This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft File: aLf4F6tRQbXhOCgM32GQFmu5y4c.mft (raw, json) Hash identifier: PFFI1bPf7nK+uf7pbJ+t3aotMzj584lAPdFf4DQScpw= Subject key identifier: 61:9A:D5:FB:5A:DE:F0:6F:DB:8C:F7:0C:A2:3B:06:FF:89:6D:69:DF Authority key identifier: 68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87 Certificate issuer: /CN=68b7f817ab5141b5e138280cdf6190166bb9cb87 Certificate serial: 019B56E2A4C7C66AC7AA691445DAE3ECBDA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft Manifest number: 1796 Signing time: Thu 25 Dec 2025 19:00:52 +0000 Manifest this update: Thu 25 Dec 2025 19:00:52 +0000 Manifest next update: Fri 26 Dec 2025 19:00:52 +0000 Files and hashes: 1: 1-wEZKS5ROln113VYj-rYIVv3HMw.roa (hash: zd3NK5lHmlo7IZCKvHCkj4ue/ewdTG041qEpUCwPhSg=) 2: aLf4F6tRQbXhOCgM32GQFmu5y4c.crl (hash: q1+cwjo/yBuuYuVZyVPJP7yW/KO/OmEvJRpY4ADhRAs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:56:e2:a4:c7:c6:6a:c7:aa:69:14:45:da:e3:ec:bd:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68b7f817ab5141b5e138280cdf6190166bb9cb87 Validity Not Before: Dec 25 19:00:52 2025 GMT Not After : Dec 26 19:00:52 2025 GMT Subject: CN=619ad5fb5adef06fdb8cf70ca23b06ff896d69df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b0:e4:97:da:6a:24:c3:36:13:71:e9:d3:07: 68:11:52:4f:bb:b6:ee:9e:2b:d5:2d:e1:70:2f:f3: 40:5a:d4:a9:cc:6f:64:b6:1c:2a:2d:e2:e1:e1:3b: b6:4b:ba:7e:99:71:b4:cb:53:61:db:e3:51:20:a5: e5:f3:ea:f1:66:c1:6e:73:e1:4f:35:0e:df:80:b1: 7c:73:24:ab:36:af:6b:93:4d:50:1e:40:7b:23:cc: f8:5a:5a:d8:71:9a:84:af:c0:bd:92:42:1e:0f:49: 73:8e:3d:90:db:86:66:27:d9:c9:64:3a:53:6f:50: 48:02:10:19:92:ef:81:1e:d9:e1:35:36:6d:5e:0c: e3:aa:b3:7c:08:b8:74:01:f4:13:54:69:e3:dc:78: ff:41:28:02:c3:38:72:37:25:3b:6b:15:db:0f:dc: e2:e6:9f:90:1f:61:7c:f6:ef:87:7f:9e:ac:0b:72: f7:ca:c1:29:1e:ba:a8:63:fa:fb:23:d3:8d:1b:53: ab:bd:30:30:5f:80:6c:38:86:df:39:79:a7:9a:77: 4e:cf:2b:82:7c:bd:de:a2:a5:f4:4b:19:28:ec:e2: 17:a8:fd:30:12:70:08:f0:2b:38:4d:15:f4:90:23: 73:ce:0d:2e:9e:4e:6d:37:8b:73:27:a9:c8:d8:f3: b2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:9A:D5:FB:5A:DE:F0:6F:DB:8C:F7:0C:A2:3B:06:FF:89:6D:69:DF X509v3 Authority Key Identifier: keyid:68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:a9:6e:d9:15:3c:a1:07:e0:cd:12:3e:b9:65:1c:a5:d8:29: