This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft File: r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json) Hash identifier: EzX1XVhKmt81V09Yep0cVLCDqLWmMrU3Uy8VG8zCSdU= Subject key identifier: C8:76:C5:12:E7:BD:77:5D:90:05:19:B0:FF:D5:AA:79:3F:4B:50:D4 Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 Certificate issuer: /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Certificate serial: 019B5A515120C04FD4E388E3D00B6CB17C43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft Manifest number: 0409 Signing time: Fri 26 Dec 2025 11:00:37 +0000 Manifest this update: Fri 26 Dec 2025 11:00:37 +0000 Manifest next update: Sat 27 Dec 2025 11:00:37 +0000 Files and hashes: 1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: kYKW6x41i7uPl8DrPDGXb3Qnvwq7rjJGapDDe38U7EI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:51:20:c0:4f:d4:e3:88:e3:d0:0b:6c:b1:7c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Validity Not Before: Dec 26 11:00:37 2025 GMT Not After : Dec 27 11:00:37 2025 GMT Subject: CN=c876c512e7bd775d900519b0ffd5aa793f4b50d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:0a:25:3c:55:b8:db:92:49:8f:51:85:75:78: 21:03:1f:77:ed:f8:de:d3:74:b7:9d:e7:a7:2c:86: 5b:38:45:21:5b:85:e6:72:0d:1a:cd:e5:c0:b2:5f: dc:d5:13:7d:83:0c:0d:51:fb:11:87:02:fd:70:9d: 3f:93:fa:0d:3e:38:23:b4:fa:bc:ba:14:1a:4d:3a: b8:d2:e5:2b:79:c7:cc:6f:55:54:71:67:06:e6:33: 69:f4:ed:21:44:9b:6c:93:1d:8c:ef:18:89:a6:24: fc:8e:a7:4a:0f:41:2d:2a:df:d0:5f:9f:86:ac:83: d1:4d:82:29:e5:dc:37:7f:5a:04:10:dc:02:c8:6e: 8e:87:50:65:20:3d:34:85:f9:47:50:be:76:49:33: 7d:ac:a5:dc:0e:a1:c8:a3:90:a2:b1:38:6a:10:7b: 8b:99:e9:aa:99:57:91:36:d0:f6:e6:94:73:28:c1: 73:19:e2:26:f6:64:5c:46:54:99:18:35:f7:3d:f4: 0a:f5:6c:3b:b9:b2:b1:b9:4b:ec:d0:21:66:df:ca: 18:75:57:f7:38:e5:5c:49:6c:d4:ee:41:d9:93:41: e4:0f:21:41:1c:8a:cc:b8:fc:ed:b1:06:82:65:f9: 6c:20:b9:d9:44:5d:18:c8:a8:8c:31:c5:4a:a5:66: 5e:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:76:C5:12:E7:BD:77:5D:90:05:19:B0:FF:D5:AA:79:3F:4B:50:D4 X509v3 Authority Key Identifier: keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:20:5c:03:7a:c4:8e:18:9a:c8:9c:7d:d5:7f:59:b9:47:ce: 86:f4:99:a4:96:15:66:18:04:f0:e2:0f:38:32:92:9d:6f:78: 5a:22:a0:56:53:61:8b:7f:a1:f8:b8:7e:79:8f:00:33:e9:d0: 2e:ba:5c:5d:99:eb:c0:74:22:d7:23:2a:c7:ac:7d:2e:35:99: 15:09:d4:71:b8:30:7a:e1:a0:7d:47:7b:e1:50:9e:f5:87:e1: 69:6c:be:d8:2b:78:14:69:1c:20:a8:83:be:70:46:28:e7:32: ea:9d:c7:01:3a:9d:22:47:c8:43:16:52:64:3b:5e:43:e4:74: 14:50:bf:35:b9:ac:69:3c:a7:5b:15:83:d9:1a:95:75:ca:dd: 40:fa:eb:6c:08:1e:0d:82:48:ee:de:b8:9f:de:8f:66:05:04: f6:7d:bb:a3:f9:c0:b0:dc:81:b3:02:43:98:45:f1:02:79:e4: 43:95:74:d8:85:e9:ad:05:47:6e:f1:fd:da:17:77:50:32:d6: cb:70:95:63:2a:60:d5:ff:c3:cf:8a:07:4e:e1:33:c9:4d:56: 6d:0c:51:4e:8a:6e:b7:1e:67:f6:94:1b:14:e6:21:1b:a8:e9: 34:9f:2c:4e:3e:9d:cb:50:0d:91:1a:57:43:3f:ba:c5:5c:aa: ef:ec:be:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUVEgwE/U44jj0AtssXxDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz NzU5ODQwHhcNMjUxMjI2MTEwMDM3WhcNMjUxMjI3MTEwMDM3WjAzMTEwLwYDVQQD EyhjODc2YzUxMmU3YmQ3NzVkOTAwNTE5YjBmZmQ1YWE3OTNmNGI1MGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQolPFW425JJj1GFdXghAx937fje 03S3neenLIZbOEUhW4Xmcg0azeXAsl/c1RN9gwwNUfsRhwL9cJ0/k/oNPjgjtPq8 uhQaTTq40uUrecfMb1VUcWcG5jNp9O0hRJtskx2M7xiJpiT8jqdKD0EtKt/QX5+G rIPRTYIp5dw3f1oEENwCyG6Oh1BlID00hflHUL52STN9rKXcDqHIo5CisThqEHuL memqmVeRNtD25pRzKMFzGeIm9mRcRlSZGDX3PfQK9Ww7ubKxuUvs0CFm38oYdVf3 OOVcSWzU7kHZk0HkDyFBHIrMuPztsQaCZflsILnZRF0YyKiMMcVKpWZeBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMh2xRLnvXddkAUZsP/Vqnk/S1DUMB8GA1UdIwQY MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4 LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiBcA3rE jhiayJx91X9ZuUfOhvSZpJYVZhgE8OIPODKSnW94WiKgVlNhi3+h+Lh+eY8AM+nQ LrpcXZnrwHQi1yMqx6x9LjWZFQnUcbgweuGgfUd74VCe9YfhaWy+2Ct4FGkcIKiD vnBGKOcy6p3HATqdIkfIQxZSZDteQ+R0FFC/NbmsaTynWxWD2RqVdcrdQPrrbAge DYJI7t64n96PZgUE9n27o/nAsNyBswJDmEXxAnnkQ5V02IXprQVHbvH92hd3UDLW y3CVYypg1f/Dz4oHTuEzyU1WbQxRToputx5n9pQbFOYhG6jpNJ8sTj6dy1ANkRpX Qz+6xVyq7+y+Rw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:34 2025 by rpki-client