This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft File: afAHCvh31rmGswe5vATvGcRAQz0.mft (raw, json) Hash identifier: KVz5e5Ibjj0lqjXRKMWs4Q9DF0U2rqoMIOd03I05RFQ= Subject key identifier: 65:BE:85:70:AF:73:96:23:91:C8:60:A7:58:C5:BB:A5:9C:CE:D7:61 Authority key identifier: 69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D Certificate issuer: /CN=69f0070af877d6b986b307b9bc04ef19c440433d Certificate serial: 019AF12DF03326B1FA06A0FFB71198676B5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft Manifest number: 0995 Signing time: Sat 06 Dec 2025 01:01:50 +0000 Manifest this update: Sat 06 Dec 2025 01:01:50 +0000 Manifest next update: Sun 07 Dec 2025 01:01:50 +0000 Files and hashes: 1: 5m0E4hrlymj_oPq4RutDZTBvpFc.roa (hash: D3u2GpmWvvHTn4HOSLwFPi92ntWCyeD4rYP1qp5He0g=) 2: afAHCvh31rmGswe5vATvGcRAQz0.crl (hash: YHbbupptBWXyJ5AjfvuaLB6WQzssm87nFmpRunqLdTA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f0:33:26:b1:fa:06:a0:ff:b7:11:98:67:6b:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69f0070af877d6b986b307b9bc04ef19c440433d Validity Not Before: Dec 6 01:01:50 2025 GMT Not After : Dec 7 01:01:50 2025 GMT Subject: CN=65be8570af73962391c860a758c5bba59cced761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ac:8c:56:0a:b0:28:9b:3b:51:e4:fe:eb:37: 82:13:52:e1:a1:db:9a:57:76:d9:ed:58:ea:61:19: 2b:6b:92:16:89:06:0b:4c:e9:09:d0:73:87:60:12: e9:54:84:0e:40:12:cd:40:b5:d3:09:1a:21:55:f3: b8:09:19:e9:a4:f1:cb:ce:74:64:a3:b4:59:fd:67: b8:c1:e1:3e:e1:25:16:fa:62:15:9d:6b:c7:2e:3d: e4:52:b8:96:60:02:14:64:5d:ab:fc:92:41:87:ec: 7d:f6:60:9e:c1:97:ef:88:34:43:ae:53:ed:76:95: 96:c0:b1:ac:d4:41:18:b5:7e:f7:85:a1:49:2d:90: e8:9c:5a:5b:5d:b8:95:16:15:e7:70:58:5d:b8:0c: 83:53:c8:43:c1:ad:53:52:4f:53:92:bc:5f:65:c9: d7:b5:25:84:58:8b:92:a1:56:12:09:c7:59:2d:f2: cc:19:26:d5:77:fb:20:47:0c:e3:17:6c:94:0c:52: db:84:4a:f9:d3:1b:1e:d2:8e:b8:78:d5:48:d9:7f: eb:b9:1b:01:2a:9b:50:68:fa:85:68:91:d2:d9:4b: 55:2f:dc:a4:51:13:20:0a:90:66:8f:ee:28:34:37: 5b:c4:6f:36:3d:1e:b8:32:61:27:7a:28:a3:ef:4b: 8a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:BE:85:70:AF:73:96:23:91:C8:60:A7:58:C5:BB:A5:9C:CE:D7:61 X509v3 Authority Key Identifier: keyid:69:F0:07:0A:F8:77:D6:B9:86:B3:07:B9:BC:04:EF:19:C4:40:43:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afAHCvh31rmGswe5vATvGcRAQz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ab9fa6-a906-4ac4-ac0c-6389220b26c6/1/afAHCvh31rmGswe5vATvGcRAQz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:6a:ff:d0:06:24:18:79:2a:ee:eb:fc:e7:fd:68:7c:67:84: 