This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft File: ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft (raw, json) Hash identifier: Ucf7svlhuKtWs0FdGHRLkjjXODKwtWPZUWxe5SoKZIg= Subject key identifier: 8A:6A:B9:FF:E5:AD:CA:79:B0:72:DA:E4:10:45:43:C6:B5:A1:5D:2F Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF Certificate issuer: /CN=0291d4de130da6aace22ed99650be182497e0bcf Certificate serial: 019B51BC05D17591AC2885997ADCD0EDE928 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft Manifest number: 1792 Signing time: Wed 24 Dec 2025 19:00:35 +0000 Manifest this update: Wed 24 Dec 2025 19:00:35 +0000 Manifest next update: Thu 25 Dec 2025 19:00:35 +0000 Files and hashes: 1: ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl (hash: bxCNlwPMK6Br/7AckPIL/buUa63pPDDGzOc9jBdPbOE=) 2: Bbv2QAFPf4Szau3NTd0aayAiypc.roa (hash: cRocTgGmyLRnpI3qcdUdz3Vd6OE/CS3oghy6+UyVfVc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:05:d1:75:91:ac:28:85:99:7a:dc:d0:ed:e9:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf Validity Not Before: Dec 24 19:00:35 2025 GMT Not After : Dec 25 19:00:35 2025 GMT Subject: CN=8a6ab9ffe5adca79b072dae4104543c6b5a15d2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:18:1e:c9:3e:ed:21:36:1a:7e:0b:7a:1c:97: d7:ee:71:ce:bf:a1:de:bb:c8:c7:09:33:ed:07:82: c7:c2:44:fb:59:ad:ec:b2:83:67:55:b4:aa:8b:5d: 8b:ad:cc:25:7e:c0:eb:ca:59:b7:2d:7f:e6:cc:c0: d8:fe:8e:c7:52:e8:18:e7:4d:ed:10:b0:19:5f:98: 65:4c:c9:ab:47:f5:11:63:cd:17:2d:15:ae:39:70: 59:42:4c:ef:5e:16:d8:45:cf:45:f2:9f:92:c8:f4: fd:0b:cd:d9:9f:8e:09:dc:c1:07:06:a0:d5:0f:4c: c7:4a:7b:ce:56:bb:79:a2:fb:3a:46:3c:42:12:a3: ec:e5:c3:f9:49:60:ef:71:b1:a2:b3:eb:68:9d:45: 90:de:b0:60:c2:09:8f:fd:f1:8f:da:93:49:d1:93: 93:99:5b:c6:dd:0c:d2:82:80:ac:8a:6d:db:98:02: c0:15:e3:2a:3b:2f:e4:c7:22:61:00:82:6f:bb:d9: 59:ed:f2:01:36:6b:f8:15:ea:6b:56:fb:d7:be:37: 98:e6:1b:b5:38:9c:30:eb:05:6d:3d:d0:f8:6d:9b: 1d:ca:47:f1:e6:90:ab:7d:c1:c7:75:a9:87:99:8c: 8b:d1:3b:97:6d:c7:dc:ae:23:ac:82:e1:34:fb:d8: 0e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:6A:B9:FF:E5:AD:CA:79:B0:72:DA:E4:10:45:43:C6:B5:A1:5D:2F X509v3 Authority Key Identifier: keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:e5:c2:ed:e1:14:d2:85:8f:32:11:47:0b:16:c1:d5:e6:85: 9f:2f:66:a7:d4:31:7e:20:b1:e7:a9:50:3a:3d:79:03:f7:e9: 2a:c7:c5:d2:51:25:74:98:81:db:e3:88:0e:fd:b2:66:41:89: dc:5c:03:23:92:65:ab:2e:01:7b:39:74:3a:44:8b:71:5f:ac: 1d:45:bd:b2:83:91:94:fd:10:f8:49:67:0b:d6:73:b3:3e:77: c6:6b:f1:90:ae:92:68:db:28:22:b8:4c:91:ad:9c:65:51:2b: 8e:7e:c4:6f:88:ab:4c:0c:bc:ba:24:cd:f1:de:49:69:a0:c1: 3a:59:46:bb:d6:d1:bb:9e:9d:6f:d4:db:c3:04:8d:f5:fb:19: 67:80:48:21:55:91:4d:8a:0f:c7:df:14:62:40:a1:60:1a:75: 66:94:6f:b9:d8:d1:04:b6:5c:d2:27:b5:4b:03:7f:0b:e8:78: 31:0e:0a:43:05:95:61:4e:39:aa:d7:8d:13:74:15:65:af:15: 8e:5d:0c:9f:59:86:01:1b:31:3e:77:79:8a:ff:1c:dc:63:19: cb:0c:c1:4e:fa:35:cf:25:6d:c3:ca:c4:22:b2:e7:ab:75:b4: 66:07:27:3d:83:d4:53:66:14:18:ec:a9:d2:97:4a:9a:12:2f: 21:f9:54:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvAXRdZGsKIWZetzQ7ekoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3 ZTBiY2YwHhcNMjUxMjI0MTkwMDM1WhcNMjUxMjI1MTkwMDM1WjAzMTEwLwYDVQQD Eyg4YTZhYjlmZmU1YWRjYTc5YjA3MmRhZTQxMDQ1NDNjNmI1YTE1ZDJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBgeyT7tITYafgt6HJfX7nHOv6He u8jHCTPtB4LHwkT7Wa3ssoNnVbSqi12LrcwlfsDrylm3LX/mzMDY/o7HUugY503t ELAZX5hlTMmrR/URY80XLRWuOXBZQkzvXhbYRc9F8p+SyPT9C83Zn44J3MEHBqDV D0zHSnvOVrt5ovs6RjxCEqPs5cP5SWDvcbGis+tonUWQ3rBgwgmP/fGP2pNJ0ZOT mVvG3QzSgoCsim3bmALAFeMqOy/kxyJhAIJvu9lZ7fIBNmv4FeprVvvXvjeY5hu1 OJww6wVtPdD4bZsdykfx5pCrfcHHdamHmYyL0TuXbcfcriOsguE0+9gOAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIpquf/lrcp5sHLa5BBFQ8a1oV0vMB8GA1UdIwQY MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt Nzc4MTY4MTA3N2Y3LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3 LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeXC7eEU 0oWPMhFHCxbB1eaFny9mp9QxfiCx56lQOj15A/fpKsfF0lEldJiB2+OIDv2yZkGJ 3FwDI5Jlqy4Bezl0OkSLcV+sHUW9soORlP0Q+ElnC9Zzsz53xmvxkK6SaNsoIrhM ka2cZVErjn7Eb4irTAy8uiTN8d5JaaDBOllGu9bRu56db9TbwwSN9fsZZ4BIIVWR TYoPx98UYkChYBp1ZpRvudjRBLZc0ie1SwN/C+h4MQ4KQwWVYU45qteNE3QVZa8V jl0Mn1mGARsxPnd5iv8c3GMZywzBTvo1zyVtw8rEIrLnq3W0ZgcnPYPUU2YUGOyp 0pdKmhIvIflUFg== -----END CERTIFICATE-----Generated at Thu Dec 25 04:35:45 2025 by rpki-client