This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft File: aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft (raw, json) Hash identifier: TzDgg01Zd4+zRFhA+a4BFh/tEtTyX6xP4BEB8NXm8yY= Subject key identifier: 7C:91:25:64:5C:03:93:51:8F:F5:CC:26:BD:79:22:1B:62:19:23:FE Authority key identifier: 68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97 Certificate issuer: /CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97 Certificate serial: 019B39EAECA33C2F7019377D09E8007BDD94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft Manifest number: 06F1 Signing time: Sat 20 Dec 2025 04:00:55 +0000 Manifest this update: Sat 20 Dec 2025 04:00:55 +0000 Manifest next update: Sun 21 Dec 2025 04:00:55 +0000 Files and hashes: 1: AJ5wMI6kFAAGgXfPHZAVtLCSnP8.roa (hash: O5F5OKdgmFhYvl6NemyAslo9muG5v3CdZb38avB1q8I=) 2: aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl (hash: OEz9Woa3vLp3M6JNAHksOTLmuQPxlBMui/JUP90vuP8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:ea:ec:a3:3c:2f:70:19:37:7d:09:e8:00:7b:dd:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=687b91eda16b6f1b1fa0175d67c7994f691d8e97 Validity Not Before: Dec 20 04:00:55 2025 GMT Not After : Dec 21 04:00:55 2025 GMT Subject: CN=7c9125645c0393518ff5cc26bd79221b621923fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:51:a7:fb:a3:6c:b2:92:d4:d7:8e:92:22:3c: 07:7f:3b:1a:d2:b4:a6:48:05:b4:b5:91:7f:d2:3d: cf:59:e7:7d:31:68:c3:a9:0b:9c:dd:62:3d:5c:24: ed:1e:c2:87:c5:78:e9:90:2d:15:fd:a3:51:1b:b8: 24:7a:81:88:e1:c0:3f:11:41:91:ee:d7:ac:a5:2c: 2d:02:62:22:70:a2:32:e2:50:eb:31:a9:5a:ed:ab: 81:1f:8f:7d:6a:2f:cb:00:39:1b:56:cd:84:cc:74: 7b:35:59:5d:f9:55:dc:50:90:c3:02:aa:9a:6d:d5: d5:09:1e:0e:55:83:d9:99:43:55:79:f9:f7:a1:2b: c5:ed:61:d6:25:ad:dc:d3:bb:de:86:69:2e:4c:99: 1f:3d:66:fe:59:1a:29:3b:fd:3d:de:4e:2f:fd:9a: 86:ad:57:0c:73:12:a0:28:74:04:76:77:ce:c4:ab: 9a:44:89:94:70:36:e3:52:22:a3:12:af:aa:76:69: db:6d:73:33:a6:d8:f6:2a:5a:de:5b:3f:c8:5e:ff: 6f:3d:1d:b5:9d:6f:e0:69:15:d6:c4:a5:f8:9e:21: 94:9f:fc:2c:40:29:37:e2:1c:aa:6f:ba:36:d0:c2: 1e:ec:d3:ef:55:c9:37:ed:5d:aa:f5:9d:13:91:d3: cb:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:91:25:64:5C:03:93:51:8F:F5:CC:26:BD:79:22:1B:62:19:23:FE X509v3 Authority Key Identifier: