This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft File: bAlGwIGzK-hIywDY2TLowfcXlmg.mft (raw, json) Hash identifier: FdVFOsRrToLz5aScIuLHbohG4XCXRSYbV1Qj5GSycJY= Subject key identifier: 18:C0:69:B8:4D:86:75:7F:F6:81:18:5A:89:35:06:BA:FA:3C:3C:F4 Authority key identifier: 6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68 Certificate issuer: /CN=6c0946c081b32be848cb00d8d932e8c1f7179668 Certificate serial: 019B1D992072529D51CD3F120C24779CFD56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft Manifest number: 1777 Signing time: Sun 14 Dec 2025 16:02:13 +0000 Manifest this update: Sun 14 Dec 2025 16:02:13 +0000 Manifest next update: Mon 15 Dec 2025 16:02:13 +0000 Files and hashes: 1: bAlGwIGzK-hIywDY2TLowfcXlmg.crl (hash: wE5YOGIxSN7+avCE89GV5/28f4eLJOHyPA+6gw5mU14=) 2: zcbK2VYAm9mMFJWXJQ7evncTyKY.roa (hash: IlkFU9F+u30MyRO9adAYRJd3agbOfEkk4M3dko//XTI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:99:20:72:52:9d:51:cd:3f:12:0c:24:77:9c:fd:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c0946c081b32be848cb00d8d932e8c1f7179668 Validity Not Before: Dec 14 16:02:13 2025 GMT Not After : Dec 15 16:02:13 2025 GMT Subject: CN=18c069b84d86757ff681185a893506bafa3c3cf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:27:40:7e:aa:a8:bc:4a:40:db:a4:9c:77:fe: 6b:74:8c:de:a3:4f:e8:70:d0:a1:f3:a4:38:6b:5e: 98:c7:72:87:e7:0d:ef:9b:0a:60:93:6c:c1:81:a7: c1:66:59:41:b4:b7:b3:62:4c:8d:8c:8f:34:ba:4e: 0a:51:42:06:70:d2:28:05:f0:a8:8c:a6:40:d6:fa: 84:a0:f1:c4:53:b7:27:df:19:d5:19:61:af:73:af: c1:90:f5:84:de:af:1f:44:98:1c:5c:8c:54:05:aa: 6f:c3:e6:4d:cd:96:98:af:fe:dd:5b:89:a1:d9:88: ff:e7:5c:13:b7:fc:29:dd:18:7c:7f:c2:62:d6:59: 3a:91:55:10:e1:5c:57:af:53:a6:6a:ce:67:45:f4: 3f:07:3c:b9:fd:9b:0a:c3:e2:0d:60:7e:60:72:a1: 85:9d:e8:c4:95:63:ba:7a:0a:6d:e5:7d:c1:ee:5e: 18:90:f5:46:88:c2:61:65:e7:e9:df:eb:a6:2d:39: 16:25:f6:61:58:d3:0d:6f:9d:45:48:bb:b7:9d:50: 43:18:a8:76:39:9c:aa:6a:ec:78:ef:f5:d1:c6:67: 78:a0:f9:2a:0a:b1:8b:7b:6b:b5:24:c1:e8:c5:f6: c5:97:00:10:d9:de:59:4d:d3:74:5f:c6:08:49:36: db:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:C0:69:B8:4D:86:75:7F:F6:81:18:5A:89:35:06:BA:FA:3C:3C:F4 X509v3 Authority Key Identifier: keyid:6C:09:46:C0:81:B3:2B:E8:48:CB:00:D8:D9:32:E8:C1:F7:17:96:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAlGwIGzK-hIywDY2TLowfcXlmg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c8dc11-90ef-487e-a073-df2bbc9d0473/1/bAlGwIGzK-hIywDY2TLowfcXlmg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:25:7b:d5:a6:94:b5:7b:86:7f:74:d5:e8:63:0f:35:b6:a7: 