This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft File: AL8jAERknAbXXjAsUXUATb_GcmE.mft (raw, json) Hash identifier: XSbCZFfvBWSwZRZhqBirhe18hqASfd/u/fZhmh+ZBaM= Subject key identifier: 66:74:E8:29:1B:FD:BC:BC:CE:23:35:7F:74:1A:ED:A8:C8:1F:41:B2 Authority key identifier: 00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61 Certificate issuer: /CN=00bf230044649c06d75e302c5175004dbfc67261 Certificate serial: 019B2364284A2C51C741E2525E62B3BA2609 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft Manifest number: 0E1F Signing time: Mon 15 Dec 2025 19:02:04 +0000 Manifest this update: Mon 15 Dec 2025 19:02:04 +0000 Manifest next update: Tue 16 Dec 2025 19:02:04 +0000 Files and hashes: 1: AL8jAERknAbXXjAsUXUATb_GcmE.crl (hash: 1StI3bqobRcAzPtSdJgA1X9+fU3gq7anvYgBqyoHS4k=) 2: qzSVGtS_jWsXuo115ysr12jv81o.roa (hash: 6sU/7Xohp1bS1zbTFVnz4YbGVdQCm8u0BmBoUOstkdU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 19:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:64:28:4a:2c:51:c7:41:e2:52:5e:62:b3:ba:26:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00bf230044649c06d75e302c5175004dbfc67261 Validity Not Before: Dec 15 19:02:04 2025 GMT Not After : Dec 16 19:02:04 2025 GMT Subject: CN=6674e8291bfdbcbcce23357f741aeda8c81f41b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ee:2d:27:a2:5d:ff:d3:1a:d4:48:3c:d6:ad: 01:3a:d6:25:6a:fd:f0:7b:91:c5:c2:6b:34:5c:df: 33:d2:87:03:33:2c:09:40:92:a5:4b:b0:0e:c0:ee: 53:20:e5:28:62:43:57:8f:0c:dc:9a:85:bb:39:61: 69:90:26:9b:34:16:36:31:6a:66:f5:a7:40:43:1c: c0:68:41:bb:20:bd:0f:13:2c:86:ec:0f:8b:a1:a7: b7:b1:1e:eb:08:d5:50:26:df:0d:9b:94:12:a3:66: d7:3d:fd:db:de:20:bd:74:a7:87:7c:ec:d4:78:0d: 3b:92:e6:30:89:d0:5e:f7:1c:3d:31:ae:d0:50:c2: 02:1e:a2:11:2e:8d:33:cb:5d:a4:2f:3c:bf:da:35: 68:6b:77:93:c5:c1:c6:08:f9:66:1f:db:6f:85:c4: 2d:67:c1:dc:89:83:aa:61:fc:3c:46:7f:65:59:01: e6:0f:3d:fb:0a:ee:c9:a8:41:52:54:bb:22:48:9d: 62:03:ae:38:81:25:60:5e:26:69:27:f8:8f:e0:e4: 93:12:e0:c2:c0:5a:12:f3:9f:e0:b3:de:f6:44:e2: 2b:99:21:bb:6d:4f:42:ce:36:9b:54:11:83:fa:74: 4f:ba:4e:97:d2:63:59:0d:4a:4f:96:e2:27:74:be: b5:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:74:E8:29:1B:FD:BC:BC:CE:23:35:7F:74:1A:ED:A8:C8:1F:41:B2 X509v3 Authority Key Identifier: