This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft File: avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json) Hash identifier: Nq2BI+e4yZ3w6YxSSYWCa/p7bIdOMaXVKmbRZqeHb1A= Subject key identifier: A9:10:37:35:11:A9:10:4E:F4:57:CF:9C:B1:E3:2D:D3:46:A4:0B:54 Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86 Certificate issuer: /CN=6af2aa504bf37644803c2eef1604d3860b1def86 Certificate serial: 019B5C08BB94B7377A6B3D8C1135BFA01243 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft Manifest number: 06F7 Signing time: Fri 26 Dec 2025 19:00:34 +0000 Manifest this update: Fri 26 Dec 2025 19:00:34 +0000 Manifest next update: Sat 27 Dec 2025 19:00:34 +0000 Files and hashes: 1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: RlnoWLHUs3DktfC6MVHbPfhhqg3ex81iqhhUhnXMyiI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 19:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:08:bb:94:b7:37:7a:6b:3d:8c:11:35:bf:a0:12:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86 Validity Not Before: Dec 26 19:00:34 2025 GMT Not After : Dec 27 19:00:34 2025 GMT Subject: CN=a910373511a9104ef457cf9cb1e32dd346a40b54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:cd:1d:4a:43:ec:a2:be:0f:8e:aa:40:ba:02: 33:05:5f:70:d7:97:71:d4:2e:9e:56:e9:64:bd:31: 8f:04:3a:95:7d:92:91:21:df:c5:ef:d8:80:45:5b: a1:b9:bf:8f:87:77:b1:e4:f0:20:27:00:2f:6c:11: cb:02:e8:10:b0:53:9a:8b:94:95:56:5b:8a:9a:51: 31:e8:b5:25:ac:ab:49:a0:61:3e:b7:87:15:1e:89: ad:36:1a:18:60:d2:ea:48:b1:91:72:23:34:87:93: c9:7a:76:98:b5:f0:be:9e:2c:52:d9:0b:5c:0a:5b: c4:ce:a7:45:16:80:d3:f2:d4:7a:c1:df:cc:67:9b: 0d:3d:7f:80:53:f4:66:8a:5b:de:86:27:1a:af:8a: 6d:fd:20:06:aa:49:fb:10:64:19:68:44:25:34:8c: 32:7c:d5:3f:31:d6:13:a6:9b:6a:47:59:07:fa:3d: 40:4d:f3:d8:63:36:7c:f6:71:f8:cf:02:ba:9a:c0: d3:ab:85:ca:de:5f:d0:94:21:bd:d7:29:53:62:bc: 83:ff:dc:49:04:b5:a9:61:9e:c7:48:b8:65:dc:7e: 7e:00:4a:15:98:f1:d2:d6:97:1c:4e:fd:3b:5d:bc: 62:9c:7c:9e:aa:92:09:eb:1d:66:da:98:b5:92:7a: 01:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:10:37:35:11:A9:10:4E:F4:57:CF:9C:B1:E3:2D:D3:46:A4:0B:54 X509v3 Authority Key Identifier: keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:00:3b:9a:fc:92:83:59:cf:2a:ff:c8:ac:13:2e:a6:e8:8a: b2:4f:23:23:71:0b:6a:8a:5c:10:aa:98:86:c0:8b:78:52:9f: 44:dc:eb:bd:87:06:0d:d9:c4:e7:0a:fe:5c:6d:ae:33:7e:f7: cc:a6:d0:20:84:a0:c1:ab:75:fd:1d:47:9b:cf:d8:da:58:a4: 91:ab:00:7a:0e:28:08:1e:77:9f:c0:d3:f9:00:67:09:54:ad: a1:e5:f0:00:1f:47:38:18:45:6e:86:03:75:31:e0:12:e6:a5: b0:c4:b6:d8:e2:85:10:38:bf:bb:c4:b7:c6:d9:ba:a8:03:de: 3d:1a:36:cc:18:c8:22:31:16:72:f0:f2:c2:7a:55:00:7a:0f: 54:d8:00:1f:41:fe:bf:29:b7:a5:de:19:35:4f:8e:f5:51:a0: e1:ab:89:04:f9:1e:ae:45:30:16:58:3b:b5:67:8f:f9:8d:63: 85:90:ba:57:74:eb:10:72:b5:34:bb:3a:47:cd:5d:45:34:e3: 78:bb:ff:fd:a9:db:fa:0d:36:ac:d7:e0:c6:3b:e7:3d:68:b7: fd:ec:22:f4:cc:84:71:6e:72:da:7b:da:50:5e:2d:96:e1:a4: c3:f6:8f:70:aa:62:09:35:ee:48:2c:58:cf:9e:28:17:f9:39: 21:94:e5:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcCLuUtzd6az2METW/oBJDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx ZGVmODYwHhcNMjUxMjI2MTkwMDM0WhcNMjUxMjI3MTkwMDM0WjAzMTEwLwYDVQQD EyhhOTEwMzczNTExYTkxMDRlZjQ1N2NmOWNiMWUzMmRkMzQ2YTQwYjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M0dSkPsor4PjqpAugIzBV9w15dx 1C6eVulkvTGPBDqVfZKRId/F79iARVuhub+Ph3ex5PAgJwAvbBHLAugQsFOai5SV VluKmlEx6LUlrKtJoGE+t4cVHomtNhoYYNLqSLGRciM0h5PJenaYtfC+nixS2Qtc ClvEzqdFFoDT8tR6wd/MZ5sNPX+AU/Rmilvehicar4pt/SAGqkn7EGQZaEQlNIwy fNU/MdYTpptqR1kH+j1ATfPYYzZ89nH4zwK6msDTq4XK3l/QlCG91ylTYryD/9xJ BLWpYZ7HSLhl3H5+AEoVmPHS1pccTv07XbxinHyeqpIJ6x1m2pi1knoBNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKkQNzURqRBO9FfPnLHjLdNGpAtUMB8GA1UdIwQY MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArwA7mvyS g1nPKv/IrBMupuiKsk8jI3ELaopcEKqYhsCLeFKfRNzrvYcGDdnE5wr+XG2uM373 zKbQIISgwat1/R1Hm8/Y2likkasAeg4oCB53n8DT+QBnCVStoeXwAB9HOBhFboYD dTHgEualsMS22OKFEDi/u8S3xtm6qAPePRo2zBjIIjEWcvDywnpVAHoPVNgAH0H+ vym3pd4ZNU+O9VGg4auJBPkerkUwFlg7tWeP+Y1jhZC6V3TrEHK1NLs6R81dRTTj eLv//anb+g02rNfgxjvnPWi3/ewi9MyEcW5y2nvaUF4tluGkw/aPcKpiCTXuSCxY z54oF/k5IZTl0g== -----END CERTIFICATE-----Generated at Sat Dec 27 02:16:16 2025 by rpki-client