This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft File: avqwkWjnzGa2Y8YWLVyNRUllzOI.mft (raw, json) Hash identifier: Wdon4Y349TIiHgSsuswmek/MQpizX5gH9iAQMTkc9e0= Subject key identifier: 6E:49:8C:92:4F:6E:B6:67:5E:77:E2:F3:B8:9C:C9:CB:A1:68:00:21 Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2 Certificate issuer: /CN=6afab09168e7cc66b663c6162d5c8d454965cce2 Certificate serial: 019B372153FC82E00F54EE8B6FDF563411C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft Manifest number: 1786 Signing time: Fri 19 Dec 2025 15:01:29 +0000 Manifest this update: Fri 19 Dec 2025 15:01:29 +0000 Manifest next update: Sat 20 Dec 2025 15:01:29 +0000 Files and hashes: 1: 5xRTqzcHFHVQo8fAk9jdOEDWcNo.roa (hash: o6t7ExGzOX2KWBxMdFDPPoJaZWdADyyPaXoKd8DGN1w=) 2: avqwkWjnzGa2Y8YWLVyNRUllzOI.crl (hash: m/TQ8KvMUSgrw+rtX7tWJlYv5rMcSuAuHoO/wQxKJlc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 15:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:21:53:fc:82:e0:0f:54:ee:8b:6f:df:56:34:11:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2 Validity Not Before: Dec 19 15:01:29 2025 GMT Not After : Dec 20 15:01:29 2025 GMT Subject: CN=6e498c924f6eb6675e77e2f3b89cc9cba1680021 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2f:b7:8e:eb:eb:6f:43:9b:2d:47:16:73:0e: 03:16:4b:f4:43:47:86:9f:de:6f:64:be:eb:d4:dd: f6:a8:3e:c6:7d:f4:a7:12:83:a5:80:c3:8d:f1:b5: 58:50:ac:6f:9d:ed:c7:3e:03:bd:55:2d:4a:8e:48: 08:e5:ed:64:a1:47:fa:42:3b:d1:93:d9:b3:0c:e3: 3a:81:3a:e3:d0:c1:56:29:aa:f1:68:6b:08:42:b5: c8:1f:65:ce:cd:1b:cf:14:dc:c2:20:b3:20:7c:4c: af:e6:aa:a2:b4:f4:9c:c3:20:79:84:9e:17:f8:77: a7:79:54:24:65:ff:6a:0d:ff:45:0d:b7:d3:75:82: fc:9b:db:a5:2a:fd:57:c1:fb:2b:a9:f7:56:64:35: 96:f7:bc:82:5e:20:d6:14:34:ea:c3:33:5e:82:76: 87:bd:8b:9a:6a:aa:a5:9e:a0:ab:fe:88:70:1e:c4: 20:2b:89:b3:7a:71:13:32:b8:63:fe:7d:4b:03:28: eb:89:39:60:23:11:c3:09:cb:09:f9:b3:1f:43:8b: 20:1c:a0:cf:d9:68:44:73:8e:fb:8e:0e:91:61:e1: a5:40:be:34:62:67:8c:c2:29:75:c3:a7:17:e5:6b: d7:6d:68:fa:71:a5:78:d1:87:9d:36:d7:f2:54:cf: 1c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:49:8C:92:4F:6E:B6:67:5E:77:E2:F3:B8:9C:C9:CB:A1:68:00:21 X509v3 Authority Key Identifier: keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:7c:e1:42:70:18:c0:a5:14:94:94:e1:91:92:9e:bb:29:a3: f0:b9:18:ec:e1:21:46:0c:c2:a5:63:ae:7a:ce:e7:b3:44:db: 51:86:9e:dc:b2:a5:45:ca:90:0a:c8:54:dc:bc:8d:32:1d:c6: 93:6a:5f:f6:20:23:3d:92:c2:d5:cb:fc:24:f8:08:24:f0:98: 64:9f:93:25:c7:96:87:31:96:35:7a:ec:35:dd:e0:9c:d9:16: 11:8d:21:bb:5c:78:e0:c4:e2:5e:4f:64:7e:bd:4e:22:6b:05: d8:29:02:e7:68:70:fa:ee:96:fc:fa:a3:0e:13:e4:30:0b:5b: 57:d4:4d:e7:3d:3b:cd:46:11:01:00:39:27:81:77:38:a8:73: b2:26:05:2c:c2:2c:27:e1:10:b3:10:37:41:c8:4f:c8:a6:28: ae:4d:cd:33:a2:ab:ec:12:3f:7b:d3:77:67:84:0d:70:3a:f5: be:51:28:8a:b3:66:ae:b5:48:8b:e9:bf:ce:6e:48:e5:b0:fe: 7a:f5:ff:f4:4e:9e:85:7c:af:2b:c1:ea:3e:51:16:04:7f:ab: 93:44:cd:8d:45:76:26:71:19:cb:7d:e8:88:8d:0d:dc:75:4d: cb:cb:b7:3e:ed:6c:ec:bb:65:c2:f8:4f:2b:13:e0:86:58:2a: af:c0:52:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3IVP8guAPVO6Lb99WNBHFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2 NWNjZTIwHhcNMjUxMjE5MTUwMTI5WhcNMjUxMjIwMTUwMTI5WjAzMTEwLwYDVQQD Eyg2ZTQ5OGM5MjRmNmViNjY3NWU3N2UyZjNiODljYzljYmExNjgwMDIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC+3juvrb0ObLUcWcw4DFkv0Q0eG n95vZL7r1N32qD7GffSnEoOlgMON8bVYUKxvne3HPgO9VS1KjkgI5e1koUf6QjvR k9mzDOM6gTrj0MFWKarxaGsIQrXIH2XOzRvPFNzCILMgfEyv5qqitPScwyB5hJ4X +HeneVQkZf9qDf9FDbfTdYL8m9ulKv1XwfsrqfdWZDWW97yCXiDWFDTqwzNegnaH vYuaaqqlnqCr/ohwHsQgK4mzenETMrhj/n1LAyjriTlgIxHDCcsJ+bMfQ4sgHKDP 2WhEc477jg6RYeGlQL40YmeMwil1w6cX5WvXbWj6caV40YedNtfyVM8cswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG5JjJJPbrZnXnfi87icycuhaAAhMB8GA1UdIwQY MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt NWYzMzgxYjA3MWRhLzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk3zhQnAY wKUUlJThkZKeuymj8LkY7OEhRgzCpWOues7ns0TbUYae3LKlRcqQCshU3LyNMh3G k2pf9iAjPZLC1cv8JPgIJPCYZJ+TJceWhzGWNXrsNd3gnNkWEY0hu1x44MTiXk9k fr1OImsF2CkC52hw+u6W/PqjDhPkMAtbV9RN5z07zUYRAQA5J4F3OKhzsiYFLMIs J+EQsxA3QchPyKYork3NM6Kr7BI/e9N3Z4QNcDr1vlEoirNmrrVIi+m/zm5I5bD+ evX/9E6ehXyvK8HqPlEWBH+rk0TNjUV2JnEZy33oiI0N3HVNy8u3Pu1s7LtlwvhP KxPghlgqr8BSAw== -----END CERTIFICATE-----Generated at Sat Dec 20 00:20:07 2025 by rpki-client