d2:a3:57:36:08:30:3e:a7:5c:2d:5e:84:89:f2:ca:68:52:1b: 91:ff:fa:68:29:94:53:d0:b7:7d:90:df:a9:94:fd:ec:04:8f: 6f:0b:72:11:5f:5c:57:b7:f2:75:fa:20:41:c3:c9:52:69:78: 5d:94:9c:e1:4f:7a:fb:6d:97:f2:ef:8e:e9:75:d7:19:3d:93: bf:01:96:83:9b:74:a3:3f:65:9b:42:fd:bb:49:97:ac:5d:68: 71:a8:86:6a:f7:f8:05:10:83:e7:64:98:bf:61:36:bf:dd:6a: 49:d3:88:c6:ad:9f:25:c4:77:4a:27:e2:07:f9:63:ea:9f:a8: f8:c6:d9:a1:34:47:6f:28:34:08:19:2f:b1:44:56:a5:96:5b: 86:c7:5e:94:f8:26:c7:b2:e8:06:9c:b1:b0:79:0a:22:0f:75: 23:bb:f9:a5:d0:a5:6b:39:34:73:8b:6f:aa:e2:79:86:f8:b2: 80:0b:1f:7f:cd:b6:74:eb:8d:5d:7f:32:db:2d:25:55:47:ff: 7c:6e:f5:24:2f:6c:48:96:81:5f:ac:fe:f4:9f:90:65:12:1f: 96:36:3b:2d:cd:75:98:b6:85:ba:0c:67:63:be:b3:e6:68:ec: 80:d3:31:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtW4qTHxmrHqmkURdrj7L2oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YjdmODE3YWI1MTQxYjVlMTM4MjgwY2RmNjE5MDE2NmJi OWNiODcwHhcNMjUxMjI1MTkwMDUyWhcNMjUxMjI2MTkwMDUyWjAzMTEwLwYDVQQD Eyg2MTlhZDVmYjVhZGVmMDZmZGI4Y2Y3MGNhMjNiMDZmZjg5NmQ2OWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrDkl9pqJMM2E3Hp0wdoEVJPu7bu nivVLeFwL/NAWtSpzG9kthwqLeLh4Tu2S7p+mXG0y1Nh2+NRIKXl8+rxZsFuc+FP NQ7fgLF8cySrNq9rk01QHkB7I8z4WlrYcZqEr8C9kkIeD0lzjj2Q24ZmJ9nJZDpT b1BIAhAZku+BHtnhNTZtXgzjqrN8CLh0AfQTVGnj3Hj/QSgCwzhyNyU7axXbD9zi 5p+QH2F89u+Hf56sC3L3ysEpHrqoY/r7I9ONG1OrvTAwX4BsOIbfOXmnmndOzyuC fL3eoqX0Sxko7OIXqP0wEnAI8Cs4TRX0kCNzzg0unk5tN4tzJ6nI2POyRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGGa1fta3vBv24z3DKI7Bv+JbWnfMB8GA1UdIwQY MBaAFGi3+BerUUG14TgoDN9hkBZrucuHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMt MTY1MTcxMjZjMTMyLzEvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi83NDJjMTQtN2I0ZC00Mjc5LWI4MjMtMTY1MTcxMjZjMTMy LzEvYUxmNEY2dFJRYlhoT0NnTTMyR1FGbXU1eTRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6lu2RU8 oQfgzRI+uWUcpdgp0qNXNggwPqdcLV6EifLKaFIbkf/6aCmUU9C3fZDfqZT97ASP bwtyEV9cV7fydfogQcPJUml4XZSc4U96+22X8u+O6XXXGT2TvwGWg5t0oz9lm0L9 u0mXrF1ocaiGavf4BRCD52SYv2E2v91qSdOIxq2fJcR3SifiB/lj6p+o+MbZoTRH byg0CBkvsURWpZZbhsdelPgmx7LoBpyxsHkKIg91I7v5pdClazk0c4tvquJ5hviy gAsff822dOuNXX8y2y0lVUf/fG71JC9sSJaBX6z+9J+QZRIfljY7Lc11mLaFugxn Y76z5mjsgNMxpQ== -----END CERTIFICATE-----Generated at Fri Dec 26 01:30:36 2025 by rpki-client