This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json) Hash identifier: zeh6i7VLR0ipnkK7TJ/Q3+MJPBVXnv7260XFmeBaGDA= Subject key identifier: 29:0F:7D:D5:1F:FE:68:38:10:68:36:D9:A8:94:15:04:DD:DE:93:36 Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9 Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9 Certificate serial: 019B4F603F7716D6438A8F2A250D18F4CD03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft Manifest number: 04AB Signing time: Wed 24 Dec 2025 08:01:06 +0000 Manifest this update: Wed 24 Dec 2025 08:01:06 +0000 Manifest next update: Thu 25 Dec 2025 08:01:06 +0000 Files and hashes: 1: j5QtHlhxEZZOM5CvXJMLssoxGGc.roa (hash: 8L3ZEU7bcEWssZWSFVojRb4D5wALELFNA26f5J8ZxnI=) 2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: sWveHw1YTboXmpxonCMdyLx6fuEin9v2xVPwJXoZT98=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 08:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:60:3f:77:16:d6:43:8a:8f:2a:25:0d:18:f4:cd:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9 Validity Not Before: Dec 24 08:01:06 2025 GMT Not After : Dec 25 08:01:06 2025 GMT Subject: CN=290f7dd51ffe6838106836d9a8941504ddde9336 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:87:49:db:ed:94:db:31:1a:09:2c:f9:1c:43: eb:fb:af:84:2d:3b:8a:e3:a4:01:f4:07:70:93:69: ce:e0:92:c6:92:27:26:7f:10:8f:54:b0:6c:11:cf: 1d:52:57:88:a3:14:6d:35:c6:1e:78:61:b9:91:18: 59:44:bf:fc:80:c3:09:a8:63:4b:c8:a0:99:15:79: 22:84:7e:94:97:ef:cd:3c:90:e5:8b:e2:fd:85:fb: 98:bb:99:eb:b4:3c:bc:25:c3:1c:29:10:f5:8c:dc: 3d:d9:fb:69:43:0d:7f:e9:7a:83:63:55:9d:c0:e5: 56:0b:fe:ad:20:d3:eb:db:d7:2f:25:11:f1:26:b7: bf:23:68:db:a3:b8:d4:96:b4:8f:99:cc:04:72:a0: b0:93:d6:a9:af:a0:aa:69:ef:13:e8:6c:93:2e:11: a7:26:7a:f1:ec:90:dc:7c:b7:5c:aa:18:b6:0f:a4: ba:60:bc:59:d8:13:a9:a6:1a:e5:0a:e1:c5:f3:cc: 88:9b:0b:23:be:03:99:e6:e3:ec:72:39:d0:b4:96: a8:f2:b6:b0:99:2a:ad:2c:38:74:03:14:d3:cb:ff: 28:97:ff:15:ec:21:ed:fe:1b:01:cb:d0:35:f3:53: 74:6c:dd:19:b7:59:1a:87:81:e2:2e:b0:2b:3f:21: 5a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0F:7D:D5:1F:FE:68:38:10:68:36:D9:A8:94:15:04:DD:DE:93:36 X509v3 Authority Key Identifier: keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:ba:21:32:b6:98:38:98:1f:6b:6c:ef:7e:1d:7b:a5:18:62: 7b:d3:5a:c4:ec:44:1f:09:f2:cb:41:16:9b:aa:94:54:aa:0f: 43:15:ef:ad:24:33:d9:f4:55:19:fb:96:fa:31:0c:7e:24:9c: 68:b6:e4:65:70:54:5a:aa:32:ea:49:a6:43:e1:8d:55:ad:fd: 8a:ba:ad:4d:d0:8b:15:28:5a:11:e8:4f:bb:dc:eb:45:f1:42: e8:67:ee:79:33:14:dd:c3:e8:9c:b1:ed:c5:88:d4:fc:f9:2a: ed:b5:a8:b9:e6:a2:fd:c5:ed:f8:f3:ef:1b:14:aa:5c:6e:73: 0a:92:9e:ef:e7:87:d4:08:83:e5:08:01:86:a9:20:f0:9f:40: f7:62:51:1d:d9:62:7c:d8:ee:c9:8a:f8:3f:34:a3:84:26:7a: cf:36:8e:bf:76:5d:27:17:2c:51:e6:ef:99:3b:fa:0e:ef:e5: a4:a8:b5:b1:0e:68:5b:c7:6d:95:0a:e5:e8:75:ca:47:70:a6: 4f:97:a5:42:c1:9d:b2:89:61:48:a2:3d:37:c6:28:44:c6:da: b9:e6:e2:ef:80:65:b5:90:7e:32:85:6d:09:80:25:59:3d:0d: 5e:d9:08:d8:83:14:fc:6a:fd:74:9d:da:3d:66:02:f8:23:bc: 13:e9:41:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPYD93FtZDio8qJQ0Y9M0DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm NGQ4YzkwHhcNMjUxMjI0MDgwMTA2WhcNMjUxMjI1MDgwMTA2WjAzMTEwLwYDVQQD EygyOTBmN2RkNTFmZmU2ODM4MTA2ODM2ZDlhODk0MTUwNGRkZGU5MzM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqodJ2+2U2zEaCSz5HEPr+6+ELTuK 46QB9Adwk2nO4JLGkicmfxCPVLBsEc8dUleIoxRtNcYeeGG5kRhZRL/8gMMJqGNL yKCZFXkihH6Ul+/NPJDli+L9hfuYu5nrtDy8JcMcKRD1jNw92ftpQw1/6XqDY1Wd wOVWC/6tINPr29cvJRHxJre/I2jbo7jUlrSPmcwEcqCwk9apr6Cqae8T6GyTLhGn Jnrx7JDcfLdcqhi2D6S6YLxZ2BOpphrlCuHF88yImwsjvgOZ5uPscjnQtJao8raw mSqtLDh0AxTTy/8ol/8V7CHt/hsBy9A181N0bN0Zt1kah4HiLrArPyFaPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCkPfdUf/mg4EGg22aiUFQTd3pM2MB8GA1UdIwQY MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARrohMraY OJgfa2zvfh17pRhie9NaxOxEHwnyy0EWm6qUVKoPQxXvrSQz2fRVGfuW+jEMfiSc aLbkZXBUWqoy6kmmQ+GNVa39irqtTdCLFShaEehPu9zrRfFC6GfueTMU3cPonLHt xYjU/Pkq7bWoueai/cXt+PPvGxSqXG5zCpKe7+eH1AiD5QgBhqkg8J9A92JRHdli fNjuyYr4PzSjhCZ6zzaOv3ZdJxcsUebvmTv6Du/lpKi1sQ5oW8dtlQrl6HXKR3Cm T5elQsGdsolhSKI9N8YoRMbauebi74BltZB+MoVtCYAlWT0NXtkI2IMU/Gr9dJ3a PWYC+CO8E+lBLQ== -----END CERTIFICATE-----Generated at Wed Dec 24 18:11:00 2025 by rpki-client