This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json) Hash identifier: mTxZ8fcX6gms9+7DDlGgqxFp55fIZIwb4tqNUkdHRro= Subject key identifier: 90:5F:52:C9:D3:3A:26:E0:68:81:52:E1:2B:69:55:6B:A1:8E:CD:14 Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Certificate serial: 019B2C66AE02B266E98EE477D03DD7F0C57E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft Manifest number: 0B42 Signing time: Wed 17 Dec 2025 13:01:25 +0000 Manifest this update: Wed 17 Dec 2025 13:01:25 +0000 Manifest next update: Thu 18 Dec 2025 13:01:25 +0000 Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: ou1lEWrqXA1YXu6biUkoyLMN0co3Woj/xD7Tlb11bJk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:66:ae:02:b2:66:e9:8e:e4:77:d0:3d:d7:f0:c5:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Validity Not Before: Dec 17 13:01:25 2025 GMT Not After : Dec 18 13:01:25 2025 GMT Subject: CN=905f52c9d33a26e0688152e12b69556ba18ecd14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:db:c1:aa:92:1d:57:15:a5:84:25:c7:f0:c6: 11:a4:90:4f:7b:bb:d3:5b:75:96:34:35:28:91:9c: ea:78:5b:dd:72:83:bf:e1:2a:b7:20:f2:45:77:a4: 2d:f7:70:d9:a3:08:76:09:e6:91:7d:2a:5b:4d:4c: 91:1d:66:33:4b:cc:64:89:2f:21:48:1f:49:42:b8: 36:b2:31:c6:45:f6:ab:a1:21:73:65:3e:e6:be:3d: a4:32:32:18:c0:8e:35:53:61:fc:e3:14:47:79:22: ff:c2:50:3b:1b:bc:33:38:66:b7:81:7c:be:50:de: fe:e3:92:b0:da:2b:19:17:0f:c5:7b:cc:e1:22:ca: 73:bb:09:19:3d:ad:5d:ce:3b:a5:49:78:d7:90:4b: 4e:d7:3b:0f:95:22:e4:29:ad:77:c5:eb:f8:a6:58: 1c:48:ee:38:8f:f2:f3:ea:56:37:12:a8:97:ef:0f: b0:94:73:5a:cd:df:c1:5b:69:1a:94:2c:25:40:cb: 32:d8:05:1b:07:b9:63:98:58:75:b1:3e:06:c7:89: 21:1a:a7:32:7e:1e:f7:49:86:9f:76:75:bd:7f:05: 5e:ac:54:30:83:28:58:9b:d5:60:ed:3a:e2:5e:d1: f7:8e:4c:03:89:70:12:b6:2d:02:12:32:7c:73:73: e8:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:5F:52:C9:D3:3A:26:E0:68:81:52:E1:2B:69:55:6B:A1:8E:CD:14 X509v3 Authority Key Identifier: keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:c8:62:5a:42:9a:59:e1:0e:d6:53:5e:e2:22:55:d2:e9:bf: dd:35:cd:30:28:c0:9a:8d:15:3d:a0:a9:38:9c:53:c7:a5:b2: 4b:58:81:fe:19:4b:d5:2e:fa:ed:16:5c:65:d1:80:ec:da:50: d5:b9:6a:76:65:27:6b:f3:71:c9:6f:63:27:c4:4d:d0:7e:55: 33:e0:8c:ef:08:6d:54:09:5f:5e:2c:fd:16:a1:5c:d1:34:6c: f3:6d:03:b6:b5:87:fa:90:1b:4f:ae:ca:00:8f:6a:06:bd:da: 07:1e:dc:a5:52:4f:f5:81:bc:31:16:f7:2d:f5:35:e2:d5:59: 80:a5:74:19:42:ae:15:7f:69:5f:de:55:aa:44:c4:ec:5e:62: 31:9c:e4:08:55:4d:67:93:38:86:c3:40:30:d1:65:54:98:12: 61:d9:8c:59:dd:30:8c:50:a1:87:a8:1f:fd:f1:8b:57:61:84: d3:73:f2:0b:7b:f6:6c:fa:8c:e9:6a:e8:2f:92:03:2d:a9:d6: cd:70:b5:a7:5c:79:9e:d6:7e:6b:e2:cb:f4:0f:a7:22:c1:03: 9c:16:31:f2:13:42:26:50:23:da:d8:ba:b0:1c:89:13:d4:de: a7:76:bd:a3:ac:d7:d4:0c:ed:2a:00:a6:44:2b:69:74:87:aa: 47:bb:f9:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssZq4CsmbpjuR30D3X8MV+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw N2NhZDIwHhcNMjUxMjE3MTMwMTI1WhcNMjUxMjE4MTMwMTI1WjAzMTEwLwYDVQQD Eyg5MDVmNTJjOWQzM2EyNmUwNjg4MTUyZTEyYjY5NTU2YmExOGVjZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdvBqpIdVxWlhCXH8MYRpJBPe7vT W3WWNDUokZzqeFvdcoO/4Sq3IPJFd6Qt93DZowh2CeaRfSpbTUyRHWYzS8xkiS8h SB9JQrg2sjHGRfaroSFzZT7mvj2kMjIYwI41U2H84xRHeSL/wlA7G7wzOGa3gXy+ UN7+45Kw2isZFw/Fe8zhIspzuwkZPa1dzjulSXjXkEtO1zsPlSLkKa13xev4plgc SO44j/Lz6lY3EqiX7w+wlHNazd/BW2kalCwlQMsy2AUbB7ljmFh1sT4Gx4khGqcy fh73SYafdnW9fwVerFQwgyhYm9Vg7TriXtH3jkwDiXASti0CEjJ8c3PoGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJBfUsnTOibgaIFS4StpVWuhjs0UMB8GA1UdIwQY MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVchiWkKa WeEO1lNe4iJV0um/3TXNMCjAmo0VPaCpOJxTx6WyS1iB/hlL1S767RZcZdGA7NpQ 1blqdmUna/NxyW9jJ8RN0H5VM+CM7whtVAlfXiz9FqFc0TRs820DtrWH+pAbT67K AI9qBr3aBx7cpVJP9YG8MRb3LfU14tVZgKV0GUKuFX9pX95VqkTE7F5iMZzkCFVN Z5M4hsNAMNFlVJgSYdmMWd0wjFChh6gf/fGLV2GE03PyC3v2bPqM6WroL5IDLanW zXC1p1x5ntZ+a+LL9A+nIsEDnBYx8hNCJlAj2ti6sByJE9Tep3a9o6zX1AztKgCm RCtpdIeqR7v5Kw== -----END CERTIFICATE-----Generated at Wed Dec 17 18:13:02 2025 by rpki-client