This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft File: AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft (raw, json) Hash identifier: q0V30QPUWvVl+68Z5Etngb8I/V1FgA20DBcAl9EfNCI= Subject key identifier: C8:E2:E8:AC:4F:CC:2D:D6:27:D3:32:2A:80:77:F9:3F:BF:AA:00:5D Authority key identifier: 01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1 Certificate issuer: /CN=017c90654653ac150028562b32431491b52147d1 Certificate serial: 019B3CEBA8D200CA513B8473A982CF940121 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft Manifest number: 0F67 Signing time: Sat 20 Dec 2025 18:00:35 +0000 Manifest this update: Sat 20 Dec 2025 18:00:35 +0000 Manifest next update: Sun 21 Dec 2025 18:00:35 +0000 Files and hashes: 1: AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl (hash: 4ox38nFDZywnWFdnOGKMijDrqtOKWUpTI3oO2XZnq98=) 2: L2lE8nOnlyxmaD3x1ZRACrDCMP8.roa (hash: ZXu28qkdGNNh4liAxQWetF6CZII1uCDb6IiGf6WW5Vw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:a8:d2:00:ca:51:3b:84:73:a9:82:cf:94:01:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=017c90654653ac150028562b32431491b52147d1 Validity Not Before: Dec 20 18:00:35 2025 GMT Not After : Dec 21 18:00:35 2025 GMT Subject: CN=c8e2e8ac4fcc2dd627d3322a8077f93fbfaa005d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a3:e6:15:37:d6:38:f7:cd:3a:34:3d:50:a6: 11:83:2f:50:8f:71:f0:da:c4:37:9f:f2:2b:b3:18: d8:39:ef:b3:b0:ad:2d:3e:1b:ae:64:41:fe:72:76: fd:8c:36:c8:b9:98:ef:eb:59:e6:0c:52:89:2b:70: dd:3b:71:b9:07:0a:48:2b:e5:dc:89:07:80:9c:cd: 82:dd:88:17:43:11:9c:89:d6:c6:26:4f:6b:f4:bc: da:f2:31:00:50:29:38:8a:91:35:c8:70:29:60:d1: 6e:f1:c2:17:32:a2:6b:e9:18:fd:9f:08:5b:15:33: 1b:ac:22:7a:1f:fd:f0:e7:98:67:3d:05:21:d8:23: c8:8f:50:a6:df:98:f8:67:1e:1f:c5:96:1f:e6:8e: 65:de:a6:eb:92:7a:73:4e:a9:d8:43:a2:11:d2:b8: 8c:c6:37:1d:4b:af:4e:7b:f3:c5:aa:cf:c4:25:43: 8c:5f:e5:20:99:6b:5a:f4:31:93:00:a0:7a:3a:fe: 19:d9:19:9d:51:13:47:ba:b7:57:8a:4d:c0:49:de: 10:8a:15:6c:94:df:bd:4a:16:e4:5e:9e:1d:6c:09: 50:08:bb:db:75:dc:f6:15:39:e6:e3:59:a6:1f:ca: 8e:e3:e6:57:4a:e3:2d:42:3f:f9:5f:98:7e:68:37: 9b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:E2:E8:AC:4F:CC:2D:D6:27:D3:32:2A:80:77:F9:3F:BF:AA:00:5D X509v3 Authority Key Identifier: keyid:01:7C:90:65:46:53:AC:15:00:28:56:2B:32:43:14:91:B5:21:47:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXyQZUZTrBUAKFYrMkMUkbUhR9E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/35b7e5-8864-4759-bb86-7013a6c43985/1/AXyQZUZTrBUAKFYrMkMUkbUhR9E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ad:6a:b5:e6:18:d7:e3:0f:4c:69:2e:c7:3d:ed:4b:3a:df: 