This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json) Hash identifier: R50/1EicMxOgZVG/NZFc+NXa6hUAIRPCtMBAL7U+nEY= Subject key identifier: F2:25:48:D3:74:B9:56:D5:AF:97:86:40:56:FE:2D:68:D9:1D:91:9B Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Certificate serial: 019B0E26D4CEC2B69C5491D0BEE737C47ACE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft Manifest number: 04DB Signing time: Thu 11 Dec 2025 16:03:04 +0000 Manifest this update: Thu 11 Dec 2025 16:03:04 +0000 Manifest next update: Fri 12 Dec 2025 16:03:04 +0000 Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=) 2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: udBXeGmesJ27tIJmzF9/EJrRai65FcBJsypUnqvaBeY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:26:d4:ce:c2:b6:9c:54:91:d0:be:e7:37:c4:7a:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Validity Not Before: Dec 11 16:03:04 2025 GMT Not After : Dec 12 16:03:04 2025 GMT Subject: CN=f22548d374b956d5af97864056fe2d68d91d919b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:e2:ec:5b:c0:91:a5:20:94:80:a7:fa:4d:1d: 8e:11:18:1c:48:51:78:ce:3d:15:da:02:67:37:67: 57:c7:ee:eb:1b:00:15:2b:c7:ef:24:3d:5a:19:47: 30:d4:40:70:29:46:b7:a8:ea:dd:23:e9:50:83:7e: 53:e5:2c:7e:57:88:00:71:b5:e5:72:84:6d:03:4b: ae:96:4d:00:24:4a:9d:2b:7d:af:dc:6a:a8:98:11: 4e:b9:dc:2d:5b:fc:97:ea:77:6a:b3:4f:da:ea:1d: ee:a1:7c:e6:ac:81:0b:41:d4:9e:35:82:5e:ef:98: 50:fd:08:f1:28:2f:c7:c0:97:37:b1:95:13:4f:11: c4:13:e5:fc:69:00:18:3a:29:5c:20:a8:30:51:6c: 53:85:8a:4d:b0:ae:5a:57:d4:5f:10:ef:e4:35:7a: 05:af:78:b8:2f:9f:30:07:c2:d9:69:b5:e8:ed:ad: e6:21:24:3c:83:6d:8b:f2:dd:cc:9a:85:7c:7d:f4: d5:5f:38:a4:36:62:57:9d:e0:a6:ab:84:c8:6c:70: 55:f3:01:40:81:6a:23:9d:77:61:eb:73:0a:2f:dd: f5:74:ff:4c:5f:fc:ab:f7:bf:09:26:78:25:1b:3e: 0b:f3:e0:3b:40:80:51:22:61:42:27:46:22:73:60: df:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:25:48:D3:74:B9:56:D5:AF:97:86:40:56:FE:2D:68:D9:1D:91:9B X509v3 Authority Key Identifier: keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:52:92:9f:68:99:aa:4f:57:93:76:53:00:41:b2:5a:9e:57: 95:1e:23:c3:42:43:ef:f0:3b:49:e9:ea:47:0c:e9:eb:a8:96: 67:6e:ef:1d:2b:04:cc:64:76:fc:44:9f:93:3f:fd:8c:be:86: c7:43:40:df:b7:ec:90:8d:eb:fd:e7:7f:27:67:a2:8a:e9:e1: 99:c0:e2:c0:5e:9e:a2:1f:2b:94:d0:83:50:11:9a:e4:24:a1: 3f:e0:1a:77:90:d5:88:6d:8e:e2:45:a0:00:2e:cf:76:c8:46: 1f:dd:bb:93:6c:27:51:21:3c:31:0f:64:4f:72:7c:1d:e0:f2: 6e:6b:43:f5:2e:39:5b:96:8f:7b:37:b6:40:f7:26:0a:42:a0: 9e:2e:d3:c3:53:8b:a7:b3:0c:52:53:a1:ed:16:44:9e:28:44: 45:1d:47:92:4d:2d:9e:23:e7:07:09:b7:9a:7a:23:04:1c:ef: f0:3f:5c:8b:91:68:d5:ae:0e:ac:57:b9:a2:94:93:a0:f5:44: 86:26:9a:ae:a8:df:42:69:a4:d7:df:02:9e:b1:a7:21:99:5b: 5a:40:17:22:8f:c0:0f:0e:e4:81:fe:74:6a:53:4c:70:7b:66: 69:99:99:d6:be:51:10:dc:24:ec:05:00:0c:1c:58:df:9a:9f: 97:bf:c0:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJtTOwracVJHQvuc3xHrOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi NGM1ZjkwHhcNMjUxMjExMTYwMzA0WhcNMjUxMjEyMTYwMzA0WjAzMTEwLwYDVQQD EyhmMjI1NDhkMzc0Yjk1NmQ1YWY5Nzg2NDA1NmZlMmQ2OGQ5MWQ5MTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+LsW8CRpSCUgKf6TR2OERgcSFF4 zj0V2gJnN2dXx+7rGwAVK8fvJD1aGUcw1EBwKUa3qOrdI+lQg35T5Sx+V4gAcbXl coRtA0uulk0AJEqdK32v3GqomBFOudwtW/yX6ndqs0/a6h3uoXzmrIELQdSeNYJe 75hQ/QjxKC/HwJc3sZUTTxHEE+X8aQAYOilcIKgwUWxThYpNsK5aV9RfEO/kNXoF r3i4L58wB8LZabXo7a3mISQ8g22L8t3MmoV8ffTVXzikNmJXneCmq4TIbHBV8wFA gWojnXdh63MKL931dP9MX/yr978JJnglGz4L8+A7QIBRImFCJ0Yic2DfqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPIlSNN0uVbVr5eGQFb+LWjZHZGbMB8GA1UdIwQY MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFKSn2iZ qk9Xk3ZTAEGyWp5XlR4jw0JD7/A7SenqRwzp66iWZ27vHSsEzGR2/ESfkz/9jL6G x0NA37fskI3r/ed/J2eiiunhmcDiwF6eoh8rlNCDUBGa5CShP+Aad5DViG2O4kWg AC7PdshGH927k2wnUSE8MQ9kT3J8HeDybmtD9S45W5aPeze2QPcmCkKgni7Tw1OL p7MMUlOh7RZEnihERR1Hkk0tniPnBwm3mnojBBzv8D9ci5Fo1a4OrFe5opSToPVE hiaarqjfQmmk198CnrGnIZlbWkAXIo/ADw7kgf50alNMcHtmaZmZ1r5RENwk7AUA DBxY35qfl7/A7A== -----END CERTIFICATE-----Generated at Thu Dec 11 22:53:08 2025 by rpki-client