This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft File: aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json) Hash identifier: xmJPXAc3SMDQL37PCigpL6CxXiZ9uSk2eY7tR7wuk4w= Subject key identifier: D5:20:E9:E0:BD:9C:F7:FE:FF:A0:5D:8D:C0:EC:D3:A3:E2:58:13:40 Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F Certificate issuer: /CN=681146303f5751ec0dfc2ef547aab247af4e681f Certificate serial: 019B631E3B8F6DB1491381D4FB89C108CC71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft Manifest number: 0E7C Signing time: Sun 28 Dec 2025 04:01:24 +0000 Manifest this update: Sun 28 Dec 2025 04:01:24 +0000 Manifest next update: Mon 29 Dec 2025 04:01:24 +0000 Files and hashes: 1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: w1/Ai4Toj/3/Se/h2itIjyfagNvdOdPewrhIIN8wogc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1e:3b:8f:6d:b1:49:13:81:d4:fb:89:c1:08:cc:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f Validity Not Before: Dec 28 04:01:24 2025 GMT Not After : Dec 29 04:01:24 2025 GMT Subject: CN=d520e9e0bd9cf7feffa05d8dc0ecd3a3e2581340 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:04:98:0d:44:8e:0c:b0:53:fc:8e:20:ed:21: 76:7b:01:cd:58:72:20:ea:3b:f0:3a:05:dc:96:98: 9f:9d:72:ff:e3:1e:21:07:ff:c9:01:81:e7:58:44: e5:92:58:d7:3a:06:cf:d0:f9:33:c3:6c:e6:95:6c: 0b:89:9a:6c:74:b1:7c:64:02:a7:c9:40:82:f7:42: af:50:c8:25:38:70:ec:59:19:96:ba:87:db:3a:45: 0b:17:f0:bd:bb:7b:90:09:ae:32:7b:6e:3d:65:25: f0:d7:6b:01:21:b5:4b:fb:7f:31:8b:4f:26:fa:54: 97:5a:2a:17:b7:c7:53:ab:9f:45:25:e0:ed:2e:5c: 21:06:23:f1:c9:2c:a1:9b:ce:66:07:0a:a7:fe:47: bc:06:c5:42:68:9f:5f:e0:6f:79:d9:d1:60:39:d7: ed:b0:e8:60:24:18:fd:8d:75:2f:85:7c:f1:ba:01: 10:0b:06:02:bc:21:42:b3:f9:3a:95:b8:85:07:ff: c7:38:a0:4f:20:99:8c:60:67:2f:89:a6:a2:ef:65: 02:a1:83:7b:70:02:e7:16:a7:9a:d6:9a:63:ad:6d: ec:06:d6:30:3f:1b:2a:c2:76:c0:c0:84:98:43:51: c3:41:a3:a2:42:05:9b:95:06:4c:73:75:c0:98:2e: 8c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:20:E9:E0:BD:9C:F7:FE:FF:A0:5D:8D:C0:EC:D3:A3:E2:58:13:40 X509v3 Authority Key Identifier: keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:03:c4:11:9d:ef:c0:42:23:b0:1e:84:c7:38:58:a8:46:a3: ca:27:fe:0f:10:19:c7:37:c4:b3:f5:47:7f:ff:de:1b:15:eb: 24:bf:f8:11:9e:2d:86:1f:ae:5a:d5:b4:e8:1c:68:b5:e2:89: 8d:62:39:22:f2:8a:34:ca:42:73:43:79:af:be:13:83:4c:08: f2:ce:fc:76:3d:8b:42:2e:17:89:2f:22:88:96:21:b9:53:9f: ac:f2:4a:bc:ad:e7:a1:9e:0e:d5:35:b1:b1:75:88:53:66:80: 8b:75:55:ea:bb:e3:5f:48:57:fa:9c:55:d6:c5:7a:04:99:9d: 52:45:42:f7:b3:f7:65:87:12:c9:a9:0b:b1:05:68:63:80:03: f9:b6:60:41:03:54:1a:08:c0:9d:be:97:d4:e3:b1:34:a5:4b: df:de:7e:9c:45:00:de:a9:24:fa:da:2b:4c:46:ed:94:5c:4a: b5:e1:87:f9:6f:19:fb:60:76:d9:eb:36:b7:46:f6:82:b0:36: 76:cf:40:bf:f2:50:9d:a7:85:62:ed:c6:a4:ee:70:cd:74:6b: ce:9a:25:cc:af:f2:9a:9f:f7:98:f0:e2:7e:cf:5f:16:56:f1: 73:10:bc:8a:20:51:51:81:3f:ee:46:7c:3f:35:07:8d:a0:2f: 1c:76:95:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHjuPbbFJE4HU+4nBCMxxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0 ZTY4MWYwHhcNMjUxMjI4MDQwMTI0WhcNMjUxMjI5MDQwMTI0WjAzMTEwLwYDVQQD EyhkNTIwZTllMGJkOWNmN2ZlZmZhMDVkOGRjMGVjZDNhM2UyNTgxMzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQSYDUSODLBT/I4g7SF2ewHNWHIg 6jvwOgXclpifnXL/4x4hB//JAYHnWETlkljXOgbP0Pkzw2zmlWwLiZpsdLF8ZAKn yUCC90KvUMglOHDsWRmWuofbOkULF/C9u3uQCa4ye249ZSXw12sBIbVL+38xi08m +lSXWioXt8dTq59FJeDtLlwhBiPxySyhm85mBwqn/ke8BsVCaJ9f4G952dFgOdft sOhgJBj9jXUvhXzxugEQCwYCvCFCs/k6lbiFB//HOKBPIJmMYGcviaai72UCoYN7 cALnFqea1ppjrW3sBtYwPxsqwnbAwISYQ1HDQaOiQgWblQZMc3XAmC6MsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNUg6eC9nPf+/6BdjcDs06PiWBNAMB8GA1UdIwQY MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwPEEZ3v wEIjsB6ExzhYqEajyif+DxAZxzfEs/VHf//eGxXrJL/4EZ4thh+uWtW06BxoteKJ jWI5IvKKNMpCc0N5r74Tg0wI8s78dj2LQi4XiS8iiJYhuVOfrPJKvK3noZ4O1TWx sXWIU2aAi3VV6rvjX0hX+pxV1sV6BJmdUkVC97P3ZYcSyakLsQVoY4AD+bZgQQNU GgjAnb6X1OOxNKVL395+nEUA3qkk+torTEbtlFxKteGH+W8Z+2B22es2t0b2grA2 ds9Av/JQnaeFYu3GpO5wzXRrzpolzK/ymp/3mPDifs9fFlbxcxC8iiBRUYE/7kZ8 PzUHjaAvHHaVyg== -----END CERTIFICATE-----Generated at Sun Dec 28 08:09:08 2025 by rpki-client