keyid:68:7B:91:ED:A1:6B:6F:1B:1F:A0:17:5D:67:C7:99:4F:69:1D:8E:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHuR7aFrbxsfoBddZ8eZT2kdjpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2fb8df-0e48-4665-a99b-dffe59023e89/1/aHuR7aFrbxsfoBddZ8eZT2kdjpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:df:e2:80:5e:2f:18:47:8f:87:e6:0f:39:91:e8:4b:d8:7b: f2:49:a3:87:c1:11:b3:e1:84:bb:8e:b4:59:04:bc:83:56:af: 13:3a:50:40:9f:b4:5e:89:d2:f7:57:3f:3f:83:fd:79:28:7a: ee:70:66:ad:3f:d9:d2:24:e2:e5:2b:75:41:d2:25:ca:9f:b2: bf:6a:99:a5:9b:6d:0f:ef:d2:45:67:5b:e4:2d:72:94:1a:5a: 9d:83:c1:d1:dc:8a:53:96:99:ad:77:5a:ac:92:1b:bf:01:48: 5a:a1:dd:c3:fc:d9:29:3e:18:fd:3c:3c:1c:a7:94:b5:a6:5a: eb:e5:70:90:5b:65:3a:9f:a9:d1:23:eb:1d:96:7b:7f:fb:2e: 5b:95:83:be:36:44:33:cc:ba:90:2b:85:a8:7f:b7:a3:b3:a4: 49:f4:bf:81:f8:9b:76:1c:a7:08:a7:56:23:5b:0e:f6:44:be: 85:69:2c:a1:f9:ee:ee:c3:e7:c9:60:69:e9:80:38:db:47:2a: af:07:cf:de:3c:ce:1c:dd:b0:af:81:0e:63:a4:66:72:87:b5: fa:7c:43:9e:7b:5a:8b:4e:26:9f:dc:75:84:70:9f:5e:e5:5b: 14:8a:fe:8f:34:a6:4c:21:ee:2d:d2:87:8a:d4:71:a1:9c:fd: 30:c1:64:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56uyjPC9wGTd9CegAe92UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4N2I5MWVkYTE2YjZmMWIxZmEwMTc1ZDY3Yzc5OTRmNjkx ZDhlOTcwHhcNMjUxMjIwMDQwMDU1WhcNMjUxMjIxMDQwMDU1WjAzMTEwLwYDVQQD Eyg3YzkxMjU2NDVjMDM5MzUxOGZmNWNjMjZiZDc5MjIxYjYyMTkyM2ZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslGn+6NsspLU146SIjwHfzsa0rSm SAW0tZF/0j3PWed9MWjDqQuc3WI9XCTtHsKHxXjpkC0V/aNRG7gkeoGI4cA/EUGR 7tespSwtAmIicKIy4lDrMala7auBH499ai/LADkbVs2EzHR7NVld+VXcUJDDAqqa bdXVCR4OVYPZmUNVefn3oSvF7WHWJa3c07vehmkuTJkfPWb+WRopO/093k4v/ZqG rVcMcxKgKHQEdnfOxKuaRImUcDbjUiKjEq+qdmnbbXMzptj2KlreWz/IXv9vPR21 nW/gaRXWxKX4niGUn/wsQCk34hyqb7o20MIe7NPvVck37V2q9Z0TkdPLXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHyRJWRcA5NRj/XMJr15IhtiGSP+MB8GA1UdIwQY MBaAFGh7ke2ha28bH6AXXWfHmU9pHY6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWIt ZGZmZTU5MDIzZTg5LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS8yZmI4ZGYtMGU0OC00NjY1LWE5OWItZGZmZTU5MDIzZTg5 LzEvYUh1UjdhRnJieHNmb0JkZFo4ZVpUMmtkanBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfN/igF4v GEePh+YPOZHoS9h78kmjh8ERs+GEu460WQS8g1avEzpQQJ+0XonS91c/P4P9eSh6 7nBmrT/Z0iTi5St1QdIlyp+yv2qZpZttD+/SRWdb5C1ylBpanYPB0dyKU5aZrXda rJIbvwFIWqHdw/zZKT4Y/Tw8HKeUtaZa6+VwkFtlOp+p0SPrHZZ7f/suW5WDvjZE M8y6kCuFqH+3o7OkSfS/gfibdhynCKdWI1sO9kS+hWksofnu7sPnyWBp6YA420cq rwfP3jzOHN2wr4EOY6Rmcoe1+nxDnntai04mn9x1hHCfXuVbFIr+jzSmTCHuLdKH itRxoZz9MMFknw== -----END CERTIFICATE-----Generated at Sat Dec 20 07:55:20 2025 by rpki-client