This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft File: AlY31IiO4AWN6a06cMQtxGmWmpk.mft (raw, json) Hash identifier: pibW55qNkIZbFHfYf/ltmN92csxF5NzZmOu5hsR+qPc= Subject key identifier: A9:47:7C:A6:88:CE:AA:96:99:FD:81:A1:8F:18:4F:DC:AB:E0:FA:ED Authority key identifier: 02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99 Certificate issuer: /CN=025637d4888ee0058de9ad3a70c42dc469969a99 Certificate serial: 019B2B8AE79941553B2B408811F2F1EAC416 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft Manifest number: 0BF5 Signing time: Wed 17 Dec 2025 09:01:22 +0000 Manifest this update: Wed 17 Dec 2025 09:01:22 +0000 Manifest next update: Thu 18 Dec 2025 09:01:22 +0000 Files and hashes: 1: AlY31IiO4AWN6a06cMQtxGmWmpk.crl (hash: LhrOZ3SiArsZv7ruLH80rxnYxkwYCHEjcBgPmyCapqo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:e7:99:41:55:3b:2b:40:88:11:f2:f1:ea:c4:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=025637d4888ee0058de9ad3a70c42dc469969a99 Validity Not Before: Dec 17 09:01:22 2025 GMT Not After : Dec 18 09:01:22 2025 GMT Subject: CN=a9477ca688ceaa9699fd81a18f184fdcabe0faed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:eb:2d:d9:90:4b:42:55:13:ba:0b:12:1c:40: 66:6d:de:28:76:f2:1e:42:dc:a9:ea:2c:2a:a4:d5: ed:08:d7:4d:e7:59:ca:7b:29:01:56:6c:89:3c:8c: c1:ea:31:d3:cb:c3:1b:a6:56:f2:9b:77:18:36:f5: e4:83:5a:aa:e1:fb:fc:23:35:92:da:a5:f7:e5:76: ed:39:c5:22:93:ef:fe:c6:9b:9f:8e:60:e4:11:f1: aa:2f:1f:f1:b8:21:9a:f8:67:a6:06:1c:e5:10:7d: f4:96:b4:9f:a6:f2:ab:bf:6a:0a:a4:b0:d5:95:4c: b8:94:9e:f9:ae:af:95:dd:9b:fe:24:c5:a8:5c:b6: d1:0b:c0:46:9a:7c:ef:51:df:a8:e6:76:1f:93:c2: bf:71:e7:cb:fe:13:5b:60:68:88:22:15:7b:41:9c: 14:e2:18:fe:96:5a:24:58:ee:0a:3e:90:c8:1a:f9: bc:48:45:68:9e:1c:3b:9d:64:18:e1:a4:9b:88:6d: 43:e5:5f:a0:d7:01:27:10:7e:40:c6:95:03:fb:4c: fc:2a:cc:1b:b5:52:3b:8d:62:f0:d6:e7:aa:ca:be: 95:ad:6d:53:8e:1f:5f:e9:de:25:91:6c:c7:be:83: f1:0a:88:74:71:a3:50:5e:27:b3:5d:89:0a:ad:84: 36:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:47:7C:A6:88:CE:AA:96:99:FD:81:A1:8F:18:4F:DC:AB:E0:FA:ED X509v3 Authority Key Identifier: keyid:02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:cb:c3:ac:11:08:84:69:91:bc:5d:52:14:0d:02:03:75:da: 8b:01:08:a1:ae:88:41:07:64:7f:df:6a:3b:69:82:7a:5f:6e: 5d:7f:7a:ee:74:9f:78:91:44:14:ca:fe:7b:03:b1:cc:da:b0: 06:3f:2b:6c:85:b4:85:aa:21:66:a5:1d:83:df:dd:9f:25:71: bd:98:66:33:a3:85:0a:12:e8:74:51:fa:a8:fc:2e:5c:af:a4: da:1d:b6:0d:42:a1:5a:93:9d:01:d1:57:b5:5d:c5:69:68:64: eb:f7:b9:68:8e:d9:50:aa:c7:26:91:db:f3:fc:4d:93:0c:a4: 15:1b:42:c1:d2:d8:39:b3:a8:c4:44:6f:84:ad:3f:05:15:82: bd:d1:7a:88:fd:b1:09:4b:f3:52:d8:14:e7:43:8d:46:46:e1: 8b:2b:1c:73:84:9f:da:12:4b:0a:4e:f0:40:bd:03:63:58:08: 5a:1c:14:2a:9a:1b:05:a3:35:61:c4:30:02:b3:6e:4d:1e:e7: 37:90:31:d6:13:53:90:a4:cd:fc:d9:c8:31:9e:18:7a:5d:14: 3f:db:0e:1d:89:e0:f3:44:26:c1:1c:72:77:db:76:45:df:92: 22:69:9b:22:92:1a:ec:df:7e:ed:12:dd:3d:a2:bd:fb:ef:12: 21:e7:f8:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsriueZQVU7K0CIEfLx6sQWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNTYzN2Q0ODg4ZWUwMDU4ZGU5YWQzYTcwYzQyZGM0Njk5 NjlhOTkwHhcNMjUxMjE3MDkwMTIyWhcNMjUxMjE4MDkwMTIyWjAzMTEwLwYDVQQD EyhhOTQ3N2NhNjg4Y2VhYTk2OTlmZDgxYTE4ZjE4NGZkY2FiZTBmYWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoust2ZBLQlUTugsSHEBmbd4odvIe Qtyp6iwqpNXtCNdN51nKeykBVmyJPIzB6jHTy8Mbplbym3cYNvXkg1qq4fv8IzWS 2qX35XbtOcUik+/+xpufjmDkEfGqLx/xuCGa+GemBhzlEH30lrSfpvKrv2oKpLDV lUy4lJ75rq+V3Zv+JMWoXLbRC8BGmnzvUd+o5nYfk8K/cefL/hNbYGiIIhV7QZwU 4hj+llokWO4KPpDIGvm8SEVonhw7nWQY4aSbiG1D5V+g1wEnEH5AxpUD+0z8Kswb tVI7jWLw1ueqyr6VrW1Tjh9f6d4lkWzHvoPxCoh0caNQXiezXYkKrYQ2WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKlHfKaIzqqWmf2BoY8YT9yr4PrtMB8GA1UdIwQY MBaAFAJWN9SIjuAFjemtOnDELcRplpqZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2Yjct ZTBhNGE0ZjljYWJjLzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2YjctZTBhNGE0ZjljYWJj LzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzcvDrBEI hGmRvF1SFA0CA3XaiwEIoa6IQQdkf99qO2mCel9uXX967nSfeJFEFMr+ewOxzNqw Bj8rbIW0haohZqUdg9/dnyVxvZhmM6OFChLodFH6qPwuXK+k2h22DUKhWpOdAdFX tV3FaWhk6/e5aI7ZUKrHJpHb8/xNkwykFRtCwdLYObOoxERvhK0/BRWCvdF6iP2x CUvzUtgU50ONRkbhiyscc4Sf2hJLCk7wQL0DY1gIWhwUKpobBaM1YcQwArNuTR7n N5Ax1hNTkKTN/NnIMZ4Yel0UP9sOHYng80QmwRxyd9t2Rd+SImmbIpIa7N9+7RLd PaK9++8SIef4oA== -----END CERTIFICATE-----Generated at Wed Dec 17 13:26:21 2025 by rpki-client