This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft File: Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json) Hash identifier: HkkvuWdcMP1g9rTzbMRGc0Z1f/nPcFR/dJ0N5eIVVtU= Subject key identifier: 11:6A:6A:E4:7E:7F:97:12:12:71:52:3D:3B:72:97:3D:A9:E8:E4:EB Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84 Certificate issuer: /CN=01fa7aacf89284cebdde3d4c12462fc44debc384 Certificate serial: 019AF5E5BA7358CBEF72FA372DC1C94DE9D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft Manifest number: 0CFF Signing time: Sat 06 Dec 2025 23:01:04 +0000 Manifest this update: Sat 06 Dec 2025 23:01:04 +0000 Manifest next update: Sun 07 Dec 2025 23:01:04 +0000 Files and hashes: 1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: M6VxUn3BCqvGBqktYeksT4oeGS6zsynNhuRpRqsnk58=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e5:ba:73:58:cb:ef:72:fa:37:2d:c1:c9:4d:e9:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384 Validity Not Before: Dec 6 23:01:04 2025 GMT Not After : Dec 7 23:01:04 2025 GMT Subject: CN=116a6ae47e7f97121271523d3b72973da9e8e4eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:de:1e:b0:55:7a:3d:28:ce:13:28:00:8b:c1: 1d:cc:8f:aa:4a:6f:a1:9d:c0:42:76:8a:14:2d:85: ef:54:a3:e6:ea:cf:c1:51:5f:3c:76:4a:bb:d0:82: d3:09:06:c6:37:ea:37:f5:b0:d1:ad:47:e9:4c:84: 27:b8:53:19:0e:66:fc:d7:a2:ca:90:9d:24:80:2b: b5:b6:b9:44:e9:6e:76:57:83:ea:af:b6:55:a0:36: c7:42:b0:e0:42:2b:3e:cd:aa:0c:1e:b1:10:2a:95: 46:ab:2f:c5:8b:86:79:91:2a:de:92:10:9f:9b:b9: 01:1d:b3:77:a7:5c:61:13:48:c3:53:50:92:2f:8c: 59:2f:00:05:1d:46:3d:5e:c1:87:16:95:24:3d:b7: b6:bc:fd:10:38:f1:96:d3:47:6a:52:08:b3:bb:30: 33:db:56:75:9f:7c:8c:73:fa:71:21:1f:a7:76:0a: 71:93:26:e4:b5:8a:08:57:ae:fa:3a:fb:91:18:71: 40:85:39:25:ef:b6:35:aa:e1:e4:93:03:86:1b:af: 83:16:c3:63:aa:09:1a:43:fd:a8:82:ed:2c:f2:8a: 28:8a:34:b4:fb:46:d3:4d:59:94:8b:f9:f6:ac:ae: ba:dc:fc:b5:4b:51:0f:3f:13:70:5b:ca:c6:c1:b9: e9:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:6A:6A:E4:7E:7F:97:12:12:71:52:3D:3B:72:97:3D:A9:E8:E4:EB X509v3 Authority Key Identifier: keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:15:04:a4:db:79:c6:20:f7:c9:bd:d8:80:9b:15:9e:38:74: 96:8f:4c:00:8b:d5:15:af:52:cb:86:d5:60:27:42:6a:6a:75: 07:11:58:20:f2:33:33:31:3b:10:bd:85:50:e9:31:5d:14:63: 62:65:72:4f:cf:b8:7c:27:6b:42:98:16:f5:bc:99:44:c6:2e: f4:1b:6d:d9:80:46:b0:b8:bf:27:94:a0:2e:cc:be:74:9d:e2: 64:2f:8a:87:75:01:65:a2:06:c6:11:5d:63:6e:a9:ad:9a:d2: 1d:cd:e1:64:91:9f:d0:39:a1:ad:fc:70:63:1f:38:db:bd:3e: 2e:96:f2:c8:04:5b:90:8f:88:5e:c3:5d:a1:a6:f3:cc:01:b7: 46:d9:eb:6c:6e:2f:45:28:6e:c0:61:2b:ab:f5:a4:c8:f8:22: 4b:78:c4:de:e1:82:a2:8a:1a:8c:c8:92:f2:1a:cf:9e:bc:43: f5:64:61:53:46:48:56:95:6b:49:f3:71:fa:85:ac:e1:29:e7: f1:96:c7:8c:af:1d:24:12:5f:d2:63:79:2d:05:ed:53:87:f7: 3e:5f:64:f9:56:44:32:e2:0b:e9:5d:fa:f0:a7:66:b2:4f:33: 15:7e:93:34:83:b7:26:75:01:7d:51:1e:4a:6f:e0:5b:92:a7: 20:de:2a:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15bpzWMvvcvo3LcHJTenVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl YmMzODQwHhcNMjUxMjA2MjMwMTA0WhcNMjUxMjA3MjMwMTA0WjAzMTEwLwYDVQQD EygxMTZhNmFlNDdlN2Y5NzEyMTI3MTUyM2QzYjcyOTczZGE5ZThlNGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd4esFV6PSjOEygAi8EdzI+qSm+h ncBCdooULYXvVKPm6s/BUV88dkq70ILTCQbGN+o39bDRrUfpTIQnuFMZDmb816LK kJ0kgCu1trlE6W52V4Pqr7ZVoDbHQrDgQis+zaoMHrEQKpVGqy/Fi4Z5kSrekhCf m7kBHbN3p1xhE0jDU1CSL4xZLwAFHUY9XsGHFpUkPbe2vP0QOPGW00dqUgizuzAz 21Z1n3yMc/pxIR+ndgpxkybktYoIV676OvuRGHFAhTkl77Y1quHkkwOGG6+DFsNj qgkaQ/2ogu0s8oooijS0+0bTTVmUi/n2rK663Py1S1EPPxNwW8rGwbnpQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBFqauR+f5cSEnFSPTtylz2p6OTrMB8GA1UdIwQY MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAshUEpNt5 xiD3yb3YgJsVnjh0lo9MAIvVFa9Sy4bVYCdCamp1BxFYIPIzMzE7EL2FUOkxXRRj YmVyT8+4fCdrQpgW9byZRMYu9Btt2YBGsLi/J5SgLsy+dJ3iZC+Kh3UBZaIGxhFd Y26prZrSHc3hZJGf0DmhrfxwYx84270+LpbyyARbkI+IXsNdoabzzAG3RtnrbG4v RShuwGErq/WkyPgiS3jE3uGCoooajMiS8hrPnrxD9WRhU0ZIVpVrSfNx+oWs4Snn 8ZbHjK8dJBJf0mN5LQXtU4f3Pl9k+VZEMuIL6V368Kdmsk8zFX6TNIO3JnUBfVEe Sm/gW5KnIN4qxA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:48:04 2025 by rpki-client