This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft File: AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json) Hash identifier: P9UjhW8yXmpQALoXuIur37AYudHDrEVirKttDcG2L9g= Subject key identifier: CE:3F:11:24:04:0B:02:1D:67:7F:D6:6F:1A:2E:81:5C:F6:5D:9A:D7 Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C Certificate issuer: /CN=0248417c7fe9ccec5b9daacc08fce799d673088c Certificate serial: 019AF12EB790BFF30A8C2EA795975F4943C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft Manifest number: 0F97 Signing time: Sat 06 Dec 2025 01:02:41 +0000 Manifest this update: Sat 06 Dec 2025 01:02:41 +0000 Manifest next update: Sun 07 Dec 2025 01:02:41 +0000 Files and hashes: 1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: gF/oqG/1pP8A1n1l6X/TrHfyZ6t2P/af2+qpZWFmbOI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:b7:90:bf:f3:0a:8c:2e:a7:95:97:5f:49:43:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c Validity Not Before: Dec 6 01:02:41 2025 GMT Not After : Dec 7 01:02:41 2025 GMT Subject: CN=ce3f1124040b021d677fd66f1a2e815cf65d9ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8d:67:03:13:dc:4c:3e:bf:8a:60:0d:a2:81: fe:d9:97:06:09:a6:07:d3:48:86:b6:f2:b9:a4:a9: 59:f1:34:1b:14:61:66:3b:ac:91:55:30:f2:8f:eb: 1e:5f:9a:a6:df:27:80:ee:5c:ca:8b:e6:f7:a9:cd: c1:73:58:5b:a3:39:45:63:79:cd:71:66:a5:d0:88: 02:78:33:f3:b5:0f:1a:26:a5:97:9c:1e:f0:a9:fd: 8d:25:c5:e1:06:24:2e:87:cb:ea:69:14:f4:75:71: 65:7c:12:38:0f:84:e3:14:12:6d:5d:6a:95:58:32: bf:02:12:83:d9:0c:1e:9b:30:0b:86:83:62:0c:75: d5:78:26:9a:c1:ff:0d:c5:89:e1:3f:3b:d2:cd:7d: 88:0f:ab:1d:37:0f:ca:2c:be:59:28:83:e2:06:0c: 58:d2:d7:18:21:ac:34:9d:da:5a:b1:93:5f:80:ba: aa:c9:d4:bd:7c:e1:cf:d7:0f:91:ee:ee:2e:65:d7: cd:f5:a1:4f:8d:3e:1a:64:23:70:cd:b8:d5:ca:46: 7d:a7:d1:d7:58:1c:e9:5f:a1:06:05:63:68:c7:4f: dd:e7:69:5e:48:12:ab:ff:98:61:43:9a:d2:e6:80: 98:d1:95:cf:54:6b:3a:78:3e:6f:d0:20:12:7a:93: 78:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:3F:11:24:04:0B:02:1D:67:7F:D6:6F:1A:2E:81:5C:F6:5D:9A:D7 X509v3 Authority Key Identifier: keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:56:f5:48:74:c3:3a:a6:30:95:d1:96:a5:82:02:95:30:b4: 59:60:e7:03:b4:ab:d9:6b:66:69:be:ef:ce:5c:ac:90:93:8d: a5:67:c8:9f:cd:c7:48:d6:81:39:8a:88:85:83:6a:97:a8:b7: 4d:95:f0:22:4d:da:40:ba:b2:ae:e9:a5:93:6f:7f:f8:db:f9: f7:e2:4f:3a:89:58:15:be:bf:97:d1:42:2e:e2:e0:df:74:f0: f0:be:ef:8b:20:d3:3a:1c:5a:bc:07:55:fd:fd:c6:43:95:5c: 2a:3c:46:fd:93:ef:d9:94:f8:89:96:6f:bb:5e:03:11:7e:45: c3:5f:29:da:77:a7:de:6b:60:0a:17:66:08:f6:ad:cb:0a:2b: 47:57:44:54:50:cb:37:da:70:2f:27:0a:20:ed:01:59:9b:53: 6b:68:bf:7b:77:53:4a:fa:c5:3d:94:78:c4:b1:22:8e:66:6f: 16:90:d7:99:00:c2:13:bd:23:35:8a:45:33:69:ca:db:f4:35: dd:93:d8:bd:60:c6:79:93:b8:10:b0:6d:7c:dc:3c:dc:85:f3: 6a:2a:7a:e4:f7:9e:fd:34:84:b9:11:48:47:6f:65:9c:74:4d: f2:be:f1:bb:bb:71:fe:ed:c5:22:a6:37:34:c3:e9:c5:24:80: b2:5a:c7:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLreQv/MKjC6nlZdfSUPCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3 MzA4OGMwHhcNMjUxMjA2MDEwMjQxWhcNMjUxMjA3MDEwMjQxWjAzMTEwLwYDVQQD EyhjZTNmMTEyNDA0MGIwMjFkNjc3ZmQ2NmYxYTJlODE1Y2Y2NWQ5YWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA141nAxPcTD6/imANooH+2ZcGCaYH 00iGtvK5pKlZ8TQbFGFmO6yRVTDyj+seX5qm3yeA7lzKi+b3qc3Bc1hbozlFY3nN cWal0IgCeDPztQ8aJqWXnB7wqf2NJcXhBiQuh8vqaRT0dXFlfBI4D4TjFBJtXWqV WDK/AhKD2QwemzALhoNiDHXVeCaawf8NxYnhPzvSzX2ID6sdNw/KLL5ZKIPiBgxY 0tcYIaw0ndpasZNfgLqqydS9fOHP1w+R7u4uZdfN9aFPjT4aZCNwzbjVykZ9p9HX WBzpX6EGBWNox0/d52leSBKr/5hhQ5rS5oCY0ZXPVGs6eD5v0CASepN4IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4/ESQECwIdZ3/WbxougVz2XZrXMB8GA1UdIwQY MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2 LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVb1SHTD OqYwldGWpYIClTC0WWDnA7Sr2Wtmab7vzlyskJONpWfIn83HSNaBOYqIhYNql6i3 TZXwIk3aQLqyrumlk29/+Nv59+JPOolYFb6/l9FCLuLg33Tw8L7viyDTOhxavAdV /f3GQ5VcKjxG/ZPv2ZT4iZZvu14DEX5Fw18p2nen3mtgChdmCPatyworR1dEVFDL N9pwLycKIO0BWZtTa2i/e3dTSvrFPZR4xLEijmZvFpDXmQDCE70jNYpFM2nK2/Q1 3ZPYvWDGeZO4ELBtfNw83IXzaip65Pee/TSEuRFIR29lnHRN8r7xu7tx/u3FIqY3 NMPpxSSAslrH4Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:20:08 2025 by rpki-client