This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft File: APkIwDKKjpc_pArFL8M359PE_tA.mft (raw, json) Hash identifier: cY4lDOYM7hcPcaurJVRcjO+fA9VqhX6PYxcNQ3sby94= Subject key identifier: 8B:BF:41:9C:EF:10:7B:27:A0:2F:FB:61:CA:C8:41:77:52:D8:22:BC Authority key identifier: 00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0 Certificate issuer: /CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0 Certificate serial: 019AF31B304D78CEA69DC58B6073F5D8816C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 10:00:36 +0000 Manifest this update: Sat 06 Dec 2025 10:00:36 +0000 Manifest next update: Sun 07 Dec 2025 10:00:36 +0000 Files and hashes: 1: APkIwDKKjpc_pArFL8M359PE_tA.crl (hash: B38qlTuP3fuCwIZQBzlwKJZtbSyM6K4eN+Mun0Ms4LE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:30:4d:78:ce:a6:9d:c5:8b:60:73:f5:d8:81:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0 Validity Not Before: Dec 6 10:00:36 2025 GMT Not After : Dec 7 10:00:36 2025 GMT Subject: CN=8bbf419cef107b27a02ffb61cac8417752d822bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d1:b8:83:9b:0c:17:54:21:0a:fe:c7:1e:77: 05:f3:bb:3d:2e:02:1b:65:80:bd:73:b8:05:50:4c: 59:0e:42:37:99:c2:2d:78:e3:4a:59:ef:f1:28:b3: 5e:62:7b:23:56:be:10:7f:9a:57:5c:87:13:01:ee: b8:fa:45:03:d4:cc:f9:8f:cc:ae:de:76:e2:66:25: 87:d2:28:90:ee:25:0b:ac:63:8f:97:b2:d6:14:41: 06:0e:fe:61:8f:dc:49:63:7b:aa:a2:5a:9a:94:78: c7:ff:19:01:39:1d:19:59:80:ee:c0:1c:b0:b5:4b: c8:ad:e4:b3:99:68:d2:5b:42:a8:c6:32:16:8d:f8: 18:d8:ad:df:71:cd:0e:51:8b:4a:55:bd:d2:5d:f9: 27:a7:20:4c:b7:69:f5:4e:f2:55:6c:5b:e0:18:cb: 61:99:1c:50:a9:43:53:03:3c:9f:e9:0e:f6:0a:92: 49:22:45:1b:f2:b2:6b:05:9c:52:10:ab:b2:89:5a: 70:17:66:a7:45:be:4a:f8:f1:0d:d6:36:35:6b:b7: 05:18:53:f4:0e:0a:b7:da:12:e3:00:2b:6a:c0:f1: 8c:b5:3f:38:22:16:8f:b4:c2:27:f4:90:a4:05:7d: c4:84:44:13:d6:d7:8f:0c:15:89:8b:a5:4f:66:be: ee:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:BF:41:9C:EF:10:7B:27:A0:2F:FB:61:CA:C8:41:77:52:D8:22:BC X509v3 Authority Key Identifier: keyid:00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:6b:01:d2:e7:2a:d4:50:17:93:d7:fa:58:2d:eb:fd:85:0b: 90:a1:07:71:c0:12:c6:c2:27:32:cf:8c:bb:75:ce:6f:33:01: 1f:d7:79:86:e3:75:4a:92:08:8b:fb:3a:fc:83:18:92:7b:83: 4e:bb:49:f2:2f:4c:f6:3f:e2:cd:f6:47:df:bf:f8:72:06:55: 34:a6:90:98:ed:26:ea:5c:76:f9:72:a9:6d:1e:f8:3d:a1:00: 66:57:7a:05:d1:09:a5:ac:27:a4:26:bf:b2:a2:42:1c:72:29: 0e:68:60:f3:98:43:b0:b0:45:ed:42:d7:66:11:0d:db:39:5d: 08:08:dd:3b:e5:cc:4b:fe:ac:03:25:ad:3a:c3:66:dd:b0:07: 3a:52:d4:fa:a3:9d:99:3f:de:1e:21:e4:5a:68:3c:bd:30:d2: fc:5d:05:80:c3:d8:3b:b9:41:0d:89:71:d7:13:42:49:50:9c: 16:4f:3d:34:64:05:79:e9:a2:eb:55:3c:8a:9a:c6:0c:72:7f: 5d:88:e3:9f:80:ac:70:2a:0b:2c:6b:a4:29:21:18:f5:18:dc: c1:00:cb:63:4a:5d:3e:ca:98:d9:ad:e0:68:56:15:27:9c:70: 1c:c5:b7:46:46:73:62:dd:51:dd:be:8c:72:e1:0d:e5:d1:ec: eb:ed:fb:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGzBNeM6mncWLYHP12IFsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZjkwOGMwMzI4YThlOTczZmE0MGFjNTJmYzMzN2U3ZDNj NGZlZDAwHhcNMjUxMjA2MTAwMDM2WhcNMjUxMjA3MTAwMDM2WjAzMTEwLwYDVQQD Eyg4YmJmNDE5Y2VmMTA3YjI3YTAyZmZiNjFjYWM4NDE3NzUyZDgyMmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9G4g5sMF1QhCv7HHncF87s9LgIb ZYC9c7gFUExZDkI3mcIteONKWe/xKLNeYnsjVr4Qf5pXXIcTAe64+kUD1Mz5j8yu 3nbiZiWH0iiQ7iULrGOPl7LWFEEGDv5hj9xJY3uqolqalHjH/xkBOR0ZWYDuwByw tUvIreSzmWjSW0KoxjIWjfgY2K3fcc0OUYtKVb3SXfknpyBMt2n1TvJVbFvgGMth mRxQqUNTAzyf6Q72CpJJIkUb8rJrBZxSEKuyiVpwF2anRb5K+PEN1jY1a7cFGFP0 Dgq32hLjACtqwPGMtT84IhaPtMIn9JCkBX3EhEQT1tePDBWJi6VPZr7unQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIu/QZzvEHsnoC/7YcrIQXdS2CK8MB8GA1UdIwQY MBaAFAD5CMAyio6XP6QKxS/DN+fTxP7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEt N2RlY2YxZTQ3ODY1LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEtN2RlY2YxZTQ3ODY1 LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq2sB0ucq 1FAXk9f6WC3r/YULkKEHccASxsInMs+Mu3XObzMBH9d5huN1SpIIi/s6/IMYknuD TrtJ8i9M9j/izfZH37/4cgZVNKaQmO0m6lx2+XKpbR74PaEAZld6BdEJpawnpCa/ sqJCHHIpDmhg85hDsLBF7ULXZhEN2zldCAjdO+XMS/6sAyWtOsNm3bAHOlLU+qOd mT/eHiHkWmg8vTDS/F0FgMPYO7lBDYlx1xNCSVCcFk89NGQFeemi61U8iprGDHJ/ XYjjn4CscCoLLGukKSEY9RjcwQDLY0pdPsqY2a3gaFYVJ5xwHMW3RkZzYt1R3b6M cuEN5dHs6+37Nw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:29:04 2025 by rpki-client