This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft File: aLf4F6tRQbXhOCgM32GQFmu5y4c.mft (raw, json) Hash identifier: +0cZ5ME+eWW+t9hfy0Z+3Gf1kihB2Tnjh8VKAccs45Y= Subject key identifier: 07:9D:26:06:89:48:0C:A0:76:CA:6F:D8:7A:1D:8A:DE:F1:04:5E:B9 Authority key identifier: 68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87 Certificate issuer: /CN=68b7f817ab5141b5e138280cdf6190166bb9cb87 Certificate serial: 019AF088A0942B769B5BC916BA52403051BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft Manifest number: 1761 Signing time: Fri 05 Dec 2025 22:01:16 +0000 Manifest this update: Fri 05 Dec 2025 22:01:16 +0000 Manifest next update: Sat 06 Dec 2025 22:01:16 +0000 Files and hashes: 1: 1-wEZKS5ROln113VYj-rYIVv3HMw.roa (hash: zd3NK5lHmlo7IZCKvHCkj4ue/ewdTG041qEpUCwPhSg=) 2: aLf4F6tRQbXhOCgM32GQFmu5y4c.crl (hash: QG34lKuPvVkjCTgvDu7+KMcSQ7cwKEwwoxQKlLVNfjA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:a0:94:2b:76:9b:5b:c9:16:ba:52:40:30:51:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68b7f817ab5141b5e138280cdf6190166bb9cb87 Validity Not Before: Dec 5 22:01:16 2025 GMT Not After : Dec 6 22:01:16 2025 GMT Subject: CN=079d260689480ca076ca6fd87a1d8adef1045eb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:8c:70:2c:b5:5f:24:9f:11:69:6b:b5:9e:f2: e7:b3:47:f1:75:7e:16:a5:ec:8a:df:ff:74:82:7e: 0a:fe:37:2b:d9:5e:90:8a:3d:6c:f9:ab:a8:6f:3a: d4:eb:97:f2:e3:ca:89:9f:eb:67:e1:eb:2e:f2:0b: 3f:3c:d3:2d:d5:74:52:a0:ae:a1:69:37:4a:b4:92: f9:66:f2:d4:86:c9:40:13:03:8a:9e:3a:f7:55:4d: aa:29:6d:ab:48:ca:70:20:fb:0d:38:d2:d2:13:3b: 6d:e1:bd:89:76:00:3a:78:87:c2:ec:14:35:55:8c: 18:90:21:f8:15:05:dd:61:1f:b5:8f:c4:80:e0:7c: 46:1d:ff:1b:ad:9f:23:6f:50:a1:71:d0:d5:11:52: b0:27:f5:e4:78:b0:47:73:9a:77:d9:48:d2:7b:9c: 8a:c0:53:c7:72:3c:87:8a:3a:bf:b9:38:7f:72:5b: f8:fd:04:c6:61:57:45:82:a3:10:6a:ee:19:42:0e: 8f:b1:16:a5:cc:83:00:dc:42:4c:03:fc:d7:3b:48: 19:a6:11:41:8a:4a:f4:08:84:cb:09:92:79:f1:d4: 24:0e:bc:ef:a7:3c:48:79:ec:4b:f5:fd:fd:b1:ca: 44:f4:93:05:8e:21:f5:a9:b8:5e:8c:2e:a2:a0:be: 03:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:9D:26:06:89:48:0C:A0:76:CA:6F:D8:7A:1D:8A:DE:F1:04:5E:B9 X509v3 Authority Key Identifier: keyid:68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:37:d0:6a:2b:3d:d2:17:93:5d:61:e6:44:31:79:cb:a2:6c: cf:bb:9e:1e:7e:f8:8c:10:bf:84:d9:65:08:93:d9:ed:f8:25: ef:98:6c:d1:88:b5:45:f0:80:8d:6c:6b:2b:49:97:ab:33:0e: 84:ee:90:88:57:42:67:54:0c:88:60:5b:68:16:b5:fc:21:05: 08:65:a8:d8:d0:f6:a9:e7:57:81:79:f3:08:55:89:d2:7d:a6: d7:e7:d6:bb:7f:72:83:42:64:c5:18:14:c5:5f:f3:83:43:a4: 03:da:01:1a:23:d3:71:7b:50:c1:76:11:c7:d4:fa:08:59:a7: ac:74:f6:22:58:eb:97:b6:b0:60:95:c4:41:63:82:a2:aa:46: 06:aa:50:1a:c5:4c:3c:52:98:83:1d:90:ec:4e:6e:0b:7b:ed: 52:32:86:67:4f:0b:b7:61:93:18:66:4a:b5:31:e8:9d:f6:64: bd:2b:5a:d1:3a:2b:f4:fc:a6:a6:3b:70:db:7e:ae:fb:57:f2: cf:da:15:ab:2a:66:2c:6e:a1:a9:b6:3b:5f:c8:c3:39:c8:3d: 7a:fb:4f:2e:b3:6d:3f:9a:38:87:1e:42:e6:79:4b:0f:a7:05: 63:89:7d:a1:74:49:f4:dc:ad:eb:eb:ee:1a:f7:ca:18:1d:10: fd:1a:ed:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiKCUK3abW8kWulJAMFG7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YjdmODE3YWI1MTQxYjVlMTM4MjgwY2RmNjE5MDE2NmJi OWNiODcwHhcNMjUxMjA1MjIwMTE2WhcNMjUxMjA2MjIwMTE2WjAzMTEwLwYDVQQD EygwNzlkMjYwNjg5NDgwY2EwNzZjYTZmZDg3YTFkOGFkZWYxMDQ1ZWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYxwLLVfJJ8RaWu1nvLns0fxdX4W peyK3/90gn4K/jcr2V6Qij1s+auobzrU65fy48qJn+tn4esu8gs/PNMt1XRSoK6h aTdKtJL5ZvLUhslAEwOKnjr3VU2qKW2rSMpwIPsNONLSEztt4b2JdgA6eIfC7BQ1 VYwYkCH4FQXdYR+1j8SA4HxGHf8brZ8jb1ChcdDVEVKwJ/XkeLBHc5p32UjSe5yK wFPHcjyHijq/uTh/clv4/QTGYVdFgqMQau4ZQg6PsRalzIMA3EJMA/zXO0gZphFB ikr0CITLCZJ58dQkDrzvpzxIeexL9f39scpE9JMFjiH1qbhejC6ioL4DpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAedJgaJSAygdspv2Hodit7xBF65MB8GA1UdIwQY MBaAFGi3+BerUUG14TgoDN9hkBZrucuHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMt MTY1MTcxMjZjMTMyLzEvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMtMTY1MTcxMjZjMTMy LzEvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASTfQais9 0heTXWHmRDF5y6Jsz7ueHn74jBC/hNllCJPZ7fgl75hs0Yi1RfCAjWxrK0mXqzMO hO6QiFdCZ1QMiGBbaBa1/CEFCGWo2ND2qedXgXnzCFWJ0n2m1+fWu39yg0JkxRgU xV/zg0OkA9oBGiPTcXtQwXYRx9T6CFmnrHT2Iljrl7awYJXEQWOCoqpGBqpQGsVM PFKYgx2Q7E5uC3vtUjKGZ08Lt2GTGGZKtTHonfZkvSta0Tor9Pympjtw236u+1fy z9oVqypmLG6hqbY7X8jDOcg9evtPLrNtP5o4hx5C5nlLD6cFY4l9oXRJ9Nyt6+vu GvfKGB0Q/Rrt8g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:13:20 2025 by rpki-client