This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft File: A_P-YHUIK-jliDKbQ9dhv257AdA.mft (raw, json) Hash identifier: FQT7qSiafDOWmTZTtmflfA423gZ2WdTYtlwx1D8wciU= Subject key identifier: AF:15:7A:C8:A1:13:90:61:AC:EF:23:75:84:BD:C4:68:3F:1E:10:48 Authority key identifier: 03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0 Certificate issuer: /CN=03f3fe6075082be8e588329b43d761bf6e7b01d0 Certificate serial: 019B37C59B9DA4A7FFF58631681680282ED0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft Manifest number: 09B9 Signing time: Fri 19 Dec 2025 18:00:55 +0000 Manifest this update: Fri 19 Dec 2025 18:00:55 +0000 Manifest next update: Sat 20 Dec 2025 18:00:55 +0000 Files and hashes: 1: A_P-YHUIK-jliDKbQ9dhv257AdA.crl (hash: 6v8muv4VJAXTfiCuPbnb8DbsL1M/JWQ0JHytwUXWZvY=) 2: NLokuyayf_xTBz620eUda7ND62Y.roa (hash: wnbXZXqLcKm2LPuwdWnQJhZT1lgCNXU3KAjP4hIxaAc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:c5:9b:9d:a4:a7:ff:f5:86:31:68:16:80:28:2e:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03f3fe6075082be8e588329b43d761bf6e7b01d0 Validity Not Before: Dec 19 18:00:55 2025 GMT Not After : Dec 20 18:00:55 2025 GMT Subject: CN=af157ac8a1139061acef237584bdc4683f1e1048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:94:6f:24:d8:40:67:c2:f3:d8:92:0b:fb:27: 20:23:01:12:28:c0:f9:6c:42:2c:23:cb:8d:26:a2: 63:61:31:f4:0f:12:bb:50:69:bb:ec:02:42:cb:5d: 12:cf:86:c3:3a:a2:6c:98:84:a7:6e:e5:0f:13:f3: b4:90:ed:81:b9:cc:db:37:0e:e3:c5:96:54:e8:03: fe:ba:d7:6d:e4:94:33:31:4e:7f:6c:2f:b4:ac:4b: e9:18:9b:a7:d0:02:a3:29:46:01:4b:49:00:12:aa: b2:f2:f2:47:99:f7:20:46:35:cb:c6:00:3b:81:a8: da:e6:d5:eb:e7:55:99:0e:af:b7:7f:49:0b:21:9d: ca:42:af:8a:f7:be:b1:63:f6:3a:62:23:69:a9:90: e2:dc:b2:75:fb:03:8b:58:c2:1a:3d:9b:2d:0b:bc: db:a8:3c:71:16:d8:86:bf:e7:24:39:78:54:05:b9: 0d:c7:1f:a3:e3:71:c7:93:49:50:8d:21:0d:cc:8c: 87:d0:23:08:4e:c4:1e:10:b2:f2:88:75:d5:09:b1: 3b:00:8f:07:fb:b2:07:b9:f1:6e:e4:21:21:c6:14: 0d:b7:c6:4f:04:4e:ac:85:64:43:d5:94:73:7c:2e: 72:c5:ed:55:76:ad:ab:2d:f6:34:af:1f:e6:2d:ef: 8a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:15:7A:C8:A1:13:90:61:AC:EF:23:75:84:BD:C4:68:3F:1E:10:48 X509v3 Authority Key Identifier: keyid:03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:45:83:b7:94:a0:17:13:0e:3f:3f:8e:fe:3e:af:f0:b2:8f: 08:eb:20:12:c2:2b:34:0e:d1:bc:72:b4:f2:71:f3:e8:b5:c1: b4:40:cb:24:fc:9e:b4:d8:fc:bd:26:86:2a:3e:5d:5d:4d:9e: 34:3b:20:13:ae:c3:4c:ca:0b:ad:b2:cc:17:ec:b8:cb:4d:d5: 3b:67:0b:d4:f3:87:a3:bc:15:45:f7:e7:2e:ca:e8:ea:b4:38: 31:39:da:59:56:89:48:c8:c6:cc:70:70:82:2d:31:60:89:bb: 0d:12:88:d4:91:5f:07:f3:5d:b2:ca:dd:d3:42:d3:ef:a8:28: c3:af:d7:0b:1d:ff:55:b6:fe:8e:03:47:6b:10:6c:2b:c1:8e: 01:be:21:14:38:50:4b:0c:55:5d:71:38:8c:94:fb:d5:7d:f1: 1f:69:25:25:88:79:c8:30:c4:13:f0:2c:1c:6a:3c:35:cf:f9: b3:69:97:f5:d0:6f:c5:8c:2b:d6:bb:80:e3:a1:a7:15:71:57: c6:03:ad:08:60:21:c4:21:a9:13:1c:c9:03:aa:ec:52:dd:52: 6e:ff:fc:99:ae:44:b4:d3:b5:82:f0:90:1c:ea:01:b7:91:af: a1:90:75:69:5b:3b:29:d4:db:ec:65:bf:36:f1:41:80:4f:2a: 84:85:07:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3xZudpKf/9YYxaBaAKC7QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzZjNmZTYwNzUwODJiZThlNTg4MzI5YjQzZDc2MWJmNmU3 YjAxZDAwHhcNMjUxMjE5MTgwMDU1WhcNMjUxMjIwMTgwMDU1WjAzMTEwLwYDVQQD EyhhZjE1N2FjOGExMTM5MDYxYWNlZjIzNzU4NGJkYzQ2ODNmMWUxMDQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZRvJNhAZ8Lz2JIL+ycgIwESKMD5 bEIsI8uNJqJjYTH0DxK7UGm77AJCy10Sz4bDOqJsmISnbuUPE/O0kO2BuczbNw7j xZZU6AP+utdt5JQzMU5/bC+0rEvpGJun0AKjKUYBS0kAEqqy8vJHmfcgRjXLxgA7 gaja5tXr51WZDq+3f0kLIZ3KQq+K976xY/Y6YiNpqZDi3LJ1+wOLWMIaPZstC7zb qDxxFtiGv+ckOXhUBbkNxx+j43HHk0lQjSENzIyH0CMITsQeELLyiHXVCbE7AI8H +7IHufFu5CEhxhQNt8ZPBE6shWRD1ZRzfC5yxe1Vdq2rLfY0rx/mLe+KrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK8VesihE5BhrO8jdYS9xGg/HhBIMB8GA1UdIwQY MBaAFAPz/mB1CCvo5Ygym0PXYb9uewHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMt ODJkYWZlMTA0YmM1LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMtODJkYWZlMTA0YmM1 LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEWDt5Sg FxMOPz+O/j6v8LKPCOsgEsIrNA7RvHK08nHz6LXBtEDLJPyetNj8vSaGKj5dXU2e NDsgE67DTMoLrbLMF+y4y03VO2cL1POHo7wVRffnLsro6rQ4MTnaWVaJSMjGzHBw gi0xYIm7DRKI1JFfB/Ndssrd00LT76gow6/XCx3/Vbb+jgNHaxBsK8GOAb4hFDhQ SwxVXXE4jJT71X3xH2klJYh5yDDEE/AsHGo8Nc/5s2mX9dBvxYwr1ruA46GnFXFX xgOtCGAhxCGpExzJA6rsUt1Sbv/8ma5EtNO1gvCQHOoBt5GvoZB1aVs7KdTb7GW/ NvFBgE8qhIUHtw== -----END CERTIFICATE-----Generated at Fri Dec 19 20:27:18 2025 by rpki-client