29:10:b6:f1:1d:67:2c:40:3b:fa:bd:74:59:f1:bb:72:d2:93: 6c:ce:c3:a0:d4:97:8c:d9:dc:10:bf:c2:3e:bc:8d:36:13:6d: f7:67:0a:2f:0b:2d:b3:c4:a8:3d:89:8d:34:b7:42:f5:65:32: 06:c1:b6:46:68:db:55:a4:fb:7f:27:3f:3f:72:59:49:78:77: f2:a9:2b:3a:5c:5c:bd:13:54:a0:d3:37:b6:39:eb:97:8f:42: 88:db:df:63:6c:35:55:bf:3a:00:df:fc:e1:5c:8b:fe:d9:8e: 5e:5d:1f:e2:b0:32:e5:9e:f6:b2:57:70:a5:a2:a4:bd:b8:5d: 22:9e:f7:df:b8:af:9f:56:57:8d:92:e2:f6:e9:f4:a8:17:4e: 7b:aa:68:5a:c6:9b:db:2f:91:74:ec:93:23:5a:c6:c1:66:2e: 2b:fa:65:cf:2c:3c:0e:3e:d6:ef:96:4a:32:2b:92:49:c8:1b: eb:bd:45:a6:93:c7:46:4e:06:7c:82:a2:ad:8e:98:b7:3d:9f: ef:5c:21:37:85:fc:42:e6:90:6c:f9:a9:13:50:d2:92:ed:19: 0e:4d:39:9f:db:69:90:4e:e2:ef:47:7d:8e:ef:96:4d:6f:e1: db:f8:d4:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsdmSByUp1RzT8SDCR3nP1WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjMDk0NmMwODFiMzJiZTg0OGNiMDBkOGQ5MzJlOGMxZjcx Nzk2NjgwHhcNMjUxMjE0MTYwMjEzWhcNMjUxMjE1MTYwMjEzWjAzMTEwLwYDVQQD EygxOGMwNjliODRkODY3NTdmZjY4MTE4NWE4OTM1MDZiYWZhM2MzY2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3idAfqqovEpA26Scd/5rdIzeo0/o cNCh86Q4a16Yx3KH5w3vmwpgk2zBgafBZllBtLezYkyNjI80uk4KUUIGcNIoBfCo jKZA1vqEoPHEU7cn3xnVGWGvc6/BkPWE3q8fRJgcXIxUBapvw+ZNzZaYr/7dW4mh 2Yj/51wTt/wp3Rh8f8Ji1lk6kVUQ4VxXr1Omas5nRfQ/Bzy5/ZsKw+INYH5gcqGF nejElWO6egpt5X3B7l4YkPVGiMJhZefp3+umLTkWJfZhWNMNb51FSLu3nVBDGKh2 OZyqaux47/XRxmd4oPkqCrGLe2u1JMHoxfbFlwAQ2d5ZTdN0X8YISTbbXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBjAabhNhnV/9oEYWok1Brr6PDz0MB8GA1UdIwQY MBaAFGwJRsCBsyvoSMsA2Nky6MH3F5ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMt ZGYyYmJjOWQwNDczLzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9jOGRjMTEtOTBlZi00ODdlLWEwNzMtZGYyYmJjOWQwNDcz LzEvYkFsR3dJR3pLLWhJeXdEWTJUTG93ZmNYbG1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADCV71aaU tXuGf3TV6GMPNbanKRC28R1nLEA7+r10WfG7ctKTbM7DoNSXjNncEL/CPryNNhNt 92cKLwsts8SoPYmNNLdC9WUyBsG2RmjbVaT7fyc/P3JZSXh38qkrOlxcvRNUoNM3 tjnrl49CiNvfY2w1Vb86AN/84VyL/tmOXl0f4rAy5Z72sldwpaKkvbhdIp7337iv n1ZXjZLi9un0qBdOe6poWsab2y+RdOyTI1rGwWYuK/plzyw8Dj7W75ZKMiuSScgb 671FppPHRk4GfIKirY6Ytz2f71whN4X8QuaQbPmpE1DSku0ZDk05n9tpkE7i70d9 ju+WTW/h2/jUZA== -----END CERTIFICATE-----Generated at Sun Dec 14 21:32:20 2025 by rpki-client