This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft File: Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json) Hash identifier: nt5NMdLBYQp5lYy8/O129ptWsBEfIPsgvqYmC+Ks/dM= Subject key identifier: 2D:7D:6B:0B:41:01:32:FA:B6:AD:72:7C:1D:D3:63:18:9F:82:F6:5E Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84 Certificate issuer: /CN=01fa7aacf89284cebdde3d4c12462fc44debc384 Certificate serial: 019B755ABFD967E4E0CCF4C168B505903418 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft Manifest number: 0D41 Signing time: Wed 31 Dec 2025 17:00:40 +0000 Manifest this update: Wed 31 Dec 2025 17:00:40 +0000 Manifest next update: Thu 01 Jan 2026 17:00:40 +0000 Files and hashes: 1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: 07jMXYkPPglgmwhDqtX1SQ6fT6nSAz+EnvGZVz6v7dA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 16:22:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:5a:bf:d9:67:e4:e0:cc:f4:c1:68:b5:05:90:34:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384 Validity Not Before: Dec 31 17:00:40 2025 GMT Not After : Jan 1 17:00:40 2026 GMT Subject: CN=2d7d6b0b410132fab6ad727c1dd363189f82f65e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e5:b2:6d:f4:b2:65:9a:0b:a7:a8:91:e6:ff: a9:00:58:76:bb:86:24:f9:8d:88:4a:96:57:a2:ff: a3:86:b2:de:30:63:74:8b:af:22:79:57:47:10:19: 63:0b:91:98:4d:da:26:d9:1c:e0:ff:b4:c0:dd:2b: 6a:a8:b0:f9:1d:86:48:28:cc:0a:b9:a0:f6:76:49: cd:b8:c1:f8:ec:2a:e9:b3:68:14:ef:2d:3b:2c:60: d3:da:cf:e7:56:f8:9d:1c:cf:bb:3c:78:23:2e:1f: 3a:c4:00:7a:d3:80:45:c3:67:0d:c7:ae:e7:db:02: b5:93:41:81:fa:84:53:0d:26:b2:f2:e2:5e:cd:84: 1a:46:a4:a2:b2:c6:80:0a:ca:f4:65:06:ad:c9:b7: 95:b4:4f:48:5d:7b:ff:61:d4:54:a3:dc:42:eb:bc: 1a:f0:de:e0:54:bd:c1:2c:e8:90:49:4a:34:0a:eb: 49:b5:cd:a3:d5:c6:98:ce:fb:ea:8c:41:e5:3f:7a: 33:c8:ad:c6:b7:50:79:d6:0c:1a:b8:c7:28:6e:f8: f6:71:13:b2:c5:4f:5b:fe:a4:95:2d:aa:20:38:c4: fb:fc:1b:3b:6c:d1:1d:69:12:44:39:25:1f:d0:c4: aa:62:d2:36:27:60:48:3b:a9:b8:70:86:21:56:0a: a9:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:7D:6B:0B:41:01:32:FA:B6:AD:72:7C:1D:D3:63:18:9F:82:F6:5E X509v3 Authority Key Identifier: keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e1:c9:85:28:c1:c4:85:ae:d6:d4:c1:cc:81:18:de:fa:ea:a0: 04:f0:ca:a7:5f:6d:25:c8:55:6d:08:31:db:d0:04:ff:36:d5: f9:f9:9a:29:d4:bf:2a:51:a6:72:68:e8:1e:c5:5e:2f:f3:78: 78:3b:44:19:25:c0:89:63:9f:b0:78:f3:e2:c3:7b:5d:2b:c9: da:a1:72:34:e1:26:bb:b3:cc:64:82:36:57:86:1e:08:ef:f7: 90:d4:c1:fe:b3:37:0c:e2:b2:5d:9f:ed:4e:2c:e4:df:60:db: bb:b4:24:39:00:59:d3:6f:ba:e9:bb:d8:af:22:0c:f2:1b:37: 8c:dd:d1:b7:d6:b0:46:7b:59:0a:8e:7f:c1:93:43:00:04:e0: 45:b7:d7:16:25:0a:6d:2e:8c:9b:b4:be:33:3e:92:28:da:67: 26:cb:da:20:57:85:64:88:55:0e:74:e7:32:3d:c9:0b:1c:4a: 8f:cd:90:6e:5a:75:01:5d:27:54:b9:d1:26:08:e1:28:ea:e1: 4a:2d:b8:0d:56:e6:34:d8:ee:41:bf:c8:38:ad:27:74:53:af: 34:b6:47:14:82:b4:75:c6:22:02:c0:2e:0d:e5:5c:e1:4b:30: 07:32:d3:a1:51:61:6d:37:d1:39:24:e8:a7:1e:d8:2e:16:8c: e5:2b:d0:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1Wr/ZZ+TgzPTBaLUFkDQYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl YmMzODQwHhcNMjUxMjMxMTcwMDQwWhcNMjYwMTAxMTcwMDQwWjAzMTEwLwYDVQQD EygyZDdkNmIwYjQxMDEzMmZhYjZhZDcyN2MxZGQzNjMxODlmODJmNjVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOWybfSyZZoLp6iR5v+pAFh2u4Yk +Y2ISpZXov+jhrLeMGN0i68ieVdHEBljC5GYTdom2Rzg/7TA3StqqLD5HYZIKMwK uaD2dknNuMH47Crps2gU7y07LGDT2s/nVvidHM+7PHgjLh86xAB604BFw2cNx67n 2wK1k0GB+oRTDSay8uJezYQaRqSissaACsr0ZQatybeVtE9IXXv/YdRUo9xC67wa 8N7gVL3BLOiQSUo0CutJtc2j1caYzvvqjEHlP3ozyK3Gt1B51gwauMcobvj2cROy xU9b/qSVLaogOMT7/Bs7bNEdaRJEOSUf0MSqYtI2J2BIO6m4cIYhVgqp6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC19awtBATL6tq1yfB3TYxifgvZeMB8GA1UdIwQY MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4cmFKMHE ha7W1MHMgRje+uqgBPDKp19tJchVbQgx29AE/zbV+fmaKdS/KlGmcmjoHsVeL/N4 eDtEGSXAiWOfsHjz4sN7XSvJ2qFyNOEmu7PMZII2V4YeCO/3kNTB/rM3DOKyXZ/t Tizk32Dbu7QkOQBZ02+66bvYryIM8hs3jN3Rt9awRntZCo5/wZNDAATgRbfXFiUK bS6Mm7S+Mz6SKNpnJsvaIFeFZIhVDnTnMj3JCxxKj82Qblp1AV0nVLnRJgjhKOrh Si24DVbmNNjuQb/IOK0ndFOvNLZHFIK0dcYiAsAuDeVc4UswBzLToVFhbTfROSTo px7YLhaM5SvQ9Q== -----END CERTIFICATE-----Generated at Wed Dec 31 19:39:00 2025 by rpki-client