This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json) Hash identifier: DKThT5CL3X0YXWIDuPffRcVzjtaFPR6EDWu8aPKhRQ0= Subject key identifier: D1:2B:FE:37:58:30:61:81:0C:5B:26:ED:73:ED:86:D5:BE:86:03:26 Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Certificate serial: 019B19BBC5F7A6424CB2ED78C90816C40E3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft Manifest number: 04E1 Signing time: Sat 13 Dec 2025 22:01:34 +0000 Manifest this update: Sat 13 Dec 2025 22:01:34 +0000 Manifest next update: Sun 14 Dec 2025 22:01:34 +0000 Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=) 2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: 46L7lF/uZMHW6xjuTs+0IuaF7N748dZYlaJaD832ksk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:c5:f7:a6:42:4c:b2:ed:78:c9:08:16:c4:0e:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Validity Not Before: Dec 13 22:01:34 2025 GMT Not After : Dec 14 22:01:34 2025 GMT Subject: CN=d12bfe37583061810c5b26ed73ed86d5be860326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:68:87:17:6a:a6:cc:0d:96:94:01:0c:79:7b: 83:73:3b:a8:c3:97:d6:bf:b3:88:0e:0b:50:47:d0: de:43:95:ce:bf:be:77:b6:a8:72:2e:54:b7:6f:97: b5:46:36:28:b9:60:14:62:58:b9:f3:c6:da:27:87: 0a:0f:67:3a:e9:47:af:b5:e2:2e:3a:6d:ff:73:c2: 90:b3:d4:e8:ff:50:57:c2:8b:4f:40:f7:8b:27:bd: c5:ec:86:f0:af:12:6e:a4:f7:aa:6a:9d:ac:9b:79: 01:8f:17:07:0b:e4:62:1c:56:96:79:4f:1d:f3:c0: 6c:04:12:e6:16:08:5e:65:57:6f:57:1a:1f:d2:f6: 35:98:ae:06:9e:28:5d:26:17:f2:42:81:96:8d:0e: d1:c1:c4:75:b7:5e:e3:39:42:9f:e6:16:cf:cc:98: 40:40:2d:27:24:a4:e7:c2:24:d3:f3:c3:60:7d:92: b0:f5:67:f9:f6:46:f4:05:85:11:d0:ee:f4:30:19: c5:fa:3c:59:df:d4:57:68:21:73:14:00:41:27:af: a9:f1:6d:03:98:85:de:6b:bb:b3:d4:72:36:9a:b0: e5:4b:c3:20:2b:67:3c:95:96:d3:c0:95:09:9f:67: d1:2c:39:0f:36:08:4f:3b:81:11:c1:6e:d5:41:21: 09:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:2B:FE:37:58:30:61:81:0C:5B:26:ED:73:ED:86:D5:BE:86:03:26 X509v3 Authority Key Identifier: keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:30:41:20:c9:cb:31:55:2f:1c:8f:1d:6f:d3:bd:db:31:3b: fe:15:94:eb:0c:d9:9a:8a:12:9f:ac:76:99:d2:bf:f6:72:0f: 40:a9:d4:ce:f9:00:ac:65:b0:fb:ea:7c:60:cf:f8:5b:78:72: 80:d9:96:a1:3f:a9:aa:97:ab:9e:37:4f:70:64:0e:d7:a8:ba: ce:d5:1c:1e:4d:86:ce:15:53:7d:2f:f2:41:fd:cd:c0:d9:9b: d6:da:9b:d8:0b:27:b9:bc:10:8c:f3:51:28:8f:9d:16:e5:cd: f1:8b:94:3e:59:42:5c:a1:f2:48:83:b5:b7:ea:51:32:99:65: 75:a9:d5:3b:f6:9f:59:c7:dc:f5:ef:66:19:b9:8b:81:01:13: 55:05:d8:4b:2b:3a:fc:d0:b8:84:84:54:cd:7a:a1:66:17:0d: 6f:12:56:66:9a:bd:e2:c8:11:e8:cc:82:48:83:9e:10:12:b3: 40:b0:ed:00:f3:c1:72:1f:03:7f:c2:a2:92:bd:7a:45:18:88: f8:c7:d7:13:16:de:a5:a3:f2:88:68:a5:41:74:be:c9:7d:dc: 07:9a:76:13:62:71:92:23:88:0a:5b:1d:6f:74:c0:f0:d6:2d: 4d:ee:4c:c1:b4:62:13:a8:ec:e8:f3:50:a9:31:65:38:e5:54: c5:94:7b:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZu8X3pkJMsu14yQgWxA4+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi NGM1ZjkwHhcNMjUxMjEzMjIwMTM0WhcNMjUxMjE0MjIwMTM0WjAzMTEwLwYDVQQD EyhkMTJiZmUzNzU4MzA2MTgxMGM1YjI2ZWQ3M2VkODZkNWJlODYwMzI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmiHF2qmzA2WlAEMeXuDczuow5fW v7OIDgtQR9DeQ5XOv753tqhyLlS3b5e1RjYouWAUYli588baJ4cKD2c66UevteIu Om3/c8KQs9To/1BXwotPQPeLJ73F7IbwrxJupPeqap2sm3kBjxcHC+RiHFaWeU8d 88BsBBLmFgheZVdvVxof0vY1mK4GnihdJhfyQoGWjQ7RwcR1t17jOUKf5hbPzJhA QC0nJKTnwiTT88NgfZKw9Wf59kb0BYUR0O70MBnF+jxZ39RXaCFzFABBJ6+p8W0D mIXea7uz1HI2mrDlS8MgK2c8lZbTwJUJn2fRLDkPNghPO4ERwW7VQSEJwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNEr/jdYMGGBDFsm7XPthtW+hgMmMB8GA1UdIwQY MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDBBIMnL MVUvHI8db9O92zE7/hWU6wzZmooSn6x2mdK/9nIPQKnUzvkArGWw++p8YM/4W3hy gNmWoT+pqpernjdPcGQO16i6ztUcHk2GzhVTfS/yQf3NwNmb1tqb2AsnubwQjPNR KI+dFuXN8YuUPllCXKHySIO1t+pRMplldanVO/afWcfc9e9mGbmLgQETVQXYSys6 /NC4hIRUzXqhZhcNbxJWZpq94sgR6MyCSIOeEBKzQLDtAPPBch8Df8Kikr16RRiI +MfXExbepaPyiGilQXS+yX3cB5p2E2JxkiOIClsdb3TA8NYtTe5MwbRiE6js6PNQ qTFlOOVUxZR7xQ== -----END CERTIFICATE-----Generated at Sun Dec 14 07:49:32 2025 by rpki-client