This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft File: aL8cWiHDgluLhlFqGllxIbVLPMM.mft (raw, json) Hash identifier: HdCzuc+Uc9/9Y9WbRiQ4R/N6l35WTHvuyEB63hTDe1Q= Subject key identifier: EE:64:8E:D1:3A:39:8F:5C:3C:63:A0:D8:C8:C3:A8:69:BB:6C:19:1A Authority key identifier: 68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3 Certificate issuer: /CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3 Certificate serial: 019B53ABDA21C939B1849FF583460933D78E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft Manifest number: 1795 Signing time: Thu 25 Dec 2025 04:02:09 +0000 Manifest this update: Thu 25 Dec 2025 04:02:09 +0000 Manifest next update: Fri 26 Dec 2025 04:02:09 +0000 Files and hashes: 1: K-gQWrDorOWk95T1Ck9YnvOvyOw.roa (hash: M7ISU7dx2mACRrVyXnpQ2vx1ALS4joyLkkEwNFtNto0=) 2: aL8cWiHDgluLhlFqGllxIbVLPMM.crl (hash: dA7C8ZKHuxjBrOp5TFubLCBfLXtokl/ZoU9yrnsLxUg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:da:21:c9:39:b1:84:9f:f5:83:46:09:33:d7:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68bf1c5a21c3825b8b86516a1a597121b54b3cc3 Validity Not Before: Dec 25 04:02:09 2025 GMT Not After : Dec 26 04:02:09 2025 GMT Subject: CN=ee648ed13a398f5c3c63a0d8c8c3a869bb6c191a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:fe:b4:f0:6b:e4:bf:bf:77:60:31:1e:ea:97: fc:46:fa:b6:92:34:62:36:bb:66:fa:03:cd:cf:5a: fc:dd:c4:c4:55:60:bc:76:bb:aa:85:fd:81:52:cd: fe:b1:e6:ff:18:d1:11:3a:da:4d:e9:dd:e2:d3:17: 1d:17:0c:1d:fe:f8:1c:12:ee:50:2b:ee:48:b1:b5: c1:04:e0:e4:29:d1:dd:32:a0:4a:0e:6d:05:14:c9: ba:a6:44:14:ac:cb:c4:ce:2d:54:b6:5a:63:59:bd: e8:8c:e0:1e:6e:15:0e:07:b9:a1:ee:37:ac:a8:d5: 54:64:cd:d4:ea:6d:9e:48:48:8b:18:dd:9e:f5:b1: 95:89:c9:d1:03:87:2c:ad:38:ed:65:f0:a8:92:24: c5:7d:fb:68:6f:92:20:89:c8:06:d1:2c:ee:75:aa: fd:48:82:27:89:9c:ea:7b:63:8e:88:c4:2e:bf:e6: 51:f0:88:32:1e:c0:c6:08:c5:2b:6c:3a:63:0e:4e: 3e:31:17:6c:05:b0:41:41:cb:72:e2:53:a9:65:99: d5:cb:4d:99:bb:a0:b8:1f:74:e5:66:a4:29:4a:13: f5:dc:a1:1e:6b:fd:41:d1:bb:e3:10:95:1c:bb:b9: a0:61:3c:0a:78:24:ec:fa:8a:6e:40:33:d0:14:7a: 71:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:64:8E:D1:3A:39:8F:5C:3C:63:A0:D8:C8:C3:A8:69:BB:6C:19:1A X509v3 Authority Key Identifier: keyid:68:BF:1C:5A:21:C3:82:5B:8B:86:51:6A:1A:59:71:21:B5:4B:3C:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL8cWiHDgluLhlFqGllxIbVLPMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2fce5e-c915-4f02-ad3a-55eb5bb99e45/1/aL8cWiHDgluLhlFqGllxIbVLPMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:95:00:d9:22:14:c9:00:18:73:af:38:49:37:f8:1c:c0:19: 