This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json) Hash identifier: yD2Jp464P//t5C8NCNUTwRSUKz8N5LK2YI96QoMUo50= Subject key identifier: 14:D4:6F:D4:81:88:AC:2F:D7:84:73:FE:21:34:66:B1:E5:D5:40:75 Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Certificate serial: 019AF12EE894BBC19835EB77403867209A4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft Manifest number: 04CC Signing time: Sat 06 Dec 2025 01:02:54 +0000 Manifest this update: Sat 06 Dec 2025 01:02:54 +0000 Manifest next update: Sun 07 Dec 2025 01:02:54 +0000 Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=) 2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: bAsg8r5vp0BkNZOztdFQJFrF04hHvzZXhLQYvqamsqY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:e8:94:bb:c1:98:35:eb:77:40:38:67:20:9a:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Validity Not Before: Dec 6 01:02:54 2025 GMT Not After : Dec 7 01:02:54 2025 GMT Subject: CN=14d46fd48188ac2fd78473fe213466b1e5d54075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9c:25:7f:25:8c:76:d4:08:80:c1:ec:04:d6: 4f:a5:c7:e7:81:9e:e9:c3:55:50:68:c0:36:78:48: ed:52:f1:0e:e6:49:d1:a6:ce:d0:4b:77:76:0a:7e: dc:e2:d0:3a:17:70:9f:04:e0:2c:0e:83:b1:fb:5f: a4:26:cd:b0:61:61:9b:04:bd:66:ed:4d:f7:15:6d: 55:21:40:e6:7a:c5:61:10:96:ac:6d:b5:5f:f0:4a: e7:05:27:6b:6f:02:5a:08:7a:53:f2:1e:01:3e:d9: 99:99:32:55:7a:bc:62:ee:79:6e:bf:22:9a:08:8c: dd:b7:2f:88:8c:a6:bb:49:da:3e:0b:dd:2d:e9:0b: be:70:8f:cb:6a:46:ab:f9:59:f2:ee:dc:76:12:49: b7:36:47:3f:31:24:f7:a8:e8:69:af:83:9a:7d:e0: 20:62:dd:c9:ec:53:f1:7a:49:f8:24:45:76:37:48: 00:9c:aa:a0:9c:47:be:7c:13:6a:22:fd:c2:99:e7: 4c:41:f2:47:10:fb:1c:f8:95:13:cc:cc:a4:ab:50: e4:b3:f3:f2:39:2a:d4:02:cd:eb:54:13:8c:47:52: d1:9b:5b:38:b3:ea:74:26:f6:7c:af:8f:35:59:71: d4:01:90:c7:3b:b3:b8:b1:c8:43:07:f7:1c:f5:98: 48:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:D4:6F:D4:81:88:AC:2F:D7:84:73:FE:21:34:66:B1:E5:D5:40:75 X509v3 Authority Key Identifier: keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:42:e7:8e:85:68:db:3d:a9:8a:fa:a5:f4:e6:e4:8e:21:bb: 6e:ce:f0:b6:43:81:b2:8b:5e:23:49:7f:a8:cf:db:ef:cd:e2: a2:7b:e6:77:3e:4c:6f:f2:50:dd:42:f3:44:d2:60:37:61:f7: 49:49:c0:a6:d7:0f:bc:be:ea:e8:9e:86:cd:a5:91:aa:bb:80: 9b:b9:a4:e2:89:94:aa:3d:a9:b2:d4:d3:66:e3:c4:0c:a0:fe: 54:20:60:0f:2d:34:53:fe:06:55:b0:2a:c9:7b:dd:bb:b4:06: 76:a6:46:f6:fb:9f:66:85:2f:83:14:8c:02:0f:55:14:b4:43: 60:bd:8d:75:a0:64:75:d4:25:f1:f8:f0:9c:4e:e9:79:54:5d: 48:27:cb:85:6e:ee:cd:2a:b4:fa:31:1b:e1:f0:11:57:69:b2: 82:5e:f7:e4:99:60:d7:92:16:83:99:2a:fb:ef:32:42:b4:47: 8e:21:f9:3e:f8:cc:c5:78:3f:b4:ff:70:eb:88:49:2b:86:72: 98:bd:09:ad:50:90:03:f3:a7:3d:ed:b9:ed:8d:52:1b:8a:6d: d4:3a:77:ff:19:02:03:5a:83:b3:87:8a:a3:cd:20:71:74:83: 50:03:1d:2d:00:f2:80:8a:14:57:2c:fb:04:03:7a:3a:d6:ca: b1:9c:ba:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLuiUu8GYNet3QDhnIJpNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi NGM1ZjkwHhcNMjUxMjA2MDEwMjU0WhcNMjUxMjA3MDEwMjU0WjAzMTEwLwYDVQQD EygxNGQ0NmZkNDgxODhhYzJmZDc4NDczZmUyMTM0NjZiMWU1ZDU0MDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZwlfyWMdtQIgMHsBNZPpcfngZ7p w1VQaMA2eEjtUvEO5knRps7QS3d2Cn7c4tA6F3CfBOAsDoOx+1+kJs2wYWGbBL1m 7U33FW1VIUDmesVhEJasbbVf8ErnBSdrbwJaCHpT8h4BPtmZmTJVerxi7nluvyKa CIzdty+IjKa7Sdo+C90t6Qu+cI/Lakar+Vny7tx2Ekm3Nkc/MST3qOhpr4OafeAg Yt3J7FPxekn4JEV2N0gAnKqgnEe+fBNqIv3CmedMQfJHEPsc+JUTzMykq1Dks/Py OSrUAs3rVBOMR1LRm1s4s+p0JvZ8r481WXHUAZDHO7O4schDB/cc9ZhIZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBTUb9SBiKwv14Rz/iE0ZrHl1UB1MB8GA1UdIwQY MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKELnjoVo 2z2pivql9ObkjiG7bs7wtkOBsoteI0l/qM/b783ionvmdz5Mb/JQ3ULzRNJgN2H3 SUnAptcPvL7q6J6GzaWRqruAm7mk4omUqj2pstTTZuPEDKD+VCBgDy00U/4GVbAq yXvdu7QGdqZG9vufZoUvgxSMAg9VFLRDYL2NdaBkddQl8fjwnE7peVRdSCfLhW7u zSq0+jEb4fARV2mygl735Jlg15IWg5kq++8yQrRHjiH5PvjMxXg/tP9w64hJK4Zy mL0JrVCQA/OnPe257Y1SG4pt1Dp3/xkCA1qDs4eKo80gcXSDUAMdLQDygIoUVyz7 BAN6OtbKsZy6eA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:05:21 2025 by rpki-client