This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft File: AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json) Hash identifier: d2P8pqoe0tlie7vlxWnPiuDNmD9GSWpkKMXufa5dIKA= Subject key identifier: 5A:7F:77:73:56:60:A8:14:B4:9E:A8:39:E5:BB:F2:6E:84:D5:90:E3 Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1 Certificate issuer: /CN=0050348cf60642f54ec90724de78aaa03dcd38e1 Certificate serial: 019AF50A3F678050F61D3D8EECA38F45967B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft Manifest number: 0F0E Signing time: Sat 06 Dec 2025 19:01:20 +0000 Manifest this update: Sat 06 Dec 2025 19:01:20 +0000 Manifest next update: Sun 07 Dec 2025 19:01:20 +0000 Files and hashes: 1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: ruZbZf2elpwyhAr37N0P42e+niDh7LQ9lVxZRif9sfQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:3f:67:80:50:f6:1d:3d:8e:ec:a3:8f:45:96:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1 Validity Not Before: Dec 6 19:01:20 2025 GMT Not After : Dec 7 19:01:20 2025 GMT Subject: CN=5a7f77735660a814b49ea839e5bbf26e84d590e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:04:07:03:40:0e:bd:73:e9:ca:eb:fc:a4:8e: d3:f1:c1:2a:b0:8c:a6:1b:58:0d:c2:fc:59:bc:ad: 76:e1:bf:b6:39:cf:a4:bb:e1:a6:fe:1e:f4:5d:d5: 4a:13:3c:ce:22:4e:2a:1d:04:5b:26:90:b8:26:18: 44:ae:0c:a6:06:66:52:d8:c2:c5:8e:1b:58:65:d3: 63:fb:05:bd:82:c0:4f:2f:da:d7:a2:16:a7:85:aa: 69:ba:27:1e:af:f1:d9:d8:86:a4:63:da:04:67:17: 30:d7:26:6f:8f:65:13:02:c3:d9:6a:dc:a7:51:d8: e8:8c:01:3a:4a:f2:00:e9:7c:a2:a7:1f:fd:ad:84: 17:4a:58:a6:da:2b:0d:43:1c:1a:bf:b0:a2:25:24: f7:ee:a8:fb:69:3f:71:87:fc:21:5f:8e:6f:66:c1: 67:b2:d0:bf:30:30:b8:3d:ce:c9:36:db:d0:f9:eb: 73:16:6e:00:ba:3b:e8:71:60:0a:10:20:3b:d3:67: 64:3c:2b:47:40:25:a2:c8:96:5c:8a:58:5d:e5:44: 67:64:6d:24:86:40:ee:93:1a:0c:f5:02:7d:1f:9c: 9c:29:2c:b0:9f:7e:a6:3c:8c:f9:1d:c2:72:8c:51: e2:97:75:0e:54:ce:8a:93:2a:63:69:71:82:46:50: c0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:7F:77:73:56:60:A8:14:B4:9E:A8:39:E5:BB:F2:6E:84:D5:90:E3 X509v3 Authority Key Identifier: keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:e4:ae:0e:b4:74:f7:20:7c:3a:73:ec:eb:3d:0a:46:12:ad: 17:25:4e:38:37:7a:5e:76:04:63:d0:23:91:94:08:4e:59:18: a4:08:4c:03:e4:79:e2:e2:c5:19:6b:64:16:65:d0:26:6c:21: 33:5b:d4:aa:63:cc:86:e7:ab:9c:b5:b0:fd:6c:9c:0d:35:0e: f2:e0:b2:0a:4c:6f:7d:c1:d2:e2:2c:84:44:80:79:45:62:db: 26:5f:1b:a9:cf:2c:5d:14:d0:33:8d:3a:1f:e3:04:6f:26:f6: 92:3d:2a:24:ac:d6:a3:ef:25:e3:91:72:5a:1c:6a:61:50:3c: 14:81:57:5c:af:cd:39:13:ac:2f:aa:4c:ce:75:f6:ff:ba:b4: 52:fc:74:55:e0:a8:1c:3e:2b:6f:db:28:12:df:2e:ec:ba:86: 3d:ec:7a:a5:8f:11:2f:36:74:90:47:5e:b0:7e:26:07:4d:24: ca:22:c9:78:de:92:e6:e0:f6:6d:03:28:f7:da:39:ba:71:02: 8d:d6:fe:a1:5d:04:29:20:f2:20:7d:e7:38:91:63:44:0d:91: 66:2e:32:ac:52:6d:a1:2c:68:80:17:08:c4:bb:4b:eb:43:55: ec:8c:e5:1d:4d:ca:36:87:c5:73:76:d9:20:33:84:ed:c6:90: 73:29:e3:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cj9ngFD2HT2O7KOPRZZ7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj ZDM4ZTEwHhcNMjUxMjA2MTkwMTIwWhcNMjUxMjA3MTkwMTIwWjAzMTEwLwYDVQQD Eyg1YTdmNzc3MzU2NjBhODE0YjQ5ZWE4MzllNWJiZjI2ZTg0ZDU5MGUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwQHA0AOvXPpyuv8pI7T8cEqsIym G1gNwvxZvK124b+2Oc+ku+Gm/h70XdVKEzzOIk4qHQRbJpC4JhhErgymBmZS2MLF jhtYZdNj+wW9gsBPL9rXohanhappuicer/HZ2IakY9oEZxcw1yZvj2UTAsPZatyn UdjojAE6SvIA6Xyipx/9rYQXSlim2isNQxwav7CiJST37qj7aT9xh/whX45vZsFn stC/MDC4Pc7JNtvQ+etzFm4AujvocWAKECA702dkPCtHQCWiyJZcilhd5URnZG0k hkDukxoM9QJ9H5ycKSywn36mPIz5HcJyjFHil3UOVM6KkypjaXGCRlDAvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFp/d3NWYKgUtJ6oOeW78m6E1ZDjMB8GA1UdIwQY MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2 LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI+SuDrR0 9yB8OnPs6z0KRhKtFyVOODd6XnYEY9AjkZQITlkYpAhMA+R54uLFGWtkFmXQJmwh M1vUqmPMhuernLWw/WycDTUO8uCyCkxvfcHS4iyERIB5RWLbJl8bqc8sXRTQM406 H+MEbyb2kj0qJKzWo+8l45FyWhxqYVA8FIFXXK/NOROsL6pMznX2/7q0Uvx0VeCo HD4rb9soEt8u7LqGPex6pY8RLzZ0kEdesH4mB00kyiLJeN6S5uD2bQMo99o5unEC jdb+oV0EKSDyIH3nOJFjRA2RZi4yrFJtoSxogBcIxLtL60NV7IzlHU3KNofFc3bZ IDOE7caQcynjfA== -----END CERTIFICATE-----Generated at Sun Dec 7 04:52:48 2025 by rpki-client