This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft File: 0AL76fCkE2A-3vtzOlMfLiwOnAY.mft (raw, json) Hash identifier: 0DS5uT2rmlm9rXae78OtDA6fZDbKc/tZLiER5yj1gro= Subject key identifier: 44:6B:FD:63:D7:B3:E2:43:65:25:CD:39:8C:C5:75:7C:19:FE:09:E4 Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06 Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06 Certificate serial: 019B3B34B215925107203A691084272DAFEC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 10:01:07 +0000 Manifest this update: Sat 20 Dec 2025 10:01:07 +0000 Manifest next update: Sun 21 Dec 2025 10:01:07 +0000 Files and hashes: 1: 0AL76fCkE2A-3vtzOlMfLiwOnAY.crl (hash: /Onz8UmVTdwUziNiJCs+OQ/nPlvO2KdXfvr3v85ET3g=) 2: _XUidn5LGX4qhZ_75ajbeYWe1Ao.roa (hash: b/pfq31DckGw+o1qBs5ugJl7vAflaGA+vdef1tZYmPs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:b2:15:92:51:07:20:3a:69:10:84:27:2d:af:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06 Validity Not Before: Dec 20 10:01:07 2025 GMT Not After : Dec 21 10:01:07 2025 GMT Subject: CN=446bfd63d7b3e2436525cd398cc5757c19fe09e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e8:28:ba:bb:ee:82:34:7a:78:40:52:02:d8: 35:f3:03:6c:10:ef:ea:e8:e7:ee:55:b8:11:9a:74: 7d:e8:26:48:c0:80:90:dc:22:09:45:d7:1f:0d:ec: af:9d:2a:01:98:f3:78:78:a0:0f:4f:52:4c:20:5e: a3:91:27:68:02:07:64:a7:8b:e7:db:fc:59:0d:24: ea:27:f1:24:13:16:ec:f7:df:bc:68:1b:50:9a:bd: 5c:7f:03:ee:0c:38:61:d5:e4:82:61:51:1c:86:9d: 1d:d5:20:9e:a6:7d:d7:67:51:1a:07:d4:1b:4f:4c: a8:65:9a:89:3d:eb:5f:72:14:78:21:92:41:ef:2a: ca:c1:0e:89:a5:7b:60:ef:f9:48:a3:e1:e0:cc:48: 50:99:8b:26:c1:28:dd:fa:12:6d:47:bf:c5:82:87: 5f:f6:e8:e3:4f:94:ad:4e:c1:3c:b4:f9:12:50:22: 25:da:63:d1:d6:ca:c3:2b:c1:6d:86:e0:b1:03:de: fa:1d:a2:be:a8:27:19:0b:57:07:b7:7f:8e:d0:e6: 38:ff:97:71:88:dc:fe:4d:90:b1:3d:99:86:4c:46: e3:23:45:00:be:d3:c2:4f:8e:87:7c:08:37:3f:c5: 07:44:1a:fb:1e:69:ef:ca:54:c9:d1:cc:b1:ee:19: ff:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:6B:FD:63:D7:B3:E2:43:65:25:CD:39:8C:C5:75:7C:19:FE:09:E4 X509v3 Authority Key Identifier: keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:a3:ef:25:29:f1:52:5f:c2:6a:d7:a2:b2:a2:47:6c:3a:f2: 0b:ea:07:18:8d:c3:ce:39:e5:52:40:0e:d3:4a:09:77:fb:0a: 4d:ec:65:22:f6:4b:2e:60:26:f6:a1:0a:06:b8:19:ee:92:08: 12:7a:9a:7f:9a:5a:84:ee:bb:c8:26:51:c1:83:d2:30:a9:99: bb:e5:8d:67:15:5e:4b:56:fd:d8:b3:4a:29:e2:df:58:bc:0a: 8b:c8:56:e8:ac:2c:ed:8d:ff:87:77:7a:a0:57:ef:94:af:aa: 8b:d9:40:2f:7c:80:b5:60:41:6e:c3:0e:52:2a:34:3a:97:11: 96:84:08:3e:fb:2e:40:b3:15:83:52:84:ef:9d:e5:e5:05:95: 3e:a5:13:dd:56:3b:a5:bc:17:78:12:04:c0:f3:2f:e3:8c:1d: 0e:60:c4:7e:c2:41:58:a2:60:27:1c:aa:f0:04:d2:32:a7:6e: e0:f8:da:a8:d8:5b:9e:41:0c:81:04:84:17:3c:2f:cc:d3:08: 74:58:fb:2e:cd:72:26:9e:ff:e3:bc:61:9d:1c:8b:80:de:f6: ba:b1:93:b6:ec:ea:58:73:09:b6:6b:ce:5e:a3:4e:85:b1:b3: e7:e2:d3:f9:98:9f:c8:f3:22:db:53:91:be:a7:83:b1:54:cf: e6:80:da:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NLIVklEHIDppEIQnLa/sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw ZTljMDYwHhcNMjUxMjIwMTAwMTA3WhcNMjUxMjIxMTAwMTA3WjAzMTEwLwYDVQQD Eyg0NDZiZmQ2M2Q3YjNlMjQzNjUyNWNkMzk4Y2M1NzU3YzE5ZmUwOWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+gourvugjR6eEBSAtg18wNsEO/q 6OfuVbgRmnR96CZIwICQ3CIJRdcfDeyvnSoBmPN4eKAPT1JMIF6jkSdoAgdkp4vn 2/xZDSTqJ/EkExbs99+8aBtQmr1cfwPuDDhh1eSCYVEchp0d1SCepn3XZ1EaB9Qb T0yoZZqJPetfchR4IZJB7yrKwQ6JpXtg7/lIo+HgzEhQmYsmwSjd+hJtR7/Fgodf 9ujjT5StTsE8tPkSUCIl2mPR1srDK8FthuCxA976HaK+qCcZC1cHt3+O0OY4/5dx iNz+TZCxPZmGTEbjI0UAvtPCT46HfAg3P8UHRBr7HmnvylTJ0cyx7hn/+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFERr/WPXs+JDZSXNOYzFdXwZ/gnkMB8GA1UdIwQY MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt MTljMDQ1YzZhMTRmLzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKPvJSnx Ul/CateisqJHbDryC+oHGI3DzjnlUkAO00oJd/sKTexlIvZLLmAm9qEKBrgZ7pII Enqaf5pahO67yCZRwYPSMKmZu+WNZxVeS1b92LNKKeLfWLwKi8hW6Kws7Y3/h3d6 oFfvlK+qi9lAL3yAtWBBbsMOUio0OpcRloQIPvsuQLMVg1KE753l5QWVPqUT3VY7 pbwXeBIEwPMv44wdDmDEfsJBWKJgJxyq8ATSMqdu4PjaqNhbnkEMgQSEFzwvzNMI dFj7Ls1yJp7/47xhnRyLgN72urGTtuzqWHMJtmvOXqNOhbGz5+LT+ZifyPMi21OR vqeDsVTP5oDa0Q== -----END CERTIFICATE-----Generated at Sat Dec 20 16:45:17 2025 by rpki-client