This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft File: aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json) Hash identifier: 8q7y+KbVDtgicOiN1W+gDrg1L+NLphZh8T6x3AjHEak= Subject key identifier: BD:B0:16:7D:33:BB:64:A7:42:82:2B:1F:BB:CC:B6:25:C8:A7:C9:30 Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 Certificate issuer: /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Certificate serial: 019B424A7A26CE79785D499E493381C9F705 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft Manifest number: 04F6 Signing time: Sun 21 Dec 2025 19:02:15 +0000 Manifest this update: Sun 21 Dec 2025 19:02:15 +0000 Manifest next update: Mon 22 Dec 2025 19:02:15 +0000 Files and hashes: 1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=) 2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: Z48ZlrjfX8lZEmzGO5jUKrzlAi/rQFMqod7Lc/SGvko=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:7a:26:ce:79:78:5d:49:9e:49:33:81:c9:f7:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9 Validity Not Before: Dec 21 19:02:15 2025 GMT Not After : Dec 22 19:02:15 2025 GMT Subject: CN=bdb0167d33bb64a742822b1fbbccb625c8a7c930 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:0b:27:51:7d:2f:78:34:6f:cd:d6:0f:55:a4: 80:05:ca:de:07:6a:53:0f:9b:46:96:ed:8f:90:fc: 09:f6:f0:2f:8d:41:3a:c6:84:8e:aa:6c:e4:b4:d6: 0f:a2:07:5b:31:19:77:70:07:95:de:38:af:de:9b: bb:77:5c:4f:33:4a:e7:f2:02:c8:de:d5:7f:b5:55: 49:e0:b6:a1:f7:ec:4d:90:e8:11:c5:99:42:9f:ba: c2:ad:1b:be:81:b5:14:39:4f:88:3f:be:d3:2e:d0: e8:c4:34:4d:90:63:6d:65:85:00:0d:b4:e8:a4:7d: 26:7f:ce:b4:a1:34:7e:04:95:08:60:c1:11:b8:78: 19:74:b7:65:ac:a2:93:9f:9e:2b:0b:f0:80:61:48: 76:55:31:60:bf:a0:94:34:10:6a:4a:b7:ca:4f:02: 8e:71:d0:2c:ee:42:34:da:25:5c:11:79:0f:da:fa: c6:50:29:d8:f9:8f:61:37:bf:d7:ac:8d:88:17:be: 98:e6:c4:6b:03:f2:a8:42:f7:27:e5:02:e0:ca:68: 07:5d:c3:4e:5e:c7:8f:ad:5c:82:36:22:d2:4c:64: 52:b9:06:86:c6:cc:f7:f4:49:3b:14:03:88:da:31: 0c:8e:94:4e:fe:6e:8c:80:47:0f:cd:ba:2e:5d:11: e7:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:B0:16:7D:33:BB:64:A7:42:82:2B:1F:BB:CC:B6:25:C8:A7:C9:30 X509v3 Authority Key Identifier: keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:1c:70:e0:1c:c3:3f:22:9e:a1:ce:25:8f:2c:f7:9d:31:33: f9:43:de:1a:f2:c7:d7:16:62:5e:77:b2:50:04:1a:00:2e:d2: ba:17:04:09:3f:84:2f:ee:86:87:33:ca:fb:e0:de:62:ff:f1: cd:07:c0:10:06:73:70:4c:7b:21:23:ca:a5:93:b8:d5:3b:6a: 27:d9:a3:fd:d5:09:bc:39:67:7d:81:6d:c8:25:f8:36:2a:ce: 63:e8:68:12:fa:95:c7:c6:94:71:14:94:3f:c7:73:4f:5a:23: 57:4c:94:00:0d:94:01:ff:3b:d3:34:a3:e5:7b:8e:df:a8:77: bc:36:a4:7c:e1:1d:97:8e:36:8d:9b:3c:fa:1f:a3:1d:10:66: 67:7e:5a:fc:e0:75:25:ee:95:dc:6a:4f:72:f6:e6:29:c0:02: 91:ca:31:f9:2f:d7:8b:ad:15:ad:2a:04:8b:50:94:5f:fd:3b: 60:fe:26:1e:e2:82:52:6f:8d:47:86:d1:22:4d:3f:e9:08:6c: d8:59:2c:9d:54:9d:e1:ef:f2:71:6d:50:cb:6f:b7:00:a2:98: 15:81:c6:fa:a1:1a:b5:59:f0:98:ba:ee:8c:01:92:2c:42:0b: 57:f4:5b:38:56:ef:7f:6e:fb:d6:35:12:e0:2d:2c:14:27:aa: be:30:6d:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSnomznl4XUmeSTOByfcFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi NGM1ZjkwHhcNMjUxMjIxMTkwMjE1WhcNMjUxMjIyMTkwMjE1WjAzMTEwLwYDVQQD EyhiZGIwMTY3ZDMzYmI2NGE3NDI4MjJiMWZiYmNjYjYyNWM4YTdjOTMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AsnUX0veDRvzdYPVaSABcreB2pT D5tGlu2PkPwJ9vAvjUE6xoSOqmzktNYPogdbMRl3cAeV3jiv3pu7d1xPM0rn8gLI 3tV/tVVJ4Lah9+xNkOgRxZlCn7rCrRu+gbUUOU+IP77TLtDoxDRNkGNtZYUADbTo pH0mf860oTR+BJUIYMERuHgZdLdlrKKTn54rC/CAYUh2VTFgv6CUNBBqSrfKTwKO cdAs7kI02iVcEXkP2vrGUCnY+Y9hN7/XrI2IF76Y5sRrA/KoQvcn5QLgymgHXcNO XsePrVyCNiLSTGRSuQaGxsz39Ek7FAOI2jEMjpRO/m6MgEcPzbouXRHn7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL2wFn0zu2SnQoIrH7vMtiXIp8kwMB8GA1UdIwQY MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHxxw4BzD PyKeoc4ljyz3nTEz+UPeGvLH1xZiXneyUAQaAC7SuhcECT+EL+6GhzPK++DeYv/x zQfAEAZzcEx7ISPKpZO41TtqJ9mj/dUJvDlnfYFtyCX4NirOY+hoEvqVx8aUcRSU P8dzT1ojV0yUAA2UAf870zSj5XuO36h3vDakfOEdl442jZs8+h+jHRBmZ35a/OB1 Je6V3GpPcvbmKcACkcox+S/Xi60VrSoEi1CUX/07YP4mHuKCUm+NR4bRIk0/6Qhs 2FksnVSd4e/ycW1Qy2+3AKKYFYHG+qEatVnwmLrujAGSLEILV/RbOFbvf2771jUS 4C0sFCeqvjBtIg== -----END CERTIFICATE-----Generated at Mon Dec 22 02:36:57 2025 by rpki-client