This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft File: AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json) Hash identifier: rU3rrMcKhd+BNKkEj027vWUfsNE1i3R1drSJYlkL+sg= Subject key identifier: D3:7A:B1:56:B1:74:43:0A:31:AF:AC:0B:37:FF:E4:7C:0C:43:E4:FB Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C Certificate issuer: /CN=01580411823b487376836ed66af3f8aabb20119c Certificate serial: 019B5F4142725DA3CD6447C2CD3C61A6F4D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft Manifest number: 1797 Signing time: Sat 27 Dec 2025 10:01:10 +0000 Manifest this update: Sat 27 Dec 2025 10:01:10 +0000 Manifest next update: Sun 28 Dec 2025 10:01:10 +0000 Files and hashes: 1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: hPHVZgkdh3nPpxzvnPp4CTU07QDmCyRYz9n67/xEDUc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 08:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:41:42:72:5d:a3:cd:64:47:c2:cd:3c:61:a6:f4:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01580411823b487376836ed66af3f8aabb20119c Validity Not Before: Dec 27 10:01:10 2025 GMT Not After : Dec 28 10:01:10 2025 GMT Subject: CN=d37ab156b174430a31afac0b37ffe47c0c43e4fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:64:95:02:59:ce:e8:bd:2f:f4:61:26:a0:51: 5e:dd:2f:1b:ba:0e:c9:2c:d1:19:f7:b0:8e:bd:af: 6a:fd:48:9a:05:7b:e0:9d:38:fa:09:0f:0f:e5:19: 4c:1f:f2:59:44:1d:b6:9e:5a:e5:72:da:0d:33:37: 8c:26:6a:ed:fb:38:9c:43:ec:ee:c5:0d:f5:9c:51: 06:a1:ea:e5:31:02:9c:4f:a4:6f:88:3d:db:b5:0c: 5c:a4:73:ec:52:fb:38:4a:1e:bf:ab:e7:85:1f:7b: af:43:68:c7:b0:7a:83:5f:95:62:0f:2c:fc:86:f4: 19:d3:c7:87:df:c7:ed:fc:29:3f:cf:f6:9e:5f:f6: b6:fd:97:80:8d:7b:0b:0a:5d:61:61:62:d5:ec:af: cc:e0:c5:61:22:3e:eb:cc:83:58:56:01:b5:c6:de: 44:70:a7:a9:f1:81:3b:56:90:61:95:9b:d6:c9:f0: 3c:58:c6:c9:3f:b4:59:55:2e:07:0c:9b:62:4a:e2: c0:62:bb:dc:91:78:b7:2e:5b:04:62:52:01:03:f3: 1b:46:ef:37:04:82:57:94:27:70:25:8e:c8:6e:cc: d4:b7:3a:bf:3c:45:26:37:4b:06:91:3b:54:53:cf: 8c:f0:ee:cc:8c:b8:5b:70:02:7f:8c:52:29:fa:7b: 23:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:7A:B1:56:B1:74:43:0A:31:AF:AC:0B:37:FF:E4:7C:0C:43:E4:FB X509v3 Authority Key Identifier: keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:4f:5d:66:61:b0:aa:0c:2a:77:15:70:f3:e6:fa:6c:9c:7e: ea:df:25:6e:a6:da:89:6a:d0:09:84:00:97:1b:3b:89:18:6c: 8d:31:52:b9:91:2d:e9:30:33:fa:a1:85:0d:fa:38:1b:13:dd: f9:de:88:b2:74:93:0a:34:14:9f:0f:54:6b:a9:ce:7b:b7:36: 12:f4:e7:9e:89:67:0b:58:a7:58:e3:43:17:30:4b:55:98:7f: eb:ee:81:25:7f:53:82:11:8c:e7:9c:7d:61:df:4e:2b:d7:a3: db:66:28:5a:81:d9:1a:fb:52:4e:7d:4f:53:67:fa:b4:70:28: f0:92:c7:3c:71:05:c3:9f:a4:7e:94:62:33:7b:bd:2c:84:11: 58:a2:2e:d1:fe:07:d2:03:75:8c:3b:76:c1:1c:54:7f:91:8d: 82:92:75:08:6e:a6:0d:7e:05:a9:35:de:b9:1e:e5:81:08:88: e6:97:16:52:09:f1:e7:20:14:07:f9:ca:c3:97:3d:16:ff:f4: 5a:44:6e:39:20:d3:ce:3a:63:eb:85:d5:f9:db:06:fb:a8:ec: 2d:ec:67:fd:89:30:1f:34:9a:0a:15:5f:4b:95:de:1f:67:1d: 94:d7:eb:23:96:de:bb:4d:d2:93:85:94:d2:7b:03:58:2c:98: fe:89:69:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtfQUJyXaPNZEfCzTxhpvTQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy MDExOWMwHhcNMjUxMjI3MTAwMTEwWhcNMjUxMjI4MTAwMTEwWjAzMTEwLwYDVQQD EyhkMzdhYjE1NmIxNzQ0MzBhMzFhZmFjMGIzN2ZmZTQ3YzBjNDNlNGZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mSVAlnO6L0v9GEmoFFe3S8bug7J LNEZ97COva9q/UiaBXvgnTj6CQ8P5RlMH/JZRB22nlrlctoNMzeMJmrt+zicQ+zu xQ31nFEGoerlMQKcT6RviD3btQxcpHPsUvs4Sh6/q+eFH3uvQ2jHsHqDX5ViDyz8 hvQZ08eH38ft/Ck/z/aeX/a2/ZeAjXsLCl1hYWLV7K/M4MVhIj7rzINYVgG1xt5E cKep8YE7VpBhlZvWyfA8WMbJP7RZVS4HDJtiSuLAYrvckXi3LlsEYlIBA/MbRu83 BIJXlCdwJY7IbszUtzq/PEUmN0sGkTtUU8+M8O7MjLhbcAJ/jFIp+nsjwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNN6sVaxdEMKMa+sCzf/5HwMQ+T7MB8GA1UdIwQY MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0 LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMk9dZmGw qgwqdxVw8+b6bJx+6t8lbqbaiWrQCYQAlxs7iRhsjTFSuZEt6TAz+qGFDfo4GxPd +d6IsnSTCjQUnw9Ua6nOe7c2EvTnnolnC1inWONDFzBLVZh/6+6BJX9TghGM55x9 Yd9OK9ej22YoWoHZGvtSTn1PU2f6tHAo8JLHPHEFw5+kfpRiM3u9LIQRWKIu0f4H 0gN1jDt2wRxUf5GNgpJ1CG6mDX4FqTXeuR7lgQiI5pcWUgnx5yAUB/nKw5c9Fv/0 WkRuOSDTzjpj64XV+dsG+6jsLexn/YkwHzSaChVfS5XeH2cdlNfrI5beu03Sk4WU 0nsDWCyY/olpLA== -----END CERTIFICATE-----Generated at Sat Dec 27 15:41:09 2025 by rpki-client