This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json) Hash identifier: 5i1T68l2IfRsFtX0rC1/jgbH0cHTZXmFdyb8MrGaitE= Subject key identifier: 7E:4B:7E:6F:DD:7D:2C:DF:BB:C8:A4:69:32:8C:3B:A4:94:1C:6A:99 Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Certificate serial: 019B1EE155056AFED053BB4920B385F3704F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft Manifest number: 0B3B Signing time: Sun 14 Dec 2025 22:00:42 +0000 Manifest this update: Sun 14 Dec 2025 22:00:42 +0000 Manifest next update: Mon 15 Dec 2025 22:00:42 +0000 Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: s4NsTzea73A1qjfObUSkGgnfGEgcuWYhhrbE3uYszUs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 22:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:e1:55:05:6a:fe:d0:53:bb:49:20:b3:85:f3:70:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Validity Not Before: Dec 14 22:00:42 2025 GMT Not After : Dec 15 22:00:42 2025 GMT Subject: CN=7e4b7e6fdd7d2cdfbbc8a469328c3ba4941c6a99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:89:ee:c4:09:f3:aa:77:30:14:0d:7d:92:ab: d3:78:d3:3c:ac:48:68:7f:ac:f6:50:af:14:2b:b9: 44:63:5c:69:c2:01:52:0e:c3:4f:d6:0c:72:e4:f5: b3:41:66:6e:78:c7:22:a3:36:63:4c:2f:ef:18:46: 9d:ae:fc:0a:24:9b:ce:19:6d:09:39:5a:e6:0c:ba: 41:8e:cf:99:ad:d1:a1:3c:dd:e4:01:b3:ae:96:1a: d4:26:06:83:5a:0f:15:5b:2f:11:c1:b4:e1:57:f8: 22:5a:74:a1:50:1a:69:4d:cc:59:d3:04:aa:85:9a: 84:6e:9c:1b:33:fd:25:c6:5d:c1:86:c0:c3:ab:4f: fe:cc:11:2a:4e:5b:a2:fe:e2:ca:0c:5e:4f:f2:ca: d3:f8:13:74:a1:c3:c7:cf:18:3d:04:55:5c:f8:09: 08:df:6c:2f:8e:19:16:32:6d:dd:da:92:ee:90:c4: 01:eb:5a:81:06:fc:80:4f:e2:29:f6:c1:33:f6:59: a5:9a:55:a4:8a:ec:6a:0a:64:98:d6:82:6d:14:ec: 2c:bb:47:df:3b:90:7d:3d:18:cd:15:9e:e6:67:0d: ab:ba:f3:88:33:41:03:8d:24:f1:39:01:90:0a:da: 18:7a:3b:5c:17:17:a9:32:12:81:fd:12:e7:d8:3c: 88:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:4B:7E:6F:DD:7D:2C:DF:BB:C8:A4:69:32:8C:3B:A4:94:1C:6A:99 X509v3 Authority Key Identifier: keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:a8:64:50:7b:5d:c9:80:dd:fe:07:26:b2:06:a1:a2:18:09: 79:ba:9c:09:9b:14:f9:c3:fe:e1:86:a0:62:44:6c:24:e1:f4: 77:cf:8f:dd:85:c1:5f:c6:a6:3a:84:d7:93:68:29:4d:1d:26: 72:a8:8f:9b:6e:b5:5c:f9:8b:03:2a:16:90:2a:3c:a8:1a:5c: 1b:19:f4:22:20:93:c0:eb:ca:59:c7:27:c8:e9:fb:87:c9:ff: 5a:59:4d:6a:af:2c:f1:63:f5:75:e2:8f:0a:33:7d:aa:c5:d3: b2:8d:40:5a:f4:36:3c:3c:49:93:f9:bf:d2:c6:1f:3a:92:da: b6:ad:52:5d:e6:79:ba:b2:75:42:5d:07:da:15:72:04:9c:d4: a9:9d:d4:f6:6b:91:97:4e:79:9c:a3:6d:32:34:3c:89:c7:c9: b5:43:1b:9a:5a:04:fe:76:ab:d5:06:b5:84:1a:5e:7d:78:78: 49:76:63:73:56:c0:c1:d6:94:72:56:0b:0e:f5:1e:4c:20:80: ef:85:c0:f3:39:dc:52:fc:95:27:f9:c6:72:12:2d:dc:9a:1a: fd:8f:6c:43:de:94:f8:c3:18:2d:78:cc:91:e7:eb:7d:9d:d6: 0a:3e:bf:f2:3c:ff:6e:41:f6:c3:78:8b:b7:a7:22:9f:d4:d1: 40:24:44:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZse4VUFav7QU7tJILOF83BPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw N2NhZDIwHhcNMjUxMjE0MjIwMDQyWhcNMjUxMjE1MjIwMDQyWjAzMTEwLwYDVQQD Eyg3ZTRiN2U2ZmRkN2QyY2RmYmJjOGE0NjkzMjhjM2JhNDk0MWM2YTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsInuxAnzqncwFA19kqvTeNM8rEho f6z2UK8UK7lEY1xpwgFSDsNP1gxy5PWzQWZueMciozZjTC/vGEadrvwKJJvOGW0J OVrmDLpBjs+ZrdGhPN3kAbOulhrUJgaDWg8VWy8RwbThV/giWnShUBppTcxZ0wSq hZqEbpwbM/0lxl3BhsDDq0/+zBEqTlui/uLKDF5P8srT+BN0ocPHzxg9BFVc+AkI 32wvjhkWMm3d2pLukMQB61qBBvyAT+Ip9sEz9lmlmlWkiuxqCmSY1oJtFOwsu0ff O5B9PRjNFZ7mZw2ruvOIM0EDjSTxOQGQCtoYejtcFxepMhKB/RLn2DyIyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH5Lfm/dfSzfu8ikaTKMO6SUHGqZMB8GA1UdIwQY MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhahkUHtd yYDd/gcmsgahohgJebqcCZsU+cP+4YagYkRsJOH0d8+P3YXBX8amOoTXk2gpTR0m cqiPm261XPmLAyoWkCo8qBpcGxn0IiCTwOvKWccnyOn7h8n/WllNaq8s8WP1deKP CjN9qsXTso1AWvQ2PDxJk/m/0sYfOpLatq1SXeZ5urJ1Ql0H2hVyBJzUqZ3U9muR l055nKNtMjQ8icfJtUMbmloE/nar1Qa1hBpefXh4SXZjc1bAwdaUclYLDvUeTCCA 74XA8zncUvyVJ/nGchIt3Joa/Y9sQ96U+MMYLXjMkefrfZ3WCj6/8jz/bkH2w3iL t6cin9TRQCRE9A== -----END CERTIFICATE-----Generated at Mon Dec 15 04:53:08 2025 by rpki-client