This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json) Hash identifier: K4nd6T1q9UZUmNooDRxl4KzXss1Q9an71aDmxL+kTLQ= Subject key identifier: F7:5D:51:82:ED:2B:14:90:45:D9:8C:17:4F:E2:80:C2:E5:FB:9B:2C Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e Certificate serial: 019B4137275433F37AD642C83261DAB23EEF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft Manifest number: 178A Signing time: Sun 21 Dec 2025 14:01:31 +0000 Manifest this update: Sun 21 Dec 2025 14:01:31 +0000 Manifest next update: Mon 22 Dec 2025 14:01:31 +0000 Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: t5VvwQSqcdvLGLk/9Wi057nIturv9Hwvr3s48qZAzgk=) 2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:37:27:54:33:f3:7a:d6:42:c8:32:61:da:b2:3e:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e Validity Not Before: Dec 21 14:01:31 2025 GMT Not After : Dec 22 14:01:31 2025 GMT Subject: CN=f75d5182ed2b149045d98c174fe280c2e5fb9b2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:a0:aa:f1:9f:cd:9d:4b:bf:44:8f:68:dc:60: 0a:3f:4e:c2:77:a2:49:f6:e5:46:b7:75:45:bb:b3: 03:4b:eb:d0:cd:25:a9:3d:fd:6f:ff:83:6d:51:9f: b0:7a:93:2e:04:20:b1:9f:64:16:04:fa:39:2a:16: 58:00:b9:17:9b:96:49:a9:5d:8a:7c:76:93:47:b8: 87:a9:e8:46:b6:5a:16:a4:89:62:3e:03:b6:de:9b: df:3f:85:9f:6b:6b:17:59:ed:8b:20:fd:81:dc:4c: fc:1e:a1:a6:af:4a:09:e7:13:81:5a:25:62:93:99: 0f:11:92:25:c3:95:7e:34:7b:a9:be:15:8e:ff:f2: a0:e6:49:83:a4:8f:59:73:15:9f:f0:23:31:31:f8: 8a:df:71:16:01:c8:ab:99:3b:0f:b9:a0:53:a5:ec: 0e:55:89:bd:3c:fc:0e:c5:60:54:e9:0f:fe:5f:2b: b9:54:0d:10:c0:81:d1:61:89:38:c7:3a:5a:40:e3: ad:21:22:7c:bc:06:dd:d0:be:20:1c:ea:39:1d:3c: 99:c7:ef:b8:72:18:47:d9:6d:21:52:ea:ce:87:b9: 37:13:89:42:4a:e2:a6:14:79:d2:6d:93:bd:d0:bf: 8a:ca:ca:bd:38:73:90:88:91:78:59:df:31:e7:df: cf:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:5D:51:82:ED:2B:14:90:45:D9:8C:17:4F:E2:80:C2:E5:FB:9B:2C X509v3 Authority Key Identifier: keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:d2:b6:4a:af:58:9a:77:b4:c2:c9:7b:69:d6:0c:8f:11:b2: 3c:a5:9a:85:a3:5d:17:be:4c:ba:0e:bd:54:52:66:c4:9e:fb: d5:d0:25:9e:bd:84:e3:c3:4f:51:33:31:b0:5d:8e:da:c6:69: 51:6e:14:84:20:23:ce:86:de:8c:2d:dc:86:1b:92:48:49:f2: 8d:99:a8:ee:e1:a7:48:03:ae:69:b6:cf:bb:06:38:2d:50:c9: 7a:37:bb:02:97:ad:50:4f:21:53:04:3d:77:cf:b8:3e:41:43: 28:32:b7:8f:26:33:8f:b9:7a:7b:b2:c5:99:b5:d7:7a:be:87: dc:d9:2d:77:e9:b8:fc:f0:80:5c:c2:75:c1:8e:a1:b9:b0:5f: 71:22:fb:19:d0:b9:11:d1:72:f8:4c:73:1c:07:94:0c:77:21: d7:b7:36:48:bd:91:94:19:52:fd:e0:c7:cf:c3:c6:23:14:fa: 98:69:84:38:45:20:73:46:06:94:52:2c:34:13:69:84:ae:d5: 22:7b:5f:15:0e:eb:77:c9:37:5a:46:f1:1e:fa:67:0d:70:ef: 42:0f:16:27:4d:78:7a:57:6a:df:6d:a4:65:c6:f9:43:64:a7: d7:bb:e8:39:b1:9e:7b:24:bc:a9:2f:70:f9:98:2e:78:22:f6: f7:32:8b:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNydUM/N61kLIMmHasj7vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw YWFjMWUwHhcNMjUxMjIxMTQwMTMxWhcNMjUxMjIyMTQwMTMxWjAzMTEwLwYDVQQD EyhmNzVkNTE4MmVkMmIxNDkwNDVkOThjMTc0ZmUyODBjMmU1ZmI5YjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qCq8Z/NnUu/RI9o3GAKP07Cd6JJ 9uVGt3VFu7MDS+vQzSWpPf1v/4NtUZ+wepMuBCCxn2QWBPo5KhZYALkXm5ZJqV2K fHaTR7iHqehGtloWpIliPgO23pvfP4Wfa2sXWe2LIP2B3Ez8HqGmr0oJ5xOBWiVi k5kPEZIlw5V+NHupvhWO//Kg5kmDpI9ZcxWf8CMxMfiK33EWAcirmTsPuaBTpewO VYm9PPwOxWBU6Q/+Xyu5VA0QwIHRYYk4xzpaQOOtISJ8vAbd0L4gHOo5HTyZx++4 chhH2W0hUurOh7k3E4lCSuKmFHnSbZO90L+Kysq9OHOQiJF4Wd8x59/PtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPddUYLtKxSQRdmMF0/igMLl+5ssMB8GA1UdIwQY MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdK2Sq9Y mne0wsl7adYMjxGyPKWahaNdF75Mug69VFJmxJ771dAlnr2E48NPUTMxsF2O2sZp UW4UhCAjzobejC3chhuSSEnyjZmo7uGnSAOuabbPuwY4LVDJeje7ApetUE8hUwQ9 d8+4PkFDKDK3jyYzj7l6e7LFmbXXer6H3Nktd+m4/PCAXMJ1wY6hubBfcSL7GdC5 EdFy+ExzHAeUDHch17c2SL2RlBlS/eDHz8PGIxT6mGmEOEUgc0YGlFIsNBNphK7V IntfFQ7rd8k3WkbxHvpnDXDvQg8WJ014eldq322kZcb5Q2Sn17voObGeeyS8qS9w +ZgueCL29zKLJg== -----END CERTIFICATE-----Generated at Sun Dec 21 20:55:18 2025 by rpki-client