This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft File: r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json) Hash identifier: i/qrg4cWMSen0NEtJoSGGLeclvGleBfht1ZQCLWOIwo= Subject key identifier: 16:05:F6:6D:35:BE:4A:8D:57:8C:34:66:0B:B3:ED:78:25:4D:38:52 Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 Certificate issuer: /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Certificate serial: 019AF208B84C32EB28C9B57333DD9D85ABE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft Manifest number: 03D3 Signing time: Sat 06 Dec 2025 05:00:48 +0000 Manifest this update: Sat 06 Dec 2025 05:00:48 +0000 Manifest next update: Sun 07 Dec 2025 05:00:48 +0000 Files and hashes: 1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: NhtntI3v+gxrVURBxY+quLvamB8o8HETO2AHk9LlIPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:b8:4c:32:eb:28:c9:b5:73:33:dd:9d:85:ab:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Validity Not Before: Dec 6 05:00:48 2025 GMT Not After : Dec 7 05:00:48 2025 GMT Subject: CN=1605f66d35be4a8d578c34660bb3ed78254d3852 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:98:6a:36:69:d7:0a:47:64:42:d9:b1:7e:a1: 43:53:8a:da:ea:5e:4f:88:ac:ad:20:78:68:fc:11: 79:1d:7d:f6:d8:de:cf:c4:e5:97:41:e5:46:1d:f2: 07:c7:ec:49:ef:6e:20:cc:a0:9f:22:eb:ee:c8:52: 2e:d6:7e:23:f4:26:2d:65:e2:e3:0f:38:bf:46:b1: 42:b0:44:14:6b:60:50:67:6d:20:0d:65:7c:0d:f1: 14:6b:50:11:eb:5e:c3:d8:8b:00:0d:54:0d:12:7e: 24:4d:ec:a1:50:2b:97:0d:6e:57:76:a0:53:7b:ce: 57:e6:3a:78:6b:31:26:8f:60:16:14:10:bf:10:a3: dd:53:81:b7:cc:1f:c2:f0:9e:4f:c2:41:ef:c8:b0: c7:93:23:b0:3b:74:06:6d:bf:77:fe:9e:3a:33:b1: 2f:65:81:43:60:1d:79:48:9a:67:38:39:3c:64:f5: 9c:b7:c3:6d:8d:47:f1:66:11:84:be:b5:61:eb:54: 9b:6f:33:64:92:23:f1:51:5d:06:47:7e:d7:dc:63: fd:22:6f:ef:71:b9:09:27:e4:00:8d:cb:24:9f:29: 40:61:cd:0c:c3:00:ce:53:c4:d1:a1:8b:0a:4c:75: e4:83:af:bb:34:4f:19:79:84:25:f1:4a:fc:07:84: c3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:05:F6:6D:35:BE:4A:8D:57:8C:34:66:0B:B3:ED:78:25:4D:38:52 X509v3 Authority Key Identifier: keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:69:33:6b:1a:d5:c2:84:0b:81:fd:bc:4b:c9:a4:0c:4a:aa: e6:72:15:cc:5d:0a:c3:47:ca:97:43:75:cc:94:11:aa:39:fc: eb:14:7d:bd:25:13:42:88:c7:0f:dc:7a:0d:c7:b6:22:ee:21: 3a:fe:8e:b1:1c:e9:b2:71:e1:ec:75:42:b0:f0:c9:33:87:28: 4f:28:09:9b:28:5a:f2:48:61:3a:27:63:1b:07:b4:ce:e9:90: 9b:cc:fc:fd:f8:a3:47:2d:93:89:a3:80:a2:98:f3:52:80:2d: 1d:55:7b:8e:45:c8:6d:84:05:7a:cd:d1:70:3c:54:f7:73:ae: 78:78:58:90:cc:4c:ee:7a:ac:99:6d:2f:28:f1:a4:0e:ee:3e: 8f:17:2a:a9:9e:14:68:51:b2:13:3d:6d:e1:fc:fe:5e:59:11: 98:c4:c5:2f:5a:bf:75:a5:73:50:32:4f:85:ef:b2:39:ae:ca: f6:a2:99:43:70:d0:46:f5:fe:58:05:82:90:41:c6:4b:30:a7: 7a:63:db:92:03:06:85:e6:10:2d:7c:77:f0:de:81:95:db:33: 7a:43:a2:1c:7d:1d:3c:ef:63:80:2f:bd:64:5b:84:9f:cd:bf: 6b:1d:1e:84:83:55:23:73:e1:03:c7:8b:c1:42:08:54:37:c2: 8a:df:54:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCLhMMusoybVzM92dhavlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz NzU5ODQwHhcNMjUxMjA2MDUwMDQ4WhcNMjUxMjA3MDUwMDQ4WjAzMTEwLwYDVQQD EygxNjA1ZjY2ZDM1YmU0YThkNTc4YzM0NjYwYmIzZWQ3ODI1NGQzODUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZhqNmnXCkdkQtmxfqFDU4ra6l5P iKytIHho/BF5HX322N7PxOWXQeVGHfIHx+xJ724gzKCfIuvuyFIu1n4j9CYtZeLj Dzi/RrFCsEQUa2BQZ20gDWV8DfEUa1AR617D2IsADVQNEn4kTeyhUCuXDW5XdqBT e85X5jp4azEmj2AWFBC/EKPdU4G3zB/C8J5PwkHvyLDHkyOwO3QGbb93/p46M7Ev ZYFDYB15SJpnODk8ZPWct8NtjUfxZhGEvrVh61SbbzNkkiPxUV0GR37X3GP9Im/v cbkJJ+QAjcsknylAYc0MwwDOU8TRoYsKTHXkg6+7NE8ZeYQl8Ur8B4TDKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBYF9m01vkqNV4w0Zguz7XglTThSMB8GA1UdIwQY MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4 LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWkzaxrV woQLgf28S8mkDEqq5nIVzF0Kw0fKl0N1zJQRqjn86xR9vSUTQojHD9x6Dce2Iu4h Ov6OsRzpsnHh7HVCsPDJM4coTygJmyha8khhOidjGwe0zumQm8z8/fijRy2TiaOA opjzUoAtHVV7jkXIbYQFes3RcDxU93OueHhYkMxM7nqsmW0vKPGkDu4+jxcqqZ4U aFGyEz1t4fz+XlkRmMTFL1q/daVzUDJPhe+yOa7K9qKZQ3DQRvX+WAWCkEHGSzCn emPbkgMGheYQLXx38N6BldszekOiHH0dPO9jgC+9ZFuEn82/ax0ehINVI3PhA8eL wUIIVDfCit9UeA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:26 2025 by rpki-client