This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json) Hash identifier: QS7BoSGXL6jPcbDFySR9rGybRey9bFbsDO8sHVtlgRE= Subject key identifier: E1:83:FA:EC:93:2C:2A:48:9E:C9:84:06:E4:0B:65:6F:12:1A:F3:DF Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32 Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832 Certificate serial: 019AF1D229A4753CDC1BCC976DBE1209A3E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft Manifest number: 0587 Signing time: Sat 06 Dec 2025 04:01:13 +0000 Manifest this update: Sat 06 Dec 2025 04:01:13 +0000 Manifest next update: Sun 07 Dec 2025 04:01:13 +0000 Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: cXgvbyRpQPQkqT5RUqXNp11HKpxGj6dn49Eqh2PLuWA=) 2: 8xRb-DPzCzHiHinhBGSiJKFCfq0.roa (hash: A9plqAZ6tW823XWa6YGs85LIMKZtOqJdz/q0S+8zYRE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:29:a4:75:3c:dc:1b:cc:97:6d:be:12:09:a3:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832 Validity Not Before: Dec 6 04:01:13 2025 GMT Not After : Dec 7 04:01:13 2025 GMT Subject: CN=e183faec932c2a489ec98406e40b656f121af3df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ab:e8:0b:20:d8:94:40:b4:0f:25:b6:6d:41: fc:5b:bc:d2:7e:18:66:af:59:23:36:76:73:69:7c: f0:22:8b:f2:b3:50:78:07:7e:32:34:4c:63:92:09: a2:af:26:3d:4c:56:b8:a9:03:6c:a7:06:1a:83:08: d5:b2:6f:e8:dd:33:07:0f:07:18:40:87:ed:b8:32: a1:97:f9:a2:7d:0f:d3:15:5c:42:61:a6:1e:ad:37: ca:d6:95:e9:3e:f7:72:fb:6f:a0:48:de:30:22:72: ff:90:39:2a:05:77:4f:08:e4:de:3c:03:72:98:60: 3b:e9:90:03:a7:13:eb:86:c5:ad:ff:62:ee:94:fe: 68:67:06:af:eb:4d:50:63:4f:f6:2c:f8:9b:76:51: 8d:b5:ba:97:e6:ac:1a:5f:d9:5f:69:af:ea:42:12: 14:a8:6e:55:dc:6d:2e:59:25:f7:8e:63:8c:65:96: 42:46:b1:8e:73:4f:e8:00:52:bf:c8:67:fd:e3:2a: 60:38:f2:30:db:d4:83:0a:69:72:a3:f6:8b:95:ad: 9b:7f:2a:89:cb:71:39:63:22:ca:93:a4:91:53:e9: 02:54:74:fe:d4:c6:61:5d:a1:b9:50:f8:fe:a0:05: b0:90:08:cc:77:f8:37:a8:2c:87:fa:4b:44:a9:53: 94:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:83:FA:EC:93:2C:2A:48:9E:C9:84:06:E4:0B:65:6F:12:1A:F3:DF X509v3 Authority Key Identifier: keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:0a:9d:93:9d:63:71:6a:6b:fb:8e:23:07:c5:aa:b1:ca:b1: dc:6b:86:3f:80:0e:51:49:0d:c0:17:a9:df:a7:20:d3:0b:d1: 7a:c6:79:c1:12:d7:65:d8:b9:a4:9f:52:47:2a:5e:40:bc:a6: f7:1c:8e:fb:0a:c2:3b:1c:f1:6c:48:6f:1f:7b:7f:a3:ee:33: ee:5d:0d:25:31:6c:01:d9:cb:71:c0:8f:ae:51:88:c1:a6:1f: 20:2e:1f:d4:2e:ac:a2:35:e1:fd:6a:9a:5e:9c:6d:9b:1f:17: 2c:8c:2f:72:d5:ca:e8:7f:72:5c:8a:dd:70:5f:b5:b1:aa:f6: 97:6f:2b:e1:b4:7e:3c:ab:6b:3d:00:7a:50:df:6a:e1:41:55: a8:87:40:2a:5c:87:f6:ab:8e:55:5e:ec:67:a6:58:b1:51:8e: ba:48:3a:b7:13:4c:1f:03:35:54:6c:96:b8:dc:2f:23:9b:70: f5:06:4e:f5:57:dd:56:6f:0d:4b:15:f1:31:a3:b9:79:58:3e: 32:75:13:82:eb:c8:17:c3:c3:a0:f6:b9:56:a4:58:66:b7:61: 87:92:39:5a:9d:41:11:30:33:21:fb:63:ea:b3:9b:5e:dd:bf: 92:02:9b:da:9f:6e:08:10:0e:b9:d1:26:c9:c7:5e:7b:9d:be: f3:fa:06:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0imkdTzcG8yXbb4SCaPgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy NTI4MzIwHhcNMjUxMjA2MDQwMTEzWhcNMjUxMjA3MDQwMTEzWjAzMTEwLwYDVQQD EyhlMTgzZmFlYzkzMmMyYTQ4OWVjOTg0MDZlNDBiNjU2ZjEyMWFmM2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6voCyDYlEC0DyW2bUH8W7zSfhhm r1kjNnZzaXzwIovys1B4B34yNExjkgmiryY9TFa4qQNspwYagwjVsm/o3TMHDwcY QIftuDKhl/mifQ/TFVxCYaYerTfK1pXpPvdy+2+gSN4wInL/kDkqBXdPCOTePANy mGA76ZADpxPrhsWt/2LulP5oZwav601QY0/2LPibdlGNtbqX5qwaX9lfaa/qQhIU qG5V3G0uWSX3jmOMZZZCRrGOc0/oAFK/yGf94ypgOPIw29SDCmlyo/aLla2bfyqJ y3E5YyLKk6SRU+kCVHT+1MZhXaG5UPj+oAWwkAjMd/g3qCyH+ktEqVOUtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOGD+uyTLCpInsmEBuQLZW8SGvPfMB8GA1UdIwQY MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFgqdk51j cWpr+44jB8Wqscqx3GuGP4AOUUkNwBep36cg0wvResZ5wRLXZdi5pJ9SRypeQLym 9xyO+wrCOxzxbEhvH3t/o+4z7l0NJTFsAdnLccCPrlGIwaYfIC4f1C6sojXh/Wqa Xpxtmx8XLIwvctXK6H9yXIrdcF+1sar2l28r4bR+PKtrPQB6UN9q4UFVqIdAKlyH 9quOVV7sZ6ZYsVGOukg6txNMHwM1VGyWuNwvI5tw9QZO9VfdVm8NSxXxMaO5eVg+ MnUTguvIF8PDoPa5VqRYZrdhh5I5Wp1BETAzIftj6rObXt2/kgKb2p9uCBAOudEm ycdee52+8/oGww== -----END CERTIFICATE-----Generated at Sat Dec 6 06:57:33 2025 by rpki-client