This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json) Hash identifier: 2oMfM7vaYLeo5XgG7aeWtdE7BfhgebqdNnnKD9ziI1E= Subject key identifier: 36:20:97:01:BE:3E:39:44:27:35:A5:55:0B:74:C7:00:71:DF:AF:8A Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d Certificate serial: 019B1BAA6A92721CB529BBC992958BAAD224 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft Manifest number: 09AB Signing time: Sun 14 Dec 2025 07:01:51 +0000 Manifest this update: Sun 14 Dec 2025 07:01:51 +0000 Manifest next update: Mon 15 Dec 2025 07:01:51 +0000 Files and hashes: 1: 5m0E4hrlymj_oPq4RutDZTBvpFc.roa (hash: D3u2GpmWvvHTn4HOSLwFPi92ntWCyeD4rYP1qp5He0g=) 2: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: MZhIBz/2DlFTJzFvGIx9AODs2u/he3D+lxtd55psJ1M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:aa:6a:92:72:1c:b5:29:bb:c9:92:95:8b:aa:d2:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d Validity Not Before: Dec 14 07:01:51 2025 GMT Not After : Dec 15 07:01:51 2025 GMT Subject: CN=36209701be3e39442735a5550b74c70071dfaf8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b4:bd:ff:1d:e5:83:3e:c5:5c:ef:bc:3f:cb: 23:89:65:62:0e:69:4f:a3:55:9d:06:fc:95:17:02: 2e:a1:ed:b0:49:0d:b0:b9:eb:3c:53:32:29:4a:32: 38:62:f8:30:60:fb:15:88:ee:1f:4b:fc:90:08:da: dc:74:cd:f1:db:7b:2d:4d:07:53:11:8b:0a:95:18: b8:3a:98:b4:e6:58:05:5e:3e:4f:db:75:53:e8:05: 5e:b4:66:c4:16:9e:b8:0a:4d:7c:66:e0:fc:12:64: 59:5b:71:50:04:89:8e:b5:73:a7:08:d6:45:5c:22: d4:57:51:d0:10:f9:7c:0d:af:94:85:33:70:14:42: c1:c4:1b:55:00:a7:dc:29:a5:a1:97:2a:73:c2:d7: e8:28:26:a4:d7:6e:3d:a8:41:31:bf:0c:d9:86:62: 7d:cc:b7:64:cc:f3:d0:b0:ea:d1:1c:d2:d9:13:f9: 04:fb:94:b4:96:1c:14:fe:c3:a8:16:c9:f3:e8:ed: cb:f7:e6:27:32:ae:49:77:13:f6:3b:10:b9:4f:9f: 66:c4:07:12:cc:46:84:04:25:62:59:9e:1e:35:78: 49:cf:1c:ff:95:33:bf:ce:b9:07:df:27:33:ab:72: 1e:6d:55:30:46:b2:b1:b2:be:6e:ee:b3:3a:4a:fd: 5b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:20:97:01:BE:3E:39:44:27:35:A5:55:0B:74:C7:00:71:DF:AF:8A X509v3 Authority Key Identifier: keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:83:eb:6d:cd:ba:38:f4:4e:df:8c:b6:df:82:8d:08:bb:3c: 6c:76:b9:97:71:35:3b:f2:e5:8a:da:18:32:a0:51:1d:92:fd: 28:21:ac:6c:3f:34:27:75:55:56:50:af:61:99:d2:87:dc:dd: 55:b9:75:6c:a1:87:2c:e0:7e:27:8b:c8:86:dd:91:59:7c:3b: f9:56:6e:77:46:a9:fb:b3:e0:37:a2:01:b7:0e:1f:49:d1:36: b7:f7:58:ed:9c:26:d2:c5:54:30:af:d2:09:40:0c:d9:ba:67: 53:2e:c0:c4:ce:60:4f:c3:d5:ba:03:3b:e3:bb:7f:92:0d:aa: 5f:fe:aa:0e:35:89:2e:1c:99:0b:c9:0b:d0:c2:32:5c:47:3b: ab:4f:55:28:b4:2c:01:51:6f:59:2c:60:f4:02:bd:6b:33:89: 9d:ba:30:92:11:00:e0:69:d1:a1:b7:07:be:b1:f6:b5:f0:f1: 16:88:74:0b:2c:3c:e8:5a:d9:fb:76:98:94:83:40:3a:e5:76: a2:17:b7:48:23:b5:d6:32:4d:e3:54:3a:8e:19:32:c3:bf:38: f3:8e:0c:33:d6:4c:49:95:91:b2:9f:7c:f7:66:52:76:5c:e4: 61:6d:1f:99:a4:d9:f2:c3:63:bb:37:e4:9d:1d:14:93:96:c1: b3:05:c7:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqmqSchy1KbvJkpWLqtIkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0 MDQzM2QwHhcNMjUxMjE0MDcwMTUxWhcNMjUxMjE1MDcwMTUxWjAzMTEwLwYDVQQD EygzNjIwOTcwMWJlM2UzOTQ0MjczNWE1NTUwYjc0YzcwMDcxZGZhZjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbS9/x3lgz7FXO+8P8sjiWViDmlP o1WdBvyVFwIuoe2wSQ2wues8UzIpSjI4YvgwYPsViO4fS/yQCNrcdM3x23stTQdT EYsKlRi4Opi05lgFXj5P23VT6AVetGbEFp64Ck18ZuD8EmRZW3FQBImOtXOnCNZF XCLUV1HQEPl8Da+UhTNwFELBxBtVAKfcKaWhlypzwtfoKCak1249qEExvwzZhmJ9 zLdkzPPQsOrRHNLZE/kE+5S0lhwU/sOoFsnz6O3L9+YnMq5JdxP2OxC5T59mxAcS zEaEBCViWZ4eNXhJzxz/lTO/zrkH3yczq3IebVUwRrKxsr5u7rM6Sv1bZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDYglwG+PjlEJzWlVQt0xwBx36+KMB8GA1UdIwQY MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2 LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYPrbc26 OPRO34y234KNCLs8bHa5l3E1O/LlitoYMqBRHZL9KCGsbD80J3VVVlCvYZnSh9zd Vbl1bKGHLOB+J4vIht2RWXw7+VZud0ap+7PgN6IBtw4fSdE2t/dY7Zwm0sVUMK/S CUAM2bpnUy7AxM5gT8PVugM747t/kg2qX/6qDjWJLhyZC8kL0MIyXEc7q09VKLQs AVFvWSxg9AK9azOJnbowkhEA4GnRobcHvrH2tfDxFoh0Cyw86FrZ+3aYlINAOuV2 ohe3SCO11jJN41Q6jhkyw784844MM9ZMSZWRsp9892ZSdlzkYW0fmaTZ8sNjuzfk nR0Uk5bBswXHoQ== -----END CERTIFICATE-----Generated at Sun Dec 14 13:40:08 2025 by rpki-client