This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft File: AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json) Hash identifier: A57GUsTtiKODCVgQOFr8XPTotr5W0lsSnbt44S86ik4= Subject key identifier: A5:21:C3:74:3E:01:2E:CA:46:F0:3F:86:B7:92:E7:CA:AF:48:CD:B9 Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C Certificate issuer: /CN=0248417c7fe9ccec5b9daacc08fce799d673088c Certificate serial: 019B30E91E6441097618C6A6D4E39C6C357D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft Manifest number: 0FB8 Signing time: Thu 18 Dec 2025 10:02:22 +0000 Manifest this update: Thu 18 Dec 2025 10:02:22 +0000 Manifest next update: Fri 19 Dec 2025 10:02:22 +0000 Files and hashes: 1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: vc7DYvEr7r8mKjRMxBne4UTQLRui1ttTI12Tz2m4Jr8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e9:1e:64:41:09:76:18:c6:a6:d4:e3:9c:6c:35:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c Validity Not Before: Dec 18 10:02:22 2025 GMT Not After : Dec 19 10:02:22 2025 GMT Subject: CN=a521c3743e012eca46f03f86b792e7caaf48cdb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:17:66:1f:4d:36:7f:b4:72:2f:a8:aa:cd:37: e6:b3:5e:c9:1c:ba:06:7b:06:1e:5c:29:8a:f4:17: ac:53:d3:06:4e:3c:23:bb:50:15:9d:34:c8:2f:db: 4e:52:61:a4:97:f7:71:03:c1:5d:5f:6d:96:b8:e3: dc:b1:90:4e:3f:35:56:44:72:b4:b0:7b:a1:52:b1: e7:57:ec:be:44:3e:d8:20:f6:33:00:c6:52:b5:e4: c2:bd:c2:5c:98:e1:de:c6:4a:e5:51:81:aa:0b:b2: 40:72:ed:71:e9:0b:71:5d:be:03:f4:0b:ab:c2:ed: c6:4a:ea:90:a9:74:7d:d2:7e:8e:a1:81:8c:cc:a0: 15:9d:36:c1:ec:55:b9:05:cd:53:2f:30:ce:80:3a: 55:e7:2d:ea:3b:db:e0:89:a2:df:e2:eb:ef:a5:d5: 12:4d:15:2e:9a:c8:3b:83:23:46:7b:ff:32:bf:39: b9:0a:7d:13:44:58:08:92:b9:9e:48:a3:55:5f:f3: c4:74:b7:46:04:44:13:12:cd:64:3f:93:9b:52:f8: 91:36:90:d6:f7:a6:b5:bf:4f:06:d5:bd:61:3c:08: 4a:dd:7b:e1:7e:da:35:d4:31:5e:bb:c2:57:c6:cc: e5:ad:6d:32:34:40:57:bf:27:78:a6:7d:d5:2f:bc: 89:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:21:C3:74:3E:01:2E:CA:46:F0:3F:86:B7:92:E7:CA:AF:48:CD:B9 X509v3 Authority Key Identifier: keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:c6:04:9b:0a:e2:fe:43:c8:b7:db:75:03:5b:fe:a7:da:e7: 67:65:6d:3f:ff:58:86:65:a6:85:7a:e7:c6:f0:c9:e9:4e:1c: 5a:b1:84:2f:03:a6:18:0a:b5:e4:1e:a6:93:0b:64:88:f8:51: 74:65:ca:0f:3e:88:89:7e:68:46:24:d6:28:93:83:08:38:85: fb:41:72:0d:d4:cb:58:50:0f:5f:00:91:ab:60:fb:cb:d5:f6: 5f:be:ce:5f:01:ab:19:31:03:86:64:a8:d0:13:06:8b:5d:b7: 5e:3e:f0:fd:51:1f:ea:d6:46:49:06:3e:7b:d2:85:bb:c0:cd: 19:a3:2c:2d:ea:1c:fb:20:b8:ab:9d:6f:5d:1b:62:1d:7d:65: 2a:e6:fb:09:3b:74:3b:53:40:22:33:f3:0a:6c:d0:c5:ff:f3: 21:39:15:99:a1:79:ec:73:8b:88:0f:59:7a:83:1d:fb:17:a4: fc:62:7f:1f:ee:b5:bf:05:12:5b:45:c2:9b:5a:ea:e9:08:75: a7:ef:2a:cd:d7:9b:66:0b:a2:1a:b6:d1:63:e5:6a:82:9a:ad: 73:9f:b8:35:61:a9:01:fa:91:c0:8b:2c:95:90:f0:08:7f:71: c2:95:63:9f:15:ff:15:00:d6:e2:72:10:97:92:ed:0e:3d:e5: f5:3e:2a:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6R5kQQl2GMam1OOcbDV9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3 MzA4OGMwHhcNMjUxMjE4MTAwMjIyWhcNMjUxMjE5MTAwMjIyWjAzMTEwLwYDVQQD EyhhNTIxYzM3NDNlMDEyZWNhNDZmMDNmODZiNzkyZTdjYWFmNDhjZGI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBdmH002f7RyL6iqzTfms17JHLoG ewYeXCmK9BesU9MGTjwju1AVnTTIL9tOUmGkl/dxA8FdX22WuOPcsZBOPzVWRHK0 sHuhUrHnV+y+RD7YIPYzAMZSteTCvcJcmOHexkrlUYGqC7JAcu1x6QtxXb4D9Aur wu3GSuqQqXR90n6OoYGMzKAVnTbB7FW5Bc1TLzDOgDpV5y3qO9vgiaLf4uvvpdUS TRUumsg7gyNGe/8yvzm5Cn0TRFgIkrmeSKNVX/PEdLdGBEQTEs1kP5ObUviRNpDW 96a1v08G1b1hPAhK3Xvhfto11DFeu8JXxszlrW0yNEBXvyd4pn3VL7yJ1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUhw3Q+AS7KRvA/hreS58qvSM25MB8GA1UdIwQY MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2 LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASsYEmwri /kPIt9t1A1v+p9rnZ2VtP/9YhmWmhXrnxvDJ6U4cWrGELwOmGAq15B6mkwtkiPhR dGXKDz6IiX5oRiTWKJODCDiF+0FyDdTLWFAPXwCRq2D7y9X2X77OXwGrGTEDhmSo 0BMGi123Xj7w/VEf6tZGSQY+e9KFu8DNGaMsLeoc+yC4q51vXRtiHX1lKub7CTt0 O1NAIjPzCmzQxf/zITkVmaF57HOLiA9ZeoMd+xek/GJ/H+61vwUSW0XCm1rq6Qh1 p+8qzdebZguiGrbRY+Vqgpqtc5+4NWGpAfqRwIsslZDwCH9xwpVjnxX/FQDW4nIQ l5LtDj3l9T4qLA== -----END CERTIFICATE-----Generated at Thu Dec 18 17:38:25 2025 by rpki-client