This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft File: AhtowZzVXWul-GX7DdDW-MnZ49o.mft (raw, json) Hash identifier: 655myGjgOILzG8lHOMYdc41M9VTYcfpV7ww4iWnxPYo= Subject key identifier: 31:40:0C:40:B2:0B:91:68:B6:FF:42:44:7B:FB:5B:AF:7A:C3:86:AF Authority key identifier: 02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA Certificate issuer: /CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da Certificate serial: 019B597706678A1AF648FD4F60EE6070A5BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft Manifest number: 024B Signing time: Fri 26 Dec 2025 07:02:11 +0000 Manifest this update: Fri 26 Dec 2025 07:02:11 +0000 Manifest next update: Sat 27 Dec 2025 07:02:11 +0000 Files and hashes: 1: AhtowZzVXWul-GX7DdDW-MnZ49o.crl (hash: SFe4c07fduY4MIw8rWy9upZ/jX5A7fejNmDZd7Ed/iM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:06:67:8a:1a:f6:48:fd:4f:60:ee:60:70:a5:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da Validity Not Before: Dec 26 07:02:11 2025 GMT Not After : Dec 27 07:02:11 2025 GMT Subject: CN=31400c40b20b9168b6ff42447bfb5baf7ac386af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bd:de:82:7b:25:76:27:54:f7:2f:9e:52:c1: 4e:58:3d:e4:54:31:63:d6:4d:9b:c9:be:72:c0:1e: 0f:0e:a7:ec:be:05:92:d7:6c:cd:86:c9:75:f6:6e: 02:b5:7c:b0:bb:b3:29:9e:76:71:58:2e:d2:cf:f9: 16:54:c6:64:b7:2d:5b:28:06:10:3a:81:05:f7:03: 73:c5:cd:d2:02:fd:50:54:72:f1:c9:97:1f:ce:83: 27:a8:c7:72:13:ee:22:e6:f1:8d:78:04:d5:4b:d9: 8e:72:d3:2d:80:b1:a3:ad:3d:05:cb:9b:93:9a:f7: c1:35:12:49:6a:1e:3b:8c:f8:11:51:65:0e:48:67: 2f:b6:b6:92:66:28:7c:13:6c:95:4a:36:44:05:d3: 4d:bf:61:61:9e:d3:ac:b2:73:b9:c8:e7:54:f6:62: 2b:1d:fb:8f:ab:49:9a:79:0e:11:89:7c:ec:00:27: 91:58:75:d9:23:2e:80:6c:8f:bf:30:a5:e9:be:de: bc:ca:2b:44:a1:d6:df:a9:c2:c4:27:b8:ee:40:4f: f3:c1:24:b2:f7:76:a2:99:fb:25:37:48:1f:37:f3: 65:b9:f4:e7:79:30:65:47:90:2e:7f:e0:32:0b:fd: ff:83:4d:7c:94:78:df:3b:8e:c3:58:ac:47:cd:94: d0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:40:0C:40:B2:0B:91:68:B6:FF:42:44:7B:FB:5B:AF:7A:C3:86:AF X509v3 Authority Key Identifier: keyid:02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:99:09:fc:8c:32:99:89:48:47:b5:f4:de:68:18:89:87:71: 12:d9:6e:a2:88:f1:f1:c0:1d:87:eb:88:0d:b0:ba:df:10:b8: 85:e3:fc:be:9e:45:3a:3d:2c:9b:54:0b:f6:7e:4e:45:07:7d: 0c:e5:24:69:76:01:fe:1e:44:4f:6a:94:db:3c:11:34:1d:93: eb:70:6a:ab:3e:04:bf:b4:f6:02:c3:d0:e4:d5:e8:cd:59:13: af:b1:a3:53:bd:3a:c9:d7:bd:07:6b:74:5f:a1:4d:d6:16:e4: cd:62:d5:4e:b9:43:2d:3e:cf:db:b8:8b:25:f2:b5:f4:46:b7: 6e:93:b8:ce:7a:08:a0:f6:74:a2:60:25:14:a6:d2:bb:98:54: d0:a6:40:41:20:3a:d7:93:97:c8:6a:4f:ed:c8:58:02:3f:3b: 12:dc:07:a1:03:2b:fa:75:bd:ff:6e:1b:6f:d8:81:98:6f:bc: f8:53:3a:95:b8:d6:94:2b:cc:36:4d:f8:88:eb:89:9f:e2:bd: f1:e0:8f:bf:03:27:7a:27:95:97:47:3e:90:32:4f:a2:7d:42: 21:08:26:e4:88:fa:88:bf:90:d9:f6:dd:2d:b9:2e:ca:5b:66: e8:68:66:d5:74:13:80:21:3d:2e:61:32:e4:99:0a:e6:56:17: 0c:99:83:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdwZnihr2SP1PYO5gcKW6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyMWI2OGMxOWNkNTVkNmJhNWY4NjVmYjBkZDBkNmY4Yzlk OWUzZGEwHhcNMjUxMjI2MDcwMjExWhcNMjUxMjI3MDcwMjExWjAzMTEwLwYDVQQD EygzMTQwMGM0MGIyMGI5MTY4YjZmZjQyNDQ3YmZiNWJhZjdhYzM4NmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu73egnsldidU9y+eUsFOWD3kVDFj 1k2byb5ywB4PDqfsvgWS12zNhsl19m4CtXywu7MpnnZxWC7Sz/kWVMZkty1bKAYQ OoEF9wNzxc3SAv1QVHLxyZcfzoMnqMdyE+4i5vGNeATVS9mOctMtgLGjrT0Fy5uT mvfBNRJJah47jPgRUWUOSGcvtraSZih8E2yVSjZEBdNNv2FhntOssnO5yOdU9mIr HfuPq0maeQ4RiXzsACeRWHXZIy6AbI+/MKXpvt68yitEodbfqcLEJ7juQE/zwSSy 93aimfslN0gfN/NlufTneTBlR5Auf+AyC/3/g018lHjfO47DWKxHzZTQcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDFADECyC5Fotv9CRHv7W696w4avMB8GA1UdIwQY MBaAFAIbaMGc1V1rpfhl+w3Q1vjJ2ePaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWIt Nzc3MGU3OTA3MjBmLzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWItNzc3MGU3OTA3MjBm LzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5kJ/Iwy mYlIR7X03mgYiYdxEtluoojx8cAdh+uIDbC63xC4heP8vp5FOj0sm1QL9n5ORQd9 DOUkaXYB/h5ET2qU2zwRNB2T63Bqqz4Ev7T2AsPQ5NXozVkTr7GjU706yde9B2t0 X6FN1hbkzWLVTrlDLT7P27iLJfK19Ea3bpO4znoIoPZ0omAlFKbSu5hU0KZAQSA6 15OXyGpP7chYAj87EtwHoQMr+nW9/24bb9iBmG+8+FM6lbjWlCvMNk34iOuJn+K9 8eCPvwMneieVl0c+kDJPon1CIQgm5Ij6iL+Q2fbdLbkuyltm6Ghm1XQTgCE9LmEy 5JkK5lYXDJmDcA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:17 2025 by rpki-client