21:33:94:a2:0f:f5:3f:ff:0a:a2:a8:1e:50:5d:1f:f8:c6:b3: f1:b8:72:08:ac:1d:d5:e5:94:be:4c:9f:40:b5:1f:d1:73:09: 7d:38:ee:2d:4a:97:12:26:11:f5:16:8d:93:19:33:dd:8a:10: 69:63:fe:e3:00:45:87:f7:3f:71:56:97:99:48:f1:56:85:29: 41:67:e2:2b:57:76:29:16:9c:24:c4:7b:ec:29:ed:cb:bd:f5: 21:d2:87:91:02:9a:06:e2:0f:7b:78:12:ba:37:63:a0:7e:d5: 55:a4:97:e5:e0:56:ea:b8:ed:b1:54:2b:73:e4:45:2a:46:e3: 37:d8:8d:0f:41:8b:82:03:f8:f4:d3:84:ef:ff:b2:01:6d:3e: cb:1d:6b:03:24:8f:a1:bf:25:88:b6:86:87:99:c1:75:36:4b: 29:24:c7:17:ca:26:f0:0c:33:13:20:7f:80:3f:a5:f4:da:60: b2:39:91:68:59:34:d5:30:3d:c7:d2:51:52:64:c3:b0:56:ea: cc:6e:b3:ae:fa:e0:dd:a3:40:87:f9:06:c0:37:a4:c3:45:c7: 67:09:a3:6a:26:4a:6b:f2:64:36:cc:0a:fe:93:0e:99:80:f4: cc:05:72:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfAzJrH6BqD/txGYZ2taMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ZjAwNzBhZjg3N2Q2Yjk4NmIzMDdiOWJjMDRlZjE5YzQ0 MDQzM2QwHhcNMjUxMjA2MDEwMTUwWhcNMjUxMjA3MDEwMTUwWjAzMTEwLwYDVQQD Eyg2NWJlODU3MGFmNzM5NjIzOTFjODYwYTc1OGM1YmJhNTljY2VkNzYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6yMVgqwKJs7UeT+6zeCE1Lhodua V3bZ7VjqYRkra5IWiQYLTOkJ0HOHYBLpVIQOQBLNQLXTCRohVfO4CRnppPHLznRk o7RZ/We4weE+4SUW+mIVnWvHLj3kUriWYAIUZF2r/JJBh+x99mCewZfviDRDrlPt dpWWwLGs1EEYtX73haFJLZDonFpbXbiVFhXncFhduAyDU8hDwa1TUk9TkrxfZcnX tSWEWIuSoVYSCcdZLfLMGSbVd/sgRwzjF2yUDFLbhEr50xse0o64eNVI2X/ruRsB KptQaPqFaJHS2UtVL9ykURMgCpBmj+4oNDdbxG82PR64MmEneiij70uKjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGW+hXCvc5Yjkchgp1jFu6WcztdhMB8GA1UdIwQY MBaAFGnwBwr4d9a5hrMHubwE7xnEQEM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMt NjM4OTIyMGIyNmM2LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9hYjlmYTYtYTkwNi00YWM0LWFjMGMtNjM4OTIyMGIyNmM2 LzEvYWZBSEN2aDMxcm1Hc3dlNXZBVHZHY1JBUXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWr/0AYk GHkq7uv85/1ofGeEITOUog/1P/8KoqgeUF0f+Maz8bhyCKwd1eWUvkyfQLUf0XMJ fTjuLUqXEiYR9RaNkxkz3YoQaWP+4wBFh/c/cVaXmUjxVoUpQWfiK1d2KRacJMR7 7Cnty731IdKHkQKaBuIPe3gSujdjoH7VVaSX5eBW6rjtsVQrc+RFKkbjN9iND0GL ggP49NOE7/+yAW0+yx1rAySPob8liLaGh5nBdTZLKSTHF8om8AwzEyB/gD+l9Npg sjmRaFk01TA9x9JRUmTDsFbqzG6zrvrg3aNAh/kGwDekw0XHZwmjaiZKa/JkNswK /pMOmYD0zAVyoA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:26:08 2025 by rpki-client