:92:f9:88:bf:68: 54:3a:4d:fc:68:d7:64:f1:da:0c:11:39:b2:ea:17: 38:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:76:A5:AB:F2:4D:8C:81:FB:A7:2E:06:27:6B:54:83:D5:2B:58:7D X509v3 Authority Key Identifier: keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:ea:9f:4c:fe:61:04:f8:92:62:d5:3f:59:d8:1d:a8:d8:bd: a6:ae:06:3c:af:2d:da:4f:6d:41:9c:37:e0:eb:d3:9a:07:70: af:bc:34:be:30:96:5e:8f:56:b7:dc:d2:8a:43:68:00:38:4c: 26:08:04:0d:32:d0:b5:41:5a:d4:19:fc:50:05:e8:c0:c6:dd: c4:f6:cc:d8:ac:3f:bb:8a:88:56:6d:74:2c:28:b4:db:79:12: 43:1c:df:cd:04:67:ba:c1:35:e4:8c:10:f8:91:28:c8:64:f1: 97:4d:ea:f8:28:a4:8f:b7:b9:14:44:47:6b:4e:d0:1a:35:40: f1:d9:63:bb:fc:db:60:a5:58:99:bf:eb:ed:95:26:88:b2:01: 88:3a:07:b4:62:ef:a1:92:ba:58:ea:75:bd:b0:d3:82:ed:f9: a2:03:b4:8c:ec:38:fe:74:6c:e8:e6:a6:d0:d2:0b:7a:94:b0: 61:d9:1c:82:22:f2:67:57:8a:00:68:26:7c:00:a6:7a:bb:8a: 6a:97:a0:65:04:62:e0:ef:51:23:5f:33:67:18:43:2d:ca:4f: 10:4c:ad:1e:ad:ab:3a:a5:44:2c:d9:03:bb:f5:7b:be:d9:b2: 2a:79:50:a3:0e:fc:76:82:c7:3a:31:0a:00:e9:f5:73:6a:ea: ff:0d:8a:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN4MfX848KmZ0p1K9wUf+XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi MDk1ZTkwHhcNMjUxMjI0MDEwMjE1WhcNMjUxMjI1MDEwMjE1WjAzMTEwLwYDVQQD Eyg3ODc2YTVhYmYyNGQ4YzgxZmJhNzJlMDYyNzZiNTQ4M2Q1MmI1ODdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobyyXIbNkqW3JUhkAWLf6x3YKBLf 9ve9oo9tOcOax2z1l3qNtxl4DZYLE9ZpmWeJrXSj8qnKZLFTbHg12b0hDqw1JjnO GKNb7mJABXQb/JV4cJn9aIBJFkAOa7klfXMPlwP2W4I/+qi85GdBDMY139T/n59e r2GZ0QXUUckfIx2u7e1xkDqWREaBq1Da5JBB9dS2aVz3BZvYpBw33DzUC6cf8zpf mvlL5YPqaaELX3GqhPld1Ce7BJQliph/Ijhb4bH0li54yP3x+X2HkoGY/TL2tucu ZweLoxd2esa229I6RGxXmib9dcTGkvmIv2hUOk38aNdk8doMETmy6hc4IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHh2pavyTYyB+6cuBidrVIPVK1h9MB8GA1UdIwQY MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt YzlhZDM3Zjk0Y2Q3LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3 LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHuqfTP5h BPiSYtU/WdgdqNi9pq4GPK8t2k9tQZw34OvTmgdwr7w0vjCWXo9Wt9zSikNoADhM JggEDTLQtUFa1Bn8UAXowMbdxPbM2Kw/u4qIVm10LCi023kSQxzfzQRnusE15IwQ +JEoyGTxl03q+Cikj7e5FERHa07QGjVA8dlju/zbYKVYmb/r7ZUmiLIBiDoHtGLv oZK6WOp1vbDTgu35ogO0jOw4/nRs6Oam0NILepSwYdkcgiLyZ1eKAGgmfACmeruK apegZQRi4O9RI18zZxhDLcpPEEytHq2rOqVELNkDu/V7vtmyKnlQow78doLHOjEK AOn1c2rq/w2KRg== -----END CERTIFICATE-----Generated at Wed Dec 24 10:56:44 2025 by rpki-client