This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft File: AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json) Hash identifier: x4VOoVqJsvO/eKxiuIl0+wwjx2vlF69zqThDDqX0VxE= Subject key identifier: 07:F2:84:1B:50:B2:EB:EF:D6:59:19:80:58:B1:3C:FF:26:65:D7:62 Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05 Certificate issuer: /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05 Certificate serial: 019B19BC165998CB68BC5987858AEDE48CFC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft Manifest number: 1772 Signing time: Sat 13 Dec 2025 22:01:55 +0000 Manifest this update: Sat 13 Dec 2025 22:01:55 +0000 Manifest next update: Sun 14 Dec 2025 22:01:55 +0000 Files and hashes: 1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: meWyjHPHv5pTjTxS2e3yahYn4T3uZ2mHsNGLz7rYoN8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bc:16:59:98:cb:68:bc:59:87:85:8a:ed:e4:8c:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05 Validity Not Before: Dec 13 22:01:55 2025 GMT Not After : Dec 14 22:01:55 2025 GMT Subject: CN=07f2841b50b2ebefd659198058b13cff2665d762 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:76:ac:77:18:3d:8a:4c:35:f2:e5:b9:10:91: 3a:a1:68:80:52:3e:a7:1b:be:7f:b0:a1:16:43:8a: 7c:17:82:eb:12:d0:51:8a:ce:88:40:bd:97:97:fe: 75:e6:74:42:76:8f:b0:92:d1:74:fa:9d:bc:f7:ae: 1c:ea:73:60:70:41:6a:ef:d7:4e:60:12:4b:f2:a3: 77:13:bf:c5:23:e1:2c:80:c4:24:87:78:39:1f:af: ed:d7:7e:ac:ed:80:60:16:14:fd:82:ac:49:81:ad: 41:ae:4c:e5:56:70:55:4b:37:18:d7:4f:a6:1f:99: fb:93:46:0c:89:e8:3d:b8:72:6f:56:16:b5:05:93: a4:85:91:3b:31:dd:42:82:ef:23:8f:54:ad:c8:67: ea:5c:77:b8:bd:3c:92:7f:fc:47:08:d0:fe:fc:44: e1:80:75:a9:d2:24:56:6e:46:20:a5:20:f8:44:3f: ca:fb:0d:0c:54:7f:cd:ab:dd:52:ca:d9:00:c3:6e: d3:02:6a:d7:7b:63:01:f0:30:98:de:ec:c9:8a:dc: 06:39:f4:49:c7:9f:4c:a5:97:4e:a8:4f:4c:01:4f: 13:f9:46:7c:b6:c1:d2:f6:74:2a:2d:8e:a9:5c:88: 42:e9:67:0f:cf:2d:82:4f:8b:c9:4c:70:fe:e3:e4: 29:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:F2:84:1B:50:B2:EB:EF:D6:59:19:80:58:B1:3C:FF:26:65:D7:62 X509v3 Authority Key Identifier: keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:09:c2:e9:1c:3e:ef:cb:90:ba:89:70:da:c9:09:1a:7f:35: db:fe:77:0a:a2:bf:c1:f9:97:20:dc:bd:a9:58:9f:4f:12:7a: 8e:ca:6d:81:5d:95:89:01:8a:2c:6b:47:26:21:06:85:89:6f: 8b:e2:5c:bc:7c:70:cb:09:5f:c5:61:ec:bc:3c:ad:20:4e:c9: 70:e7:04:bd:27:a9:13:e6:07:b6:f6:7a:40:5e:82:23:eb:0a: 6d:47:ee:22:de:e8:88:bd:b8:e6:ba:d5:dd:71:01:0a:80:e2: 26:50:42:78:23:1f:82:81:55:e2:64:e1:0a:1a:8a:50:ef:f6: 69:69:30:b1:65:01:f1:9a:76:21:fc:1e:07:cb:3d:79:2d:8b: cd:ce:42:df:f7:30:b5:06:03:ea:84:c7:c1:19:7d:d2:4f:6b: 06:02:43:4a:92:6b:ae:cd:54:93:9f:67:5c:22:20:39:5f:a4: 79:40:08:1f:b8:b1:26:b4:25:39:d6:aa:d4:b9:39:dd:fd:c1: 61:d4:5f:4a:34:38:9c:f3:fd:af:c1:96:05:85:96:a5:d5:d5: ec:75:b2:40:36:34:db:e7:8f:87:08:d6:40:c8:5a:4f:80:fd: c1:46:91:12:b0:db:b8:7e:bf:bb:65:ae:cd:92:30:65:d1:1e: 8e:e9:ed:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZvBZZmMtovFmHhYrt5Iz8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi NzhhMDUwHhcNMjUxMjEzMjIwMTU1WhcNMjUxMjE0MjIwMTU1WjAzMTEwLwYDVQQD EygwN2YyODQxYjUwYjJlYmVmZDY1OTE5ODA1OGIxM2NmZjI2NjVkNzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Hasdxg9ikw18uW5EJE6oWiAUj6n G75/sKEWQ4p8F4LrEtBRis6IQL2Xl/515nRCdo+wktF0+p28964c6nNgcEFq79dO YBJL8qN3E7/FI+EsgMQkh3g5H6/t136s7YBgFhT9gqxJga1BrkzlVnBVSzcY10+m H5n7k0YMieg9uHJvVha1BZOkhZE7Md1Cgu8jj1StyGfqXHe4vTySf/xHCND+/ETh gHWp0iRWbkYgpSD4RD/K+w0MVH/Nq91SytkAw27TAmrXe2MB8DCY3uzJitwGOfRJ x59MpZdOqE9MAU8T+UZ8tsHS9nQqLY6pXIhC6WcPzy2CT4vJTHD+4+QpEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAfyhBtQsuvv1lkZgFixPP8mZddiMB8GA1UdIwQY MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1 LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwnC6Rw+ 78uQuolw2skJGn812/53CqK/wfmXINy9qVifTxJ6jsptgV2ViQGKLGtHJiEGhYlv i+JcvHxwywlfxWHsvDytIE7JcOcEvSepE+YHtvZ6QF6CI+sKbUfuIt7oiL245rrV 3XEBCoDiJlBCeCMfgoFV4mThChqKUO/2aWkwsWUB8Zp2IfweB8s9eS2Lzc5C3/cw tQYD6oTHwRl90k9rBgJDSpJrrs1Uk59nXCIgOV+keUAIH7ixJrQlOdaq1Lk53f3B YdRfSjQ4nPP9r8GWBYWWpdXV7HWyQDY02+ePhwjWQMhaT4D9wUaRErDbuH6/u2Wu zZIwZdEejunt4w== -----END CERTIFICATE-----Generated at Sun Dec 14 07:48:38 2025 by rpki-client