This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft File: ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft (raw, json) Hash identifier: cRLnlmgE6lrd7PUiz53ZzkT05JgODt+ki0kle0FOCa8= Subject key identifier: FD:20:9C:88:07:D1:59:7E:D1:D1:33:1D:EF:9C:1B:C9:48:3B:15:17 Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF Certificate issuer: /CN=0291d4de130da6aace22ed99650be182497e0bcf Certificate serial: 019B38A1B3A117F72B50F8BF204D83F525B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft Manifest number: 1785 Signing time: Fri 19 Dec 2025 22:01:19 +0000 Manifest this update: Fri 19 Dec 2025 22:01:19 +0000 Manifest next update: Sat 20 Dec 2025 22:01:19 +0000 Files and hashes: 1: ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl (hash: jTvMa01U1qwOYAlWv1iGoxHpdTSTH60ky2rMl6R7kL8=) 2: Bbv2QAFPf4Szau3NTd0aayAiypc.roa (hash: cRocTgGmyLRnpI3qcdUdz3Vd6OE/CS3oghy6+UyVfVc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:b3:a1:17:f7:2b:50:f8:bf:20:4d:83:f5:25:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf Validity Not Before: Dec 19 22:01:19 2025 GMT Not After : Dec 20 22:01:19 2025 GMT Subject: CN=fd209c8807d1597ed1d1331def9c1bc9483b1517 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:9a:79:50:19:b2:59:2c:e7:e1:cc:af:67:1f: e8:f0:f5:30:bf:9b:54:2c:c8:ca:48:27:0e:b1:cc: d7:65:35:d2:5b:27:eb:cd:56:ea:f9:6f:dd:3e:6e: 6e:66:59:f8:e8:f2:23:c8:0d:72:2c:d8:a4:80:b2: 78:96:df:ee:81:3a:51:82:f4:c8:ed:03:cf:27:24: 9b:51:0a:a6:96:2a:05:cc:0f:df:7f:cc:5f:ef:9a: d8:af:90:27:d2:8f:02:84:96:c4:27:07:21:12:48: 8f:e0:d7:91:74:9a:ee:76:a7:0d:8a:07:8f:33:23: da:7d:be:2a:a0:b1:8d:92:71:06:0b:d3:43:b4:14: 96:b1:cc:61:bf:5e:fc:bb:52:07:47:2b:9e:08:d9: 55:e2:6d:20:35:40:b6:24:ec:54:ca:eb:4d:1c:c6: c0:00:e7:86:5d:50:e9:f9:48:8e:e4:0f:8d:3d:93: 0f:89:b8:fd:64:27:b1:a0:5b:26:68:61:f0:f8:26: 55:1a:00:06:a0:9f:4c:85:bb:0c:62:83:54:8b:0c: b2:50:01:6f:11:53:41:c7:b0:e0:48:49:7c:dc:91: 6c:d2:f0:5c:ef:5b:6e:e2:90:f2:e3:5f:02:f2:c5: c7:cc:8c:56:2f:f2:67:40:5e:74:78:21:9d:2b:d2: 7f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:20:9C:88:07:D1:59:7E:D1:D1:33:1D:EF:9C:1B:C9:48:3B:15:17 X509v3 Authority Key Identifier: keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:f2:1b:80:f5:8f:81:78:40:4a:a8:05:53:3c:f8:57:fe:90: 77:26:9f:23:78:42:3a:fb:74:d0:0b:aa:6f:89:2f:11:0c:b7: 8f:13:f7:ff:63:49:c7:32:fe:7c:3f:03:cc:d5:5d:8b:d3:a2: d4:67:96:6a:08:02:77:a2:5a:3a:ad:55:9d:93:0e:2a:b8:f0: 8a:67:d0:83:77:9e:a4:52:64:bb:17:49:e9:2b:47:8e:d2:b8: b3:a9:a5:3d:96:b6:0f:6b:c1:d1:f9:28:93:2b:64:27:8c:da: e5:cc:63:bd:25:ab:e3:0d:c2:73:94:5d:11:eb:d9:e3:f4:4e: ca:f8:48:eb:99:7e:3e:9c:08:17:1e:1a:9a:87:84:c6:8a:be: be:4d:d6:63:2b:84:e3:46:49:1c:a4:08:19:05:89:21:b1:74: 85:e4:cb:47:bf:f5:83:97:13:b4:43:bd:33:71:04:fa:07:14: f0:f5:24:95:b5:a5:f0:3d:c8:44:28:d2:ba:1b:de:20:b1:30: 94:fb:d7:bc:f2:75:9e:be:d9:d4:08:65:24:c1:e1:b0:50:fb: 8b:3d:6e:48:94:e8:d1:d5:26:e0:08:85:db:b0:06:37:6a:f5: de:f2:cd:c8:7b:a8:a2:4a:98:11:ab:b8:67:9b:a6:be:9a:2c: ac:12:04:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4obOhF/crUPi/IE2D9SWyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3 ZTBiY2YwHhcNMjUxMjE5MjIwMTE5WhcNMjUxMjIwMjIwMTE5WjAzMTEwLwYDVQQD EyhmZDIwOWM4ODA3ZDE1OTdlZDFkMTMzMWRlZjljMWJjOTQ4M2IxNTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Jp5UBmyWSzn4cyvZx/o8PUwv5tU LMjKSCcOsczXZTXSWyfrzVbq+W/dPm5uZln46PIjyA1yLNikgLJ4lt/ugTpRgvTI 7QPPJySbUQqmlioFzA/ff8xf75rYr5An0o8ChJbEJwchEkiP4NeRdJrudqcNigeP MyPafb4qoLGNknEGC9NDtBSWscxhv178u1IHRyueCNlV4m0gNUC2JOxUyutNHMbA AOeGXVDp+UiO5A+NPZMPibj9ZCexoFsmaGHw+CZVGgAGoJ9MhbsMYoNUiwyyUAFv EVNBx7DgSEl83JFs0vBc71tu4pDy418C8sXHzIxWL/JnQF50eCGdK9J/XQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP0gnIgH0Vl+0dEzHe+cG8lIOxUXMB8GA1UdIwQY MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt Nzc4MTY4MTA3N2Y3LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3 LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/IbgPWP gXhASqgFUzz4V/6QdyafI3hCOvt00Auqb4kvEQy3jxP3/2NJxzL+fD8DzNVdi9Oi 1GeWaggCd6JaOq1VnZMOKrjwimfQg3eepFJkuxdJ6StHjtK4s6mlPZa2D2vB0fko kytkJ4za5cxjvSWr4w3Cc5RdEevZ4/ROyvhI65l+PpwIFx4amoeExoq+vk3WYyuE 40ZJHKQIGQWJIbF0heTLR7/1g5cTtEO9M3EE+gcU8PUklbWl8D3IRCjSuhveILEw lPvXvPJ1nr7Z1AhlJMHhsFD7iz1uSJTo0dUm4AiF27AGN2r13vLNyHuookqYEau4 Z5umvposrBIEYA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:40:58 2025 by rpki-client