This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft File: r-iiApeGib2NX15X_MG_64Z8Mio.mft (raw, json) Hash identifier: giKnD1nqdYoX8cpzPh0iatHem4/oEUpynmz+GVFkZk8= Subject key identifier: D3:FB:25:E3:DC:2E:48:A5:75:AD:81:95:F7:34:05:94:5C:71:5E:AB Authority key identifier: AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A Certificate issuer: /CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a Certificate serial: 019B5975EA45EFDF100D8172D6699B1E4EA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft Manifest number: 1793 Signing time: Fri 26 Dec 2025 07:00:58 +0000 Manifest this update: Fri 26 Dec 2025 07:00:58 +0000 Manifest next update: Sat 27 Dec 2025 07:00:58 +0000 Files and hashes: 1: r-iiApeGib2NX15X_MG_64Z8Mio.crl (hash: ZZDvf8YRofkaWuz4M4aWI5Aj2XJvfjpsR0dkvjcFG0s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:ea:45:ef:df:10:0d:81:72:d6:69:9b:1e:4e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a Validity Not Before: Dec 26 07:00:58 2025 GMT Not After : Dec 27 07:00:58 2025 GMT Subject: CN=d3fb25e3dc2e48a575ad8195f73405945c715eab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:78:55:05:4e:82:59:14:77:7d:45:86:63:30: 42:03:6f:2d:85:38:94:72:45:a9:e1:34:d8:e2:10: df:6f:ea:9a:05:b1:f8:c0:59:12:b6:21:23:8e:25: 28:23:b7:7d:4d:8f:9e:24:72:2f:6f:f2:09:60:31: c7:9a:db:4c:e0:47:a7:ac:e5:2e:7a:ea:16:55:fb: 6a:36:c9:a0:1d:46:2c:77:fd:35:d2:7d:3c:ab:5f: 09:cf:cc:a8:6a:e9:50:de:a7:69:4a:82:74:31:a9: 73:05:5e:43:6f:59:f9:26:c8:d2:27:39:63:45:9a: 68:43:b6:2a:6e:48:2b:03:25:a1:51:48:01:e6:50: 3e:a7:56:6c:7e:e4:be:41:1f:05:cc:f6:d5:8b:f1: cf:fe:f8:ad:9b:6c:71:a9:c5:1d:6a:97:7c:eb:f3: 8b:e8:4a:07:b8:6b:c5:d7:04:00:bf:82:22:d3:40: 3b:6c:20:11:c6:3d:69:3e:00:6f:b2:c8:62:e2:93: 03:5a:88:89:fc:0e:64:60:92:a1:af:0f:88:e8:3a: 8d:2a:25:fa:7f:fc:f3:b8:16:e5:84:36:a1:1c:22: c6:a4:ce:0a:43:ee:47:69:55:dd:6b:6d:17:be:e7: d3:15:53:ec:d4:1b:70:64:ef:eb:23:b6:fb:6c:99: 9b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:FB:25:E3:DC:2E:48:A5:75:AD:81:95:F7:34:05:94:5C:71:5E:AB X509v3 Authority Key Identifier: keyid:AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:82:3f:3f:df:ff:dd:b1:08:d5:1c:f7:2a:30:c2:5c:75:1b: 40:2f:b4:bc:af:f4:c4:e2:04:bf:07:db:56:a2:64:35:07:6d: f6:37:c9:f9:92:a2:67:42:dd:26:41:b5:1a:a0:56:9b:22:37: b2:e6:4a:0a:ad:a2:93:c5:55:b0:6b:32:92:29:e9:ac:f3:27: c7:85:b1:c2:f2:09:20:52:84:9f:c5:c2:ae:2c:ee:aa:49:91: 00:dc:06:fe:2f:02:e7:12:25:46:2c:9f:db:37:d7:d6:83:16: e2:9a:41:2b:e6:76:a0:86:e7:e9:33:cc:84:d8:ce:db:ad:1b: ee:06:b8:2e:49:88:b9:8a:91:ca:69:5b:9e:79:43:12:e0:67: 16:4e:cc:17:94:cf:a1:8b:3b:99:41:71:40:d8:59:bd:eb:43: df:73:66:b5:e5:5b:92:92:a2:7e:2e:b3:64:33:6d:65:57:3c: 5a:e9:56:d2:fd:79:85:e1:f0:a8:8e:f7:23:13:e4:66:c2:70: b5:a0:1d:31:e3:89:f6:ad:10:f4:d7:b3:b0:da:94:e9:7b:c2: 01:1e:ab:ce:e2:ca:35:03:4d:38:63:25:e3:0d:4d:04:b2:c3: 0c:a0:d6:2e:00:f9:f1:2d:cf:37:0d:16:57:4a:08:28:0f:49: df:62:0d:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdepF798QDYFy1mmbHk6mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZThhMjAyOTc4Njg5YmQ4ZDVmNWU1N2ZjYzFiZmViODY3 YzMyMmEwHhcNMjUxMjI2MDcwMDU4WhcNMjUxMjI3MDcwMDU4WjAzMTEwLwYDVQQD EyhkM2ZiMjVlM2RjMmU0OGE1NzVhZDgxOTVmNzM0MDU5NDVjNzE1ZWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXhVBU6CWRR3fUWGYzBCA28thTiU ckWp4TTY4hDfb+qaBbH4wFkStiEjjiUoI7d9TY+eJHIvb/IJYDHHmttM4EenrOUu euoWVftqNsmgHUYsd/010n08q18Jz8yoaulQ3qdpSoJ0MalzBV5Db1n5JsjSJzlj RZpoQ7YqbkgrAyWhUUgB5lA+p1ZsfuS+QR8FzPbVi/HP/vitm2xxqcUdapd86/OL 6EoHuGvF1wQAv4Ii00A7bCARxj1pPgBvsshi4pMDWoiJ/A5kYJKhrw+I6DqNKiX6 f/zzuBblhDahHCLGpM4KQ+5HaVXda20XvufTFVPs1BtwZO/rI7b7bJmb/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNP7JePcLkilda2Blfc0BZRccV6rMB8GA1UdIwQY MBaAFK/oogKXhom9jV9eV/zBv+uGfDIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQt ZDdiMDg5NDhmN2M3LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQtZDdiMDg5NDhmN2M3 LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4I/P9// 3bEI1Rz3KjDCXHUbQC+0vK/0xOIEvwfbVqJkNQdt9jfJ+ZKiZ0LdJkG1GqBWmyI3 suZKCq2ik8VVsGsykinprPMnx4WxwvIJIFKEn8XCrizuqkmRANwG/i8C5xIlRiyf 2zfX1oMW4ppBK+Z2oIbn6TPMhNjO260b7ga4LkmIuYqRymlbnnlDEuBnFk7MF5TP oYs7mUFxQNhZvetD33NmteVbkpKifi6zZDNtZVc8WulW0v15heHwqI73IxPkZsJw taAdMeOJ9q0Q9NezsNqU6XvCAR6rzuLKNQNNOGMl4w1NBLLDDKDWLgD58S3PNw0W V0oIKA9J32INWg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:22 2025 by rpki-client