This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json) Hash identifier: JP4RRQPicIu687DlL/Ca0UIzcTskyk6xNLRyz8achSI= Subject key identifier: F2:5E:4A:04:F9:0E:FD:2D:CF:DB:C0:32:17:AF:57:71:20:0B:C8:E1 Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d Certificate serial: 019B1F8737C61D01C2720F85AE53892A0C40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft Manifest number: 09AD Signing time: Mon 15 Dec 2025 01:01:53 +0000 Manifest this update: Mon 15 Dec 2025 01:01:53 +0000 Manifest next update: Tue 16 Dec 2025 01:01:53 +0000 Files and hashes: 1: 5m0E4hrlymj_oPq4RutDZTBvpFc.roa (hash: D3u2GpmWvvHTn4HOSLwFPi92ntWCyeD4rYP1qp5He0g=) 2: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: 1MaEXZgBcunpy2uRfhU5s8DUp9iQx1M9f+o0cTTjclg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:87:37:c6:1d:01:c2:72:0f:85:ae:53:89:2a:0c:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d Validity Not Before: Dec 15 01:01:53 2025 GMT Not After : Dec 16 01:01:53 2025 GMT Subject: CN=f25e4a04f90efd2dcfdbc03217af5771200bc8e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5c:60:03:63:c7:f9:32:97:d8:61:b0:05:f9: 4e:14:98:98:ed:66:26:3b:1b:74:c0:39:1b:17:80: d9:6c:a0:56:5f:de:c3:42:12:19:25:e4:22:8d:11: fa:a4:49:83:36:e7:1e:09:35:5b:11:fa:a7:ef:75: fe:aa:ae:2e:bb:1d:cb:ba:fa:31:42:51:46:91:45: a7:5c:e4:7d:e7:d8:bc:35:ea:ad:f7:b0:99:ee:a0: 22:0e:d6:b3:d8:0d:0e:82:ce:c7:9c:dd:c9:a1:16: 9b:f8:62:5a:3a:2f:06:25:c9:60:54:c7:9c:0b:f0: 76:59:17:d8:22:86:b3:03:a8:75:0c:b7:60:49:42: 5b:49:9a:33:7a:dd:5d:7e:c2:1b:cc:9b:d1:b1:a9: f8:d3:74:25:37:15:3e:f2:7d:99:d8:88:ae:33:d4: ce:37:a8:63:73:06:4c:f3:ee:fe:4d:99:ae:2f:2a: d1:48:74:b1:a2:ed:ce:aa:5c:1a:25:22:3c:13:68: 3f:b4:22:ef:b7:59:46:2d:b4:5c:1a:d7:77:31:8a: 93:0c:86:79:7a:fa:93:8d:52:1a:3c:9a:63:81:c3: b3:24:12:99:a1:33:2f:ed:42:18:54:7a:b8:73:a8: 17:d5:65:75:e6:7f:2d:a9:76:22:3e:4d:df:a6:d9: 9d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:5E:4A:04:F9:0E:FD:2D:CF:DB:C0:32:17:AF:57:71:20:0B:C8:E1 X509v3 Authority Key Identifier: keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:a3:14:4c:66:9d:d3:ef:8f:56:a4:26:de:9d:18:d3:ae:25: 36:ec:7b:73:69:18:fd:54:0c:5e:61:43:8c:fe:c2:0a:d1:37: 3a:23:1c:6e:1a:73:f1:60:37:49:07:a1:78:12:29:78:b6:27: ab:be:63:53:07:42:23:57:7b:18:61:4c:55:14:62:fc:90:90: 11:e3:3b:cd:a2:17:a1:44:08:e0:c8:2d:5e:c0:ef:db:8b:c5: 63:0e:f8:73:bf:bf:96:07:e2:a9:7b:96:87:a7:c9:db:d8:e1: 42:13:e1:02:26:04:ed:8f:d7:c9:e6:74:59:2f:b4:6e:fa:18: e7:9f:13:d5:32:15:22:4a:97:10:cf:2a:d2:6b:7e:b8:c6:5e: d5:be:54:4a:d0:b2:c6:10:9c:28:5b:7c:0f:4b:79:6e:75:7d: 2c:8c:1d:8f:33:f5:12:3b:bd:1b:f5:2a:5c:95:bc:fc:32:6b: 05:dc:13:f6:c8:0d:0b:d2:62:ee:10:a4:12:b0:f3:95:23:58: 75:58:47:df:30:e0:c1:77:13:e4:e2:15:6d:66:6d:3d:e9:52: e1:4b:40:5f:8e:39:7d:cc:1e:13:75:4a:aa:82:3c:88:b8:33: 70:16:3d:c8:8c:93:f4:29:d7:eb:e2:e1:43:c0:e0:bc:87:df: 1b:62:b2:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfhzfGHQHCcg+FrlOJKgxAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0 MDQzM2QwHhcNMjUxMjE1MDEwMTUzWhcNMjUxMjE2MDEwMTUzWjAzMTEwLwYDVQQD EyhmMjVlNGEwNGY5MGVmZDJkY2ZkYmMwMzIxN2FmNTc3MTIwMGJjOGUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFxgA2PH+TKX2GGwBflOFJiY7WYm Oxt0wDkbF4DZbKBWX97DQhIZJeQijRH6pEmDNuceCTVbEfqn73X+qq4uux3Luvox QlFGkUWnXOR959i8Neqt97CZ7qAiDtaz2A0Ogs7HnN3JoRab+GJaOi8GJclgVMec C/B2WRfYIoazA6h1DLdgSUJbSZozet1dfsIbzJvRsan403QlNxU+8n2Z2IiuM9TO N6hjcwZM8+7+TZmuLyrRSHSxou3OqlwaJSI8E2g/tCLvt1lGLbRcGtd3MYqTDIZ5 evqTjVIaPJpjgcOzJBKZoTMv7UIYVHq4c6gX1WV15n8tqXYiPk3fptmdTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJeSgT5Dv0tz9vAMhevV3EgC8jhMB8GA1UdIwQY MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2 LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhqMUTGad 0++PVqQm3p0Y064lNux7c2kY/VQMXmFDjP7CCtE3OiMcbhpz8WA3SQeheBIpeLYn q75jUwdCI1d7GGFMVRRi/JCQEeM7zaIXoUQI4MgtXsDv24vFYw74c7+/lgfiqXuW h6fJ29jhQhPhAiYE7Y/XyeZ0WS+0bvoY558T1TIVIkqXEM8q0mt+uMZe1b5UStCy xhCcKFt8D0t5bnV9LIwdjzP1Eju9G/UqXJW8/DJrBdwT9sgNC9Ji7hCkErDzlSNY dVhH3zDgwXcT5OIVbWZtPelS4UtAX445fcweE3VKqoI8iLgzcBY9yIyT9CnX6+Lh Q8DgvIffG2KyjQ== -----END CERTIFICATE-----Generated at Mon Dec 15 04:59:41 2025 by rpki-client