This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json) Hash identifier: 7Y1bCfSAb9BtGCF/jggDcKQUp+fjYU6puU5oC6cIGeI= Subject key identifier: 62:70:35:2B:F7:BD:CB:0C:83:F2:E3:7D:57:DB:D3:4B:3D:B1:D3:EC Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Certificate serial: 019B30432B5A63B530A0AA6C2ADEDEE41DF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft Manifest number: 0B44 Signing time: Thu 18 Dec 2025 07:01:06 +0000 Manifest this update: Thu 18 Dec 2025 07:01:06 +0000 Manifest next update: Fri 19 Dec 2025 07:01:06 +0000 Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: M3JiWsjJN6BxQ5LkjCWv42baGXpoOYCJM4nOMF/zEGA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:43:2b:5a:63:b5:30:a0:aa:6c:2a:de:de:e4:1d:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2 Validity Not Before: Dec 18 07:01:06 2025 GMT Not After : Dec 19 07:01:06 2025 GMT Subject: CN=6270352bf7bdcb0c83f2e37d57dbd34b3db1d3ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:2b:ef:31:b7:27:76:15:bc:25:f8:8f:a3:3a: 7e:ac:ad:ee:a8:2f:6f:0e:c4:df:21:8d:5c:35:03: 6d:e7:1a:fc:4f:9e:23:df:46:56:07:4c:b1:f8:e5: 43:b2:5b:86:67:2c:cb:01:18:87:20:f2:24:db:e9: 00:9a:e2:1e:bb:bb:d7:fb:f5:39:2d:b0:d5:9c:5a: 4d:29:ad:7d:29:d5:cc:8c:4c:c3:34:05:a8:82:18: f9:01:15:a3:e3:16:57:3f:94:61:ac:6f:c4:24:a0: 9f:16:71:1a:ce:ae:00:78:19:48:0c:00:ba:a8:1b: 90:64:6e:7c:84:f5:08:59:ce:3d:69:55:9d:07:d0: 47:fa:83:73:97:34:c8:86:90:29:72:85:e9:83:74: 90:4e:b5:81:c5:80:5c:9c:4d:63:77:a8:76:8f:88: 07:49:0e:15:f9:62:2d:7b:07:71:f5:95:dc:67:a0: 26:bf:a0:ad:8f:65:82:35:6f:dc:4d:5d:f2:dd:9d: 08:8b:5e:0e:72:6c:49:a5:37:50:2a:6c:7d:88:f9: 4b:06:9b:fd:32:f0:69:8e:22:b1:6a:ec:e2:52:26: ac:88:29:df:d0:3a:b6:41:11:8e:8d:d2:df:e6:bf: 5e:cc:0c:19:19:1d:2e:76:dc:ea:54:c7:a9:2a:e8: fa:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:70:35:2B:F7:BD:CB:0C:83:F2:E3:7D:57:DB:D3:4B:3D:B1:D3:EC X509v3 Authority Key Identifier: keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:2e:49:ac:53:e8:d4:7a:7d:07:74:dd:fe:46:e9:fd:d1:02: 15:38:ef:8c:db:68:b3:2e:f7:90:32:b0:70:8c:16:bf:73:9a: b7:33:3a:c9:4d:bc:29:08:8b:7e:5f:e1:9b:0b:90:4e:4e:68: 23:29:b8:ff:a2:17:4d:e1:6e:7e:0a:9a:3c:7d:1e:b8:a0:18: 9c:c8:3c:ba:02:4b:6e:27:74:63:bb:fa:16:0b:a8:69:94:ad: 21:7f:f5:8c:a4:af:4f:cf:66:ce:3a:73:49:30:a1:32:86:ee: 95:21:16:21:5d:04:46:16:28:15:a4:01:55:07:dd:ae:af:65: 79:2a:04:bc:b6:11:2f:20:56:68:d9:be:6a:c8:7a:70:58:4b: 7f:82:82:4a:06:17:d2:c0:25:ef:07:3f:e9:bd:51:d9:b7:3b: 01:f7:45:66:ce:8e:87:9f:cd:4f:c6:77:b9:c7:14:51:62:b3: eb:07:81:e8:a9:70:1b:f4:69:1b:8b:8e:35:29:65:b0:a2:a8: f8:1b:03:f9:e6:31:03:5c:08:5f:3d:d0:c5:9b:ac:a8:08:9d: 79:e3:fb:2e:f4:20:df:02:1f:51:1d:80:e8:76:b2:bf:c1:0d: 62:6b:99:a6:7b:7c:57:ec:fc:55:e8:7f:05:fc:ca:1b:05:dc: c7:2c:f3:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQytaY7UwoKpsKt7e5B33MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw N2NhZDIwHhcNMjUxMjE4MDcwMTA2WhcNMjUxMjE5MDcwMTA2WjAzMTEwLwYDVQQD Eyg2MjcwMzUyYmY3YmRjYjBjODNmMmUzN2Q1N2RiZDM0YjNkYjFkM2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ivvMbcndhW8JfiPozp+rK3uqC9v DsTfIY1cNQNt5xr8T54j30ZWB0yx+OVDsluGZyzLARiHIPIk2+kAmuIeu7vX+/U5 LbDVnFpNKa19KdXMjEzDNAWoghj5ARWj4xZXP5RhrG/EJKCfFnEazq4AeBlIDAC6 qBuQZG58hPUIWc49aVWdB9BH+oNzlzTIhpApcoXpg3SQTrWBxYBcnE1jd6h2j4gH SQ4V+WItewdx9ZXcZ6Amv6Ctj2WCNW/cTV3y3Z0Ii14OcmxJpTdQKmx9iPlLBpv9 MvBpjiKxauziUiasiCnf0Dq2QRGOjdLf5r9ezAwZGR0udtzqVMepKuj6+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGJwNSv3vcsMg/LjfVfb00s9sdPsMB8GA1UdIwQY MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfC5JrFPo 1Hp9B3Td/kbp/dECFTjvjNtosy73kDKwcIwWv3OatzM6yU28KQiLfl/hmwuQTk5o Iym4/6IXTeFufgqaPH0euKAYnMg8ugJLbid0Y7v6FguoaZStIX/1jKSvT89mzjpz STChMobulSEWIV0ERhYoFaQBVQfdrq9leSoEvLYRLyBWaNm+ash6cFhLf4KCSgYX 0sAl7wc/6b1R2bc7AfdFZs6Oh5/NT8Z3uccUUWKz6weB6KlwG/RpG4uONSllsKKo +BsD+eYxA1wIXz3QxZusqAideeP7LvQg3wIfUR2A6Hayv8ENYmuZpnt8V+z8Veh/ BfzKGwXcxyzzXQ== -----END CERTIFICATE-----Generated at Thu Dec 18 11:14:22 2025 by rpki-client