This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft File: avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json) Hash identifier: gms9edt2M1I9g+94c3HNcxBb4rT+a14cZma0F/oFwTw= Subject key identifier: 74:8D:15:63:0B:42:93:A9:1B:CD:48:CD:A7:CF:DF:DE:61:D8:67:ED Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86 Certificate issuer: /CN=6af2aa504bf37644803c2eef1604d3860b1def86 Certificate serial: 019B337B31328CAE6214EC2B8036DB3AF6E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft Manifest number: 06E2 Signing time: Thu 18 Dec 2025 22:01:10 +0000 Manifest this update: Thu 18 Dec 2025 22:01:10 +0000 Manifest next update: Fri 19 Dec 2025 22:01:10 +0000 Files and hashes: 1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: z68e8uKSHcnUfSWGT5rm21BTRgIwCHh1br3zxQC2ilw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:31:32:8c:ae:62:14:ec:2b:80:36:db:3a:f6:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86 Validity Not Before: Dec 18 22:01:10 2025 GMT Not After : Dec 19 22:01:10 2025 GMT Subject: CN=748d15630b4293a91bcd48cda7cfdfde61d867ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:38:43:24:2c:c6:aa:d8:c6:3a:19:ee:f6:1f: 50:a7:62:b5:d2:fa:0b:c0:0f:96:05:80:d3:bb:aa: a1:77:ba:0d:93:58:57:3c:69:ec:8d:38:b7:98:f9: 34:94:b9:0b:52:e0:71:b0:07:5b:84:d6:36:9b:e2: a5:ae:a3:06:6a:d1:84:23:de:39:88:fc:00:37:20: 18:d9:6e:40:ce:4c:b0:88:5a:d7:c6:6b:90:50:d5: 72:21:3f:74:af:df:6a:96:ee:d0:b9:15:2e:04:d8: 23:94:20:38:7e:6e:94:a5:63:0a:5d:e4:1b:bb:24: 99:7b:20:ae:86:03:a6:9f:b3:5e:86:6b:dd:32:5c: 69:67:d4:75:5a:0b:11:1a:0d:e1:dd:fc:5d:69:ea: 6d:27:5d:80:f9:10:06:7a:39:5c:fe:f9:8f:07:1e: e5:0b:ec:8e:08:9b:8f:d1:1c:1e:42:c6:c5:39:1a: ac:a2:05:27:c2:80:c5:51:47:51:00:52:75:c0:0c: 60:35:e3:8f:77:32:66:d1:3e:bd:7b:91:82:38:c3: 81:14:a5:c9:5d:5b:0a:dc:12:03:dd:4c:55:b9:e7: fa:bc:ed:9c:1f:12:a1:62:9d:5d:21:e6:f8:22:57: af:16:56:f7:48:a4:aa:af:5b:bc:c0:13:77:28:5b: e8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8D:15:63:0B:42:93:A9:1B:CD:48:CD:A7:CF:DF:DE:61:D8:67:ED X509v3 Authority Key Identifier: keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:db:49:81:b7:83:46:12:7f:b9:fc:ef:e0:af:09:fd:28:f4: 20:40:d8:c9:2a:d0:a0:28:be:ea:9f:6a:19:87:3f:05:36:fa: 47:c5:97:56:28:d3:d9:88:86:5c:ae:cc:ef:78:ad:49:52:84: 38:af:91:71:fe:a2:08:f8:d6:50:d4:00:34:ed:34:06:c5:75: f4:67:af:07:1b:6e:63:de:f3:e2:4e:45:ed:78:9a:c1:9a:e1: 24:4a:d6:19:01:5b:fb:8f:90:ea:86:cf:b3:d7:cb:27:89:3d: 8d:c9:d3:8d:18:99:95:8b:c8:99:92:e8:b4:12:aa:d7:11:db: 7a:30:02:f3:0b:eb:87:6b:a2:ae:7f:28:32:78:da:b7:68:97: 94:b1:b8:c9:c7:f2:1c:32:01:c5:b0:1f:c3:89:52:98:39:8a: 0d:04:e1:a8:e8:c7:41:b7:3a:73:89:2b:f8:e9:9a:da:94:8f: 9b:5f:b7:c3:81:50:22:ca:21:6f:8f:6a:c4:05:ac:1f:4d:0b: 4c:6f:95:94:1d:b0:13:bc:d6:d0:51:9a:f2:4f:ba:24:fc:72: 0c:57:82:93:ea:23:51:f6:99:1c:ca:be:08:85:54:1d:18:4f: ab:5c:49:fa:d5:db:04:30:80:82:e9:9b:27:22:47:a3:2f:3f: a2:23:5a:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszezEyjK5iFOwrgDbbOvbjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx ZGVmODYwHhcNMjUxMjE4MjIwMTEwWhcNMjUxMjE5MjIwMTEwWjAzMTEwLwYDVQQD Eyg3NDhkMTU2MzBiNDI5M2E5MWJjZDQ4Y2RhN2NmZGZkZTYxZDg2N2VkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjhDJCzGqtjGOhnu9h9Qp2K10voL wA+WBYDTu6qhd7oNk1hXPGnsjTi3mPk0lLkLUuBxsAdbhNY2m+KlrqMGatGEI945 iPwANyAY2W5AzkywiFrXxmuQUNVyIT90r99qlu7QuRUuBNgjlCA4fm6UpWMKXeQb uySZeyCuhgOmn7NehmvdMlxpZ9R1WgsRGg3h3fxdaeptJ12A+RAGejlc/vmPBx7l C+yOCJuP0RweQsbFORqsogUnwoDFUUdRAFJ1wAxgNeOPdzJm0T69e5GCOMOBFKXJ XVsK3BID3UxVuef6vO2cHxKhYp1dIeb4IlevFlb3SKSqr1u8wBN3KFvowwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSNFWMLQpOpG81IzafP395h2GftMB8GA1UdIwQY MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdtJgbeD RhJ/ufzv4K8J/Sj0IEDYySrQoCi+6p9qGYc/BTb6R8WXVijT2YiGXK7M73itSVKE OK+Rcf6iCPjWUNQANO00BsV19GevBxtuY97z4k5F7XiawZrhJErWGQFb+4+Q6obP s9fLJ4k9jcnTjRiZlYvImZLotBKq1xHbejAC8wvrh2uirn8oMnjat2iXlLG4ycfy HDIBxbAfw4lSmDmKDQThqOjHQbc6c4kr+Oma2pSPm1+3w4FQIsohb49qxAWsH00L TG+VlB2wE7zW0FGa8k+6JPxyDFeCk+ojUfaZHMq+CIVUHRhPq1xJ+tXbBDCAgumb JyJHoy8/oiNaiQ== -----END CERTIFICATE-----Generated at Fri Dec 19 04:53:10 2025 by rpki-client