74:ab:5c:65:f9:4b:ad:d0:74:06:a6:22:5d:34:a8:5e:64:a2: 14:10:85:3b:2d:fb:3a:b8:58:8d:9e:b5:eb:03:e0:cc:d4:a8: 0d:28:5c:f8:40:1d:36:8c:8f:96:01:b3:28:86:73:a5:f3:08: 4c:f7:6f:87:62:98:88:2c:bc:15:25:ff:45:55:a1:72:21:74: 80:ce:ae:ce:52:3f:f5:dc:f5:a3:90:9b:d2:46:e3:46:b8:49: 49:56:6d:74:0c:c7:00:04:7c:ed:fa:05:b4:1a:b8:dc:c9:81: df:0e:98:ce:7f:f1:fd:84:62:57:dc:57:ed:1a:6e:e1:e4:5b: d5:b0:ae:81:87:e1:f6:f7:ee:ff:a3:f8:91:43:54:9f:16:90: e3:05:5b:6d:5a:45:3d:bc:68:72:34:ab:0e:35:20:19:61:84: 58:d6:fe:bc:b0:e7:e3:cc:bb:5a:22:53:16:92:b8:27:92:35: 4e:f7:71:2a:71:69:cf:00:27:58:68:c3:93:3a:41:9e:94:a3: ce:9e:8b:23:9a:ef:09:d3:25:30:b5:85:7d:a0:fa:48:b8:2b: 4b:a4:0c:ea:73:d3:56:d1:b3:c4:f4:34:a7:1b:82:b7:fa:dc: b1:3d:26:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq9ohyTmxhJ/1g0YJM9eOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YmYxYzVhMjFjMzgyNWI4Yjg2NTE2YTFhNTk3MTIxYjU0 YjNjYzMwHhcNMjUxMjI1MDQwMjA5WhcNMjUxMjI2MDQwMjA5WjAzMTEwLwYDVQQD EyhlZTY0OGVkMTNhMzk4ZjVjM2M2M2EwZDhjOGMzYTg2OWJiNmMxOTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP608Gvkv793YDEe6pf8Rvq2kjRi Nrtm+gPNz1r83cTEVWC8druqhf2BUs3+seb/GNEROtpN6d3i0xcdFwwd/vgcEu5Q K+5IsbXBBODkKdHdMqBKDm0FFMm6pkQUrMvEzi1UtlpjWb3ojOAebhUOB7mh7jes qNVUZM3U6m2eSEiLGN2e9bGVicnRA4csrTjtZfCokiTFfftob5IgicgG0Szudar9 SIIniZzqe2OOiMQuv+ZR8IgyHsDGCMUrbDpjDk4+MRdsBbBBQcty4lOpZZnVy02Z u6C4H3TlZqQpShP13KEea/1B0bvjEJUcu7mgYTwKeCTs+opuQDPQFHpxVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO5kjtE6OY9cPGOg2MjDqGm7bBkaMB8GA1UdIwQY MBaAFGi/HFohw4Jbi4ZRahpZcSG1SzzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2Et NTVlYjViYjk5ZTQ1LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8yZmNlNWUtYzkxNS00ZjAyLWFkM2EtNTVlYjViYjk5ZTQ1 LzEvYUw4Y1dpSERnbHVMaGxGcUdsbHhJYlZMUE1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZUA2SIU yQAYc684STf4HMAZdKtcZflLrdB0BqYiXTSoXmSiFBCFOy37OrhYjZ616wPgzNSo DShc+EAdNoyPlgGzKIZzpfMITPdvh2KYiCy8FSX/RVWhciF0gM6uzlI/9dz1o5Cb 0kbjRrhJSVZtdAzHAAR87foFtBq43MmB3w6Yzn/x/YRiV9xX7Rpu4eRb1bCugYfh 9vfu/6P4kUNUnxaQ4wVbbVpFPbxocjSrDjUgGWGEWNb+vLDn48y7WiJTFpK4J5I1 TvdxKnFpzwAnWGjDkzpBnpSjzp6LI5rvCdMlMLWFfaD6SLgrS6QM6nPTVtGzxPQ0 pxuCt/rcsT0mXg== -----END CERTIFICATE-----Generated at Thu Dec 25 07:06:12 2025 by rpki-client