This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft File: AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json) Hash identifier: Wuxth0U5ERdwx4n5MdIcDMa74VO6OIdqLr4rFEsSEYg= Subject key identifier: 73:A5:6D:B6:D7:F3:ED:6C:E2:15:33:18:74:09:39:37:FF:91:91:4D Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C Certificate issuer: /CN=0248417c7fe9ccec5b9daacc08fce799d673088c Certificate serial: 019B3A916869192831B163E33A1D5BC55FE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft Manifest number: 0FBD Signing time: Sat 20 Dec 2025 07:02:46 +0000 Manifest this update: Sat 20 Dec 2025 07:02:46 +0000 Manifest next update: Sun 21 Dec 2025 07:02:46 +0000 Files and hashes: 1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: jrxa25UH3r8MhGPPmpvGyXedem3WrIv5jKdeRqLVAHw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:91:68:69:19:28:31:b1:63:e3:3a:1d:5b:c5:5f:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c Validity Not Before: Dec 20 07:02:46 2025 GMT Not After : Dec 21 07:02:46 2025 GMT Subject: CN=73a56db6d7f3ed6ce215331874093937ff91914d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4f:8a:da:2c:9a:70:f9:46:68:b9:d5:77:75: 52:be:55:ec:36:a4:ae:ff:81:7c:0c:de:2d:0d:2d: 19:43:fb:b9:d0:9c:c5:f2:d8:dc:0c:0b:ef:eb:62: 47:e5:44:f3:a9:27:77:cb:b4:af:80:e4:b8:32:26: d2:32:6f:1f:9a:83:66:04:ac:bd:9e:40:6b:a4:d3: d2:f9:81:2d:9b:06:af:4f:34:0f:8a:bf:50:72:43: 3c:c3:e0:30:ba:02:75:22:0f:64:d5:15:09:05:ab: 91:da:84:4b:fc:63:1f:72:ca:cf:09:9f:ef:25:6e: c9:5f:f8:1e:cd:06:bc:79:e9:93:21:5f:da:b9:0d: d6:2c:67:3a:3f:59:74:7b:ba:2e:89:df:e4:a8:f5: 5f:f6:05:9a:0a:08:05:69:f2:ab:30:a8:71:0f:cc: 8a:1d:f1:a5:48:ae:11:f3:61:5a:1f:79:94:98:50: 75:03:56:b7:73:cd:39:0d:f9:8d:9d:60:24:23:86: da:0b:b3:21:62:7d:db:14:57:1f:b5:cc:6f:78:95: 76:e7:15:f2:f2:57:ce:d0:99:e2:99:9a:f0:a0:89: 0e:19:eb:b6:70:25:63:93:86:f2:51:2a:dd:f7:2e: 26:f7:08:b1:4f:a8:63:bc:40:00:2d:4e:f9:00:4f: 4a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:A5:6D:B6:D7:F3:ED:6C:E2:15:33:18:74:09:39:37:FF:91:91:4D X509v3 Authority Key Identifier: keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:86:39:dd:d7:ce:3f:3f:89:14:35:4a:87:51:5b:cc:c4:9c: 2d:26:40:64:d0:81:cc:7b:ef:73:14:3f:f3:f7:92:7e:97:db: f4:fd:61:65:9f:04:99:9d:18:0a:24:2b:eb:0f:c5:55:29:3f: 5e:39:19:09:c8:7a:18:77:12:65:f0:34:a3:87:9f:4e:72:fe: a1:62:f4:03:82:57:3e:88:b8:79:b8:8a:06:51:35:d3:8d:cc: 35:70:b8:b1:0b:f0:7f:7a:15:11:a4:86:b2:f0:4c:9b:f1:5b: 39:97:7d:a2:72:58:0c:7e:aa:30:21:17:2e:f7:10:ea:26:26: fb:df:f7:6e:59:e4:ea:fb:a7:ab:6c:1a:c3:7f:2c:2f:40:60: 07:14:45:d2:17:85:af:32:8d:80:cc:fc:e5:f3:53:0b:c1:3a: c8:1b:28:f1:d5:d8:64:56:ef:4f:a4:4b:16:57:93:0c:ca:2c: a0:19:4a:da:f7:37:72:41:a7:90:03:4f:0d:05:56:d0:1e:00: 4e:93:14:85:b0:d4:3d:2f:ba:11:43:4a:25:9b:86:08:8f:6b: 57:f9:e2:5d:b5:85:22:2f:da:5a:26:1d:7d:88:68:a3:32:29: b5:5a:a5:81:df:08:7a:f3:d7:7b:ec:9e:05:3e:54:e4:42:2f: d1:31:16:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kWhpGSgxsWPjOh1bxV/iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3 MzA4OGMwHhcNMjUxMjIwMDcwMjQ2WhcNMjUxMjIxMDcwMjQ2WjAzMTEwLwYDVQQD Eyg3M2E1NmRiNmQ3ZjNlZDZjZTIxNTMzMTg3NDA5MzkzN2ZmOTE5MTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U+K2iyacPlGaLnVd3VSvlXsNqSu /4F8DN4tDS0ZQ/u50JzF8tjcDAvv62JH5UTzqSd3y7SvgOS4MibSMm8fmoNmBKy9 nkBrpNPS+YEtmwavTzQPir9QckM8w+AwugJ1Ig9k1RUJBauR2oRL/GMfcsrPCZ/v JW7JX/gezQa8eemTIV/auQ3WLGc6P1l0e7ouid/kqPVf9gWaCggFafKrMKhxD8yK HfGlSK4R82FaH3mUmFB1A1a3c805DfmNnWAkI4baC7MhYn3bFFcftcxveJV25xXy 8lfO0JnimZrwoIkOGeu2cCVjk4byUSrd9y4m9wixT6hjvEAALU75AE9KAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHOlbbbX8+1s4hUzGHQJOTf/kZFNMB8GA1UdIwQY MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2 LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkoY53dfO Pz+JFDVKh1FbzMScLSZAZNCBzHvvcxQ/8/eSfpfb9P1hZZ8EmZ0YCiQr6w/FVSk/ XjkZCch6GHcSZfA0o4efTnL+oWL0A4JXPoi4ebiKBlE1043MNXC4sQvwf3oVEaSG svBMm/FbOZd9onJYDH6qMCEXLvcQ6iYm+9/3blnk6vunq2waw38sL0BgBxRF0heF rzKNgMz85fNTC8E6yBso8dXYZFbvT6RLFleTDMosoBlK2vc3ckGnkANPDQVW0B4A TpMUhbDUPS+6EUNKJZuGCI9rV/niXbWFIi/aWiYdfYhoozIptVqlgd8IevPXe+ye BT5U5EIv0TEWnQ== -----END CERTIFICATE-----Generated at Sat Dec 20 10:44:57 2025 by rpki-client