This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json) Hash identifier: QRUjTJyx8YEGqCGyRM9my9W/OXW/JjHLAeAuFZia36Q= Subject key identifier: 71:8F:91:AA:B9:41:7C:18:FF:77:47:22:97:76:F3:49:53:BA:F5:7A Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e Certificate serial: 019B33B240714D390EDB9E1755FB0FCF4625 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft Manifest number: 1783 Signing time: Thu 18 Dec 2025 23:01:18 +0000 Manifest this update: Thu 18 Dec 2025 23:01:18 +0000 Manifest next update: Fri 19 Dec 2025 23:01:18 +0000 Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: /y/CR5pf0Igiqxbo0gkUI+8fdmuh1Vs6smD42a0jGU0=) 2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b2:40:71:4d:39:0e:db:9e:17:55:fb:0f:cf:46:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e Validity Not Before: Dec 18 23:01:18 2025 GMT Not After : Dec 19 23:01:18 2025 GMT Subject: CN=718f91aab9417c18ff7747229776f34953baf57a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:dc:81:c4:af:e3:1b:9b:68:ac:df:fa:9d:7c: 70:78:77:5b:fe:a9:d7:6d:79:fd:c7:b7:bb:56:fc: dc:29:7a:5a:4b:6e:ef:df:04:21:1a:97:52:6c:80: aa:80:e9:18:b4:d8:75:2b:8d:d1:e0:ac:9d:0e:e6: 84:b4:88:9f:ec:a4:70:de:45:b6:25:3f:02:91:e9: 7a:d6:06:a7:81:0e:e2:cc:92:0c:e3:5a:3b:a8:64: 7a:83:f1:27:b7:62:b2:13:37:07:66:43:c1:1c:09: af:5b:02:03:46:11:9d:cd:1b:d7:1e:d0:a4:cb:87: df:96:a5:cf:25:08:0f:92:9e:40:61:07:4e:6f:cd: 85:d4:8b:e5:b4:c0:88:2d:1d:7e:fe:b2:b0:43:3a: 58:28:ad:19:6c:82:59:a6:55:98:b7:de:e2:d1:98: a6:f5:54:db:79:73:ff:fa:e6:3f:ad:9f:e9:d7:65: 34:32:ff:ab:99:4b:6f:f9:56:13:c4:97:ab:10:9e: b7:aa:38:d1:4d:2e:45:4a:62:5f:0a:99:6e:bc:07: f5:55:1b:09:91:83:88:fc:4a:a5:50:2f:17:05:f8: 09:49:26:de:4f:cd:49:c1:d4:b8:47:54:2b:4b:9d: 6d:ee:b0:43:f4:4b:19:48:a9:03:d3:71:2e:ca:50: 8e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:8F:91:AA:B9:41:7C:18:FF:77:47:22:97:76:F3:49:53:BA:F5:7A X509v3 Authority Key Identifier: keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:05:e3:f6:9d:73:9c:7f:e9:5a:20:f5:0f:e3:bb:2a:5d:ab: f1:f8:1f:3f:99:fb:e6:cc:bb:8f:65:d7:84:e9:21:5a:54:50: fd:9c:1e:a1:82:f5:31:6e:e4:9d:b9:27:61:b6:48:52:20:cf: 99:59:43:0d:1a:a5:a0:5b:5c:97:f3:08:ab:9c:11:39:e2:2f: dc:1b:f4:07:95:cf:b0:60:e5:c3:83:60:18:89:16:05:07:c5: d9:c7:d3:05:0f:ce:87:b0:27:03:9f:f1:a8:af:93:4e:ca:b6: 12:05:92:07:05:8e:69:4f:e0:7b:02:97:00:5a:0e:bb:7e:cb: 0e:36:04:9d:6e:2f:06:ec:27:43:d4:54:30:0a:2e:1f:80:7b: 09:80:8f:e0:4a:47:c1:49:dd:b5:f9:6f:6d:4e:ca:fc:49:55: ca:75:9b:ea:83:c9:a8:35:0a:5e:52:05:90:91:6b:30:77:82: b0:87:36:32:fb:0b:c0:69:26:8a:96:fb:00:53:f8:a0:08:08: eb:76:a0:a7:d4:80:f0:90:b5:41:83:a9:29:02:df:dc:74:e3: 9a:1a:0f:51:cf:30:10:91:df:4d:18:1a:6e:d4:d2:be:b2:51: 08:7e:55:0f:d6:ad:b3:03:70:98:7c:d7:8f:d9:ea:5e:1e:42: 8e:3a:92:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszskBxTTkO254XVfsPz0YlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw YWFjMWUwHhcNMjUxMjE4MjMwMTE4WhcNMjUxMjE5MjMwMTE4WjAzMTEwLwYDVQQD Eyg3MThmOTFhYWI5NDE3YzE4ZmY3NzQ3MjI5Nzc2ZjM0OTUzYmFmNTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9yBxK/jG5torN/6nXxweHdb/qnX bXn9x7e7VvzcKXpaS27v3wQhGpdSbICqgOkYtNh1K43R4KydDuaEtIif7KRw3kW2 JT8Ckel61gangQ7izJIM41o7qGR6g/Ent2KyEzcHZkPBHAmvWwIDRhGdzRvXHtCk y4fflqXPJQgPkp5AYQdOb82F1IvltMCILR1+/rKwQzpYKK0ZbIJZplWYt97i0Zim 9VTbeXP/+uY/rZ/p12U0Mv+rmUtv+VYTxJerEJ63qjjRTS5FSmJfCpluvAf1VRsJ kYOI/EqlUC8XBfgJSSbeT81JwdS4R1QrS51t7rBD9EsZSKkD03EuylCOlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHGPkaq5QXwY/3dHIpd280lTuvV6MB8GA1UdIwQY MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgXj9p1z nH/pWiD1D+O7Kl2r8fgfP5n75sy7j2XXhOkhWlRQ/ZweoYL1MW7knbknYbZIUiDP mVlDDRqloFtcl/MIq5wROeIv3Bv0B5XPsGDlw4NgGIkWBQfF2cfTBQ/Oh7AnA5/x qK+TTsq2EgWSBwWOaU/gewKXAFoOu37LDjYEnW4vBuwnQ9RUMAouH4B7CYCP4EpH wUndtflvbU7K/ElVynWb6oPJqDUKXlIFkJFrMHeCsIc2MvsLwGkmipb7AFP4oAgI 63agp9SA8JC1QYOpKQLf3HTjmhoPUc8wEJHfTRgabtTSvrJRCH5VD9atswNwmHzX j9nqXh5CjjqSuw== -----END CERTIFICATE-----Generated at Fri Dec 19 04:52:37 2025 by rpki-client