This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft File: AhaSppUBf7XEv4wjgHjzA9j78Ic.mft (raw, json) Hash identifier: 2+D3170c1r7t7l4cE6zzCfDemJhPaf0axN3/CMaGGcc= Subject key identifier: 6B:61:33:38:50:DA:0B:AE:9F:0B:81:96:08:4A:4F:17:D8:9D:89:69 Authority key identifier: 02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87 Certificate issuer: /CN=021692a695017fb5c4bf8c238078f303d8fbf087 Certificate serial: 019B34C632C43C09F6F03CB500F53CCBC5BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft Manifest number: 1780 Signing time: Fri 19 Dec 2025 04:02:42 +0000 Manifest this update: Fri 19 Dec 2025 04:02:42 +0000 Manifest next update: Sat 20 Dec 2025 04:02:42 +0000 Files and hashes: 1: AhaSppUBf7XEv4wjgHjzA9j78Ic.crl (hash: ktqnlt7iI7mRN4fAVs5j+QJBHBf0waZzdPmXpvyYuD0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c6:32:c4:3c:09:f6:f0:3c:b5:00:f5:3c:cb:c5:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=021692a695017fb5c4bf8c238078f303d8fbf087 Validity Not Before: Dec 19 04:02:42 2025 GMT Not After : Dec 20 04:02:42 2025 GMT Subject: CN=6b61333850da0bae9f0b8196084a4f17d89d8969 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:df:b2:49:0b:f3:8b:66:f9:b8:04:ee:76:f1: 9e:4a:61:e3:77:78:eb:a4:10:a8:e9:21:01:3d:f0: 2a:70:c8:46:5c:ff:98:12:81:04:04:20:6e:09:16: 27:50:d4:b1:60:62:52:37:6a:57:ec:8f:13:e7:6b: 97:c7:5b:95:ad:fb:90:f1:f7:b5:6c:0b:e0:b7:a6: 7a:a7:6f:0b:c5:bc:a9:20:c1:ef:1a:47:11:b2:84: ff:1d:10:2f:db:13:2f:3b:04:86:50:99:4a:c9:2b: 25:5b:0f:c1:9b:f3:65:60:82:e3:26:61:0d:a1:2d: 67:e0:2f:fb:dc:e0:31:af:70:c7:38:55:50:82:10: 05:df:37:6a:cd:38:f4:fc:32:46:bf:f5:08:af:13: 59:2d:a7:fa:e6:58:ed:c9:4f:d6:c9:db:11:f9:f8: 7e:a7:f5:13:e5:62:54:72:a6:f6:b8:de:f6:d7:43: 4f:a3:fe:47:f7:20:56:d7:f9:25:ad:71:75:65:24: 07:38:75:3d:bf:27:7f:7d:98:85:ef:4f:d8:f9:e9: 37:df:7e:a1:cd:a6:50:90:c7:ea:2b:71:df:7d:84: c3:56:28:74:75:80:f4:d9:8d:c2:8f:41:f5:f3:c4: f6:67:19:18:cc:0e:e4:07:12:b9:fa:f1:94:a4:2c: 83:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:61:33:38:50:DA:0B:AE:9F:0B:81:96:08:4A:4F:17:D8:9D:89:69 X509v3 Authority Key Identifier: keyid:02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:ea:30:ad:f3:0f:5d:57:0b:4c:e1:ea:11:e0:d0:b3:88:9d: f4:c7:ee:d1:06:a3:47:f1:3f:3d:ba:8f:c3:80:63:b2:3f:dd: c1:b5:18:9c:ec:1c:ae:8c:a1:b0:6f:8e:32:73:f2:cc:c5:4c: 87:b0:39:50:89:89:c5:d6:d6:12:95:d2:c0:f5:92:90:87:d0: 0b:96:74:a2:46:bc:88:a2:3d:f5:d8:51:71:74:6e:13:e7:77: e7:e6:c2:a0:47:f5:01:c4:5b:a6:5f:7f:6e:13:33:7a:68:38: 2b:7d:b1:55:21:9d:08:d6:4a:0f:b0:15:50:7b:a9:d8:fc:ee: 82:a4:98:3a:e1:34:27:50:47:43:05:8a:60:e4:7a:79:25:20: c3:97:7c:b2:9e:da:9a:7d:c5:07:bb:0a:2c:44:97:3d:8d:60: 9d:98:b5:b6:09:73:c6:34:41:d2:c5:16:99:ed:50:57:a7:37: 42:9d:76:1f:4c:cd:b3:36:b8:b8:8b:f1:7a:18:b7:87:64:06: d5:7d:87:a8:e2:4c:3d:d4:3a:14:a5:d1:7b:9c:37:7f:e6:02: e9:eb:60:2f:21:1c:84:f9:bb:cf:ed:49:9c:8b:05:7e:8d:4f: 9f:84:f9:1f:cc:37:b7:e7:5e:30:14:98:fc:e8:c7:88:56:f7: db:c9:ec:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xjLEPAn28Dy1APU8y8W8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyMTY5MmE2OTUwMTdmYjVjNGJmOGMyMzgwNzhmMzAzZDhm YmYwODcwHhcNMjUxMjE5MDQwMjQyWhcNMjUxMjIwMDQwMjQyWjAzMTEwLwYDVQQD Eyg2YjYxMzMzODUwZGEwYmFlOWYwYjgxOTYwODRhNGYxN2Q4OWQ4OTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N+ySQvzi2b5uATudvGeSmHjd3jr pBCo6SEBPfAqcMhGXP+YEoEEBCBuCRYnUNSxYGJSN2pX7I8T52uXx1uVrfuQ8fe1 bAvgt6Z6p28LxbypIMHvGkcRsoT/HRAv2xMvOwSGUJlKySslWw/Bm/NlYILjJmEN oS1n4C/73OAxr3DHOFVQghAF3zdqzTj0/DJGv/UIrxNZLaf65ljtyU/WydsR+fh+ p/UT5WJUcqb2uN7210NPo/5H9yBW1/klrXF1ZSQHOHU9vyd/fZiF70/Y+ek3336h zaZQkMfqK3HffYTDVih0dYD02Y3Cj0H188T2ZxkYzA7kBxK5+vGUpCyD3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGthMzhQ2guunwuBlghKTxfYnYlpMB8GA1UdIwQY MBaAFAIWkqaVAX+1xL+MI4B48wPY+/CHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUt NDhkMjVjMGE0OTVmLzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUtNDhkMjVjMGE0OTVm LzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAeowrfMP XVcLTOHqEeDQs4id9Mfu0QajR/E/PbqPw4Bjsj/dwbUYnOwcroyhsG+OMnPyzMVM h7A5UImJxdbWEpXSwPWSkIfQC5Z0oka8iKI99dhRcXRuE+d35+bCoEf1AcRbpl9/ bhMzemg4K32xVSGdCNZKD7AVUHup2PzugqSYOuE0J1BHQwWKYOR6eSUgw5d8sp7a mn3FB7sKLESXPY1gnZi1tglzxjRB0sUWme1QV6c3Qp12H0zNsza4uIvxehi3h2QG 1X2HqOJMPdQ6FKXRe5w3f+YC6etgLyEchPm7z+1JnIsFfo1Pn4T5H8w3t+deMBSY /OjHiFb328nszQ== -----END CERTIFICATE-----Generated at Fri Dec 19 09:44:44 2025 by rpki-client