keyid:00:BF:23:00:44:64:9C:06:D7:5E:30:2C:51:75:00:4D:BF:C6:72:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AL8jAERknAbXXjAsUXUATb_GcmE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/d88122-deda-4fd0-9a67-6ef1d96813a2/1/AL8jAERknAbXXjAsUXUATb_GcmE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:28:87:f9:c3:31:41:82:3c:c1:24:9f:e7:f8:b5:be:fb:59: aa:53:c2:d6:ad:9c:bb:6c:81:f4:47:7d:40:f2:86:2a:cc:2c: b3:ff:15:4c:2f:08:ff:9e:16:ff:f1:86:34:80:26:ca:2a:36: a1:cd:75:3b:35:e5:06:46:5e:20:78:df:87:3a:82:57:cf:6f: 93:9c:ec:c1:fe:77:41:2a:d4:74:35:b4:4e:8f:2c:0a:e8:5e: 88:0f:d6:43:8c:ff:58:ca:97:e9:ab:74:af:7a:9d:5b:cf:54: d8:08:38:71:7a:de:08:89:d4:7b:39:12:45:00:ee:0a:51:25: 19:0a:16:6d:ec:3b:95:6a:44:4c:73:60:fd:4e:ea:10:10:5b: 7a:f0:2e:d9:74:2f:33:fa:09:42:bf:5a:36:16:81:75:ee:11: a9:e0:de:4e:4f:3c:66:1c:21:0a:06:5e:0c:2d:74:ee:5d:58: f4:8b:04:f1:f3:2c:90:b5:0c:fa:93:a1:ef:ad:3f:0a:f2:87: 7f:7e:5e:d8:f2:1b:ee:50:4a:b0:e6:47:66:dc:7b:64:74:7a: f8:d9:e5:f3:6f:ea:1c:aa:32:c7:85:1f:89:f2:70:0a:d3:e1: 0c:ff:68:f0:39:38:c9:51:36:d7:33:35:c2:a0:39:c6:94:05: b2:aa:db:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsjZChKLFHHQeJSXmKzuiYJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYmYyMzAwNDQ2NDljMDZkNzVlMzAyYzUxNzUwMDRkYmZj NjcyNjEwHhcNMjUxMjE1MTkwMjA0WhcNMjUxMjE2MTkwMjA0WjAzMTEwLwYDVQQD Eyg2Njc0ZTgyOTFiZmRiY2JjY2UyMzM1N2Y3NDFhZWRhOGM4MWY0MWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO4tJ6Jd/9Ma1Eg81q0BOtYlav3w e5HFwms0XN8z0ocDMywJQJKlS7AOwO5TIOUoYkNXjwzcmoW7OWFpkCabNBY2MWpm 9adAQxzAaEG7IL0PEyyG7A+Loae3sR7rCNVQJt8Nm5QSo2bXPf3b3iC9dKeHfOzU eA07kuYwidBe9xw9Ma7QUMICHqIRLo0zy12kLzy/2jVoa3eTxcHGCPlmH9tvhcQt Z8HciYOqYfw8Rn9lWQHmDz37Cu7JqEFSVLsiSJ1iA644gSVgXiZpJ/iP4OSTEuDC wFoS85/gs972ROIrmSG7bU9CzjabVBGD+nRPuk6X0mNZDUpPluIndL612wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGZ06Ckb/by8ziM1f3Qa7ajIH0GyMB8GA1UdIwQY MBaAFAC/IwBEZJwG114wLFF1AE2/xnJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjct NmVmMWQ5NjgxM2EyLzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9kODgxMjItZGVkYS00ZmQwLTlhNjctNmVmMWQ5NjgxM2Ey LzEvQUw4akFFUmtuQWJYWGpBc1VYVUFUYl9HY21FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhyiH+cMx QYI8wSSf5/i1vvtZqlPC1q2cu2yB9Ed9QPKGKswss/8VTC8I/54W//GGNIAmyio2 oc11OzXlBkZeIHjfhzqCV89vk5zswf53QSrUdDW0To8sCuheiA/WQ4z/WMqX6at0 r3qdW89U2Ag4cXreCInUezkSRQDuClElGQoWbew7lWpETHNg/U7qEBBbevAu2XQv M/oJQr9aNhaBde4RqeDeTk88ZhwhCgZeDC107l1Y9IsE8fMskLUM+pOh760/CvKH f35e2PIb7lBKsOZHZtx7ZHR6+Nnl82/qHKoyx4UfifJwCtPhDP9o8Dk4yVE21zM1 wqA5xpQFsqrbDA== -----END CERTIFICATE-----Generated at Tue Dec 16 04:40:05 2025 by rpki-client