This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft File: AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json) Hash identifier: y1IY2Mxy+g6BBCo6X7DFXbp8a/1iCBlLdnM3clWFEXQ= Subject key identifier: BD:73:89:BD:17:10:6C:63:7E:01:B7:4A:8C:FD:1F:F2:AF:24:C0:C6 Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E Certificate issuer: /CN=0217c666cda23e920d14b90ae9363713350aac1e Certificate serial: 019AF2091F69A49DA9553F8D08657978591C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 05:01:15 +0000 Manifest this update: Sat 06 Dec 2025 05:01:15 +0000 Manifest next update: Sun 07 Dec 2025 05:01:15 +0000 Files and hashes: 1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: 0skPRnGWYwtUT3a4bkomcCDO8ceaOMZWfCbIZU8MO/A=) 2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:1f:69:a4:9d:a9:55:3f:8d:08:65:79:78:59:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e Validity Not Before: Dec 6 05:01:15 2025 GMT Not After : Dec 7 05:01:15 2025 GMT Subject: CN=bd7389bd17106c637e01b74a8cfd1ff2af24c0c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:59:7b:a9:14:97:3b:ef:f2:44:5d:e0:da:62: 14:13:5f:8e:86:d7:c0:43:56:a1:57:ee:82:a7:3e: 29:6d:f8:e0:6a:38:f4:03:a5:9e:b8:a5:ac:91:cc: 96:b3:37:7b:e2:8f:66:6c:8a:0d:0c:62:dc:49:ac: 1a:25:62:4f:28:6c:82:b4:82:67:f3:00:38:58:3a: e4:3b:9d:0c:fc:69:bb:68:61:19:7f:a7:ad:e3:6a: 7b:9a:91:d1:87:ba:f2:b8:0d:eb:77:3b:9f:6a:47: e5:16:a4:3e:1f:63:cc:be:81:44:3a:68:52:96:bb: 2f:0f:25:9f:c2:4b:84:5b:0d:51:2c:db:3b:81:54: fa:0d:d0:c7:ff:4e:0a:51:ff:30:2b:51:d0:e3:e0: 77:2c:46:6d:df:c7:26:9c:6a:5d:83:d8:2c:c5:62: e2:e5:ec:5b:ac:61:9e:35:d7:c4:51:d8:23:7c:dd: 10:fb:83:47:67:47:34:bc:18:4b:5b:fe:22:a4:42: b3:c8:a4:a9:c2:ef:ce:db:a4:1d:eb:06:c8:9e:4e: 06:77:3b:d6:77:d6:2e:d5:19:39:25:a8:60:18:95: 78:17:56:16:11:e0:c6:29:36:33:c1:f3:d3:8e:34: 27:38:11:65:da:03:9c:08:3f:f8:f4:e8:0e:d8:35: 90:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:73:89:BD:17:10:6C:63:7E:01:B7:4A:8C:FD:1F:F2:AF:24:C0:C6 X509v3 Authority Key Identifier: keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:1d:6c:36:99:1d:a1:c1:95:90:4b:15:ff:29:78:c1:76:a4: a9:b0:1c:7f:97:41:63:c9:4c:18:4d:7c:dc:9e:84:59:1b:c9: 53:19:03:80:56:aa:c9:70:cc:89:a9:28:46:4a:53:5b:07:a6: 98:6a:8a:e7:51:b3:26:fe:44:d6:8b:c4:dc:1c:78:0b:c0:7a: 65:0c:5f:b5:8e:cc:20:c0:db:10:a1:cb:cf:34:8b:81:1d:e2: 7f:ac:f0:ad:4c:6f:9b:68:11:40:da:74:e5:52:80:42:33:67: c5:d0:84:36:c4:49:b7:97:08:2c:b3:36:61:db:24:63:9b:3e: 21:98:27:49:7c:9a:09:41:00:4a:da:d5:31:cb:84:8e:da:d8: 70:40:09:93:62:70:e6:ea:1b:2a:36:8b:9c:8a:e9:5e:99:b1: 7a:f9:9c:af:ff:cc:bf:06:50:ac:6f:3a:3f:de:f9:28:25:bf: 73:96:36:75:54:bf:90:fb:11:59:18:ac:0b:00:c3:54:1c:e4: 3e:0c:4a:7a:e0:3f:38:be:47:21:1d:ae:75:21:c6:66:b4:80: 02:8a:25:6f:ef:9f:3e:b5:4f:09:3e:e2:62:df:2a:3d:52:63: 88:bb:fa:20:63:b5:60:0c:5f:35:fb:98:25:50:04:15:fb:c6: 6b:f6:c4:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCR9ppJ2pVT+NCGV5eFkcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw YWFjMWUwHhcNMjUxMjA2MDUwMTE1WhcNMjUxMjA3MDUwMTE1WjAzMTEwLwYDVQQD EyhiZDczODliZDE3MTA2YzYzN2UwMWI3NGE4Y2ZkMWZmMmFmMjRjMGM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1l7qRSXO+/yRF3g2mIUE1+OhtfA Q1ahV+6Cpz4pbfjgajj0A6WeuKWskcyWszd74o9mbIoNDGLcSawaJWJPKGyCtIJn 8wA4WDrkO50M/Gm7aGEZf6et42p7mpHRh7ryuA3rdzufakflFqQ+H2PMvoFEOmhS lrsvDyWfwkuEWw1RLNs7gVT6DdDH/04KUf8wK1HQ4+B3LEZt38cmnGpdg9gsxWLi 5exbrGGeNdfEUdgjfN0Q+4NHZ0c0vBhLW/4ipEKzyKSpwu/O26Qd6wbInk4GdzvW d9Yu1Rk5JahgGJV4F1YWEeDGKTYzwfPTjjQnOBFl2gOcCD/49OgO2DWQkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL1zib0XEGxjfgG3Soz9H/KvJMDGMB8GA1UdIwQY MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbR1sNpkd ocGVkEsV/yl4wXakqbAcf5dBY8lMGE183J6EWRvJUxkDgFaqyXDMiakoRkpTWwem mGqK51GzJv5E1ovE3Bx4C8B6ZQxftY7MIMDbEKHLzzSLgR3if6zwrUxvm2gRQNp0 5VKAQjNnxdCENsRJt5cILLM2YdskY5s+IZgnSXyaCUEAStrVMcuEjtrYcEAJk2Jw 5uobKjaLnIrpXpmxevmcr//MvwZQrG86P975KCW/c5Y2dVS/kPsRWRisCwDDVBzk PgxKeuA/OL5HIR2udSHGZrSAAoolb++fPrVPCT7iYt8qPVJjiLv6IGO1YAxfNfuY JVAEFfvGa/bEHQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:48 2025 by rpki-client