20:97:cc:a0:49:02:00:4e:22:b0:fd:6c:9a:77:3d:37:a3:f1: e7:46:4d:94:82:7d:78:4a:b3:18:d1:8a:17:bc:4a:08:08:00: 05:78:a2:12:d0:58:8d:35:63:5c:56:22:60:47:f0:19:a1:0f: 8d:ae:e2:68:d2:74:03:5a:06:b9:60:00:64:ff:a3:73:2a:86: 33:13:9f:a7:05:b2:f5:49:38:53:7b:d1:c6:21:6c:9c:2a:67: 49:2f:75:09:c4:f1:e1:f4:2d:8e:75:d6:18:52:5d:2d:65:9e: f8:ed:c4:d7:18:3b:f3:7a:b7:b0:3d:56:1b:6c:61:af:84:a0: 59:1a:a9:54:48:b8:1f:70:cf:d3:1b:09:7f:11:1a:d3:04:d6: 6a:cf:57:5f:d9:4b:c0:90:70:13:71:e2:af:a6:54:54:95:28: f5:38:81:75:15:ca:a4:ff:66:22:ee:d3:18:1b:29:10:38:46: 2f:0b:65:b3:66:6e:f3:7e:0d:d3:72:22:e3:70:4f:93:e5:a9: c4:cb:cb:51:d7:80:c9:73:32:78:00:4d:b8:ca:37:40:a7:d2: f9:12:88:5e:87:12:18:75:1b:bf:26:9a:2c:a0:c9:64:29:80: fc:7f:11:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs866jSAMpRO4RzqYLPlAEhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxN2M5MDY1NDY1M2FjMTUwMDI4NTYyYjMyNDMxNDkxYjUy MTQ3ZDEwHhcNMjUxMjIwMTgwMDM1WhcNMjUxMjIxMTgwMDM1WjAzMTEwLwYDVQQD EyhjOGUyZThhYzRmY2MyZGQ2MjdkMzMyMmE4MDc3ZjkzZmJmYWEwMDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6PmFTfWOPfNOjQ9UKYRgy9Qj3Hw 2sQ3n/IrsxjYOe+zsK0tPhuuZEH+cnb9jDbIuZjv61nmDFKJK3DdO3G5BwpIK+Xc iQeAnM2C3YgXQxGcidbGJk9r9Lza8jEAUCk4ipE1yHApYNFu8cIXMqJr6Rj9nwhb FTMbrCJ6H/3w55hnPQUh2CPIj1Cm35j4Zx4fxZYf5o5l3qbrknpzTqnYQ6IR0riM xjcdS69Oe/PFqs/EJUOMX+UgmWta9DGTAKB6Ov4Z2RmdURNHurdXik3ASd4QihVs lN+9ShbkXp4dbAlQCLvbddz2FTnm41mmH8qO4+ZXSuMtQj/5X5h+aDeb+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMji6KxPzC3WJ9MyKoB3+T+/qgBdMB8GA1UdIwQY MBaAFAF8kGVGU6wVAChWKzJDFJG1IUfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYt NzAxM2E2YzQzOTg1LzEvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi8zNWI3ZTUtODg2NC00NzU5LWJiODYtNzAxM2E2YzQzOTg1 LzEvQVh5UVpVWlRyQlVBS0ZZck1rTVVrYlVoUjlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC61qteYY 1+MPTGkuxz3tSzrfIJfMoEkCAE4isP1smnc9N6Px50ZNlIJ9eEqzGNGKF7xKCAgA BXiiEtBYjTVjXFYiYEfwGaEPja7iaNJ0A1oGuWAAZP+jcyqGMxOfpwWy9Uk4U3vR xiFsnCpnSS91CcTx4fQtjnXWGFJdLWWe+O3E1xg783q3sD1WG2xhr4SgWRqpVEi4 H3DP0xsJfxEa0wTWas9XX9lLwJBwE3Hir6ZUVJUo9TiBdRXKpP9mIu7TGBspEDhG Lwtls2Zu834N03Ii43BPk+WpxMvLUdeAyXMyeABNuMo3QKfS+RKIXocSGHUbvyaa LKDJZCmA/H8R9g== -----END CERTIFICATE-----Generated at Sun Dec 21 00:59:08 2025 by rpki-client