This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft File: r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json) Hash identifier: Q0pjM9zv4LoRW1xrBGr8q58TWMv9sAdwkUMYDpqN9yQ= Subject key identifier: AE:19:C8:C7:53:59:15:4E:76:5F:89:AC:00:97:58:FD:EC:14:96:FF Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 Certificate issuer: /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Certificate serial: 019B397D5C5E4B11C12982CFF0880349A11F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft Manifest number: 03F8 Signing time: Sat 20 Dec 2025 02:01:15 +0000 Manifest this update: Sat 20 Dec 2025 02:01:15 +0000 Manifest next update: Sun 21 Dec 2025 02:01:15 +0000 Files and hashes: 1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: IlNwX+ycXNkyyctlW2crmPwaU+h8qVgpAjG5dKmAH2E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:5c:5e:4b:11:c1:29:82:cf:f0:88:03:49:a1:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Validity Not Before: Dec 20 02:01:15 2025 GMT Not After : Dec 21 02:01:15 2025 GMT Subject: CN=ae19c8c75359154e765f89ac009758fdec1496ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:e6:fa:6d:d1:e7:b3:52:22:14:f8:91:3a:d1: bd:04:48:26:d7:ff:d7:79:4b:de:ea:eb:a1:29:10: 0d:f3:2f:a7:a3:70:fb:32:10:82:d1:bf:87:89:7e: 58:c6:5b:e5:80:14:0c:bc:22:96:c0:d6:35:9a:07: b9:1a:ca:07:f2:87:30:ef:ba:20:32:ad:b9:92:e8: e9:c8:bd:8b:78:e2:27:0f:fd:b1:27:64:c7:ee:c8: 63:23:8f:c3:6f:93:2f:9f:d3:1a:0f:69:4a:98:c7: 7f:1a:d6:2c:87:a7:81:25:d0:9d:eb:a0:6e:04:83: ee:49:21:62:f3:49:79:7b:ac:1d:09:d3:e5:70:03: f7:42:bf:d7:57:8e:43:29:5b:ad:71:df:c0:16:52: 43:38:76:49:a1:65:fa:ef:a7:8f:5f:e4:22:e9:0d: 4c:ce:05:35:a2:01:3a:68:8c:6c:c7:bd:c8:71:96: 3d:41:b5:11:ad:c4:30:2b:d0:5e:e0:14:1f:b5:f6: 35:0a:12:61:53:de:62:cc:8e:7c:b2:59:2f:07:20: 23:8d:0b:5e:ef:fe:a9:a6:c4:3b:aa:37:ac:7d:2f: dd:ef:d7:9c:5d:89:59:17:52:61:de:1c:b4:e2:4f: cf:73:0c:4c:25:73:ee:f4:f8:69:26:a7:1d:a1:a1: 5b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:19:C8:C7:53:59:15:4E:76:5F:89:AC:00:97:58:FD:EC:14:96:FF X509v3 Authority Key Identifier: keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:1b:9c:3f:83:6d:d2:ba:32:ac:17:5d:29:c1:aa:f8:fe:9b: 91:45:53:ac:b4:4f:70:3d:40:68:4c:0b:fc:48:ba:6c:4f:5c: 00:82:93:68:ee:89:9d:cf:fe:e8:3c:a6:00:4b:b0:17:07:85: e8:d0:7c:3f:e3:b3:0f:0b:f1:cc:b5:e1:e3:23:13:4c:49:6c: 4e:c3:cb:29:05:cd:5d:9d:5c:87:c5:92:72:d4:0a:88:f3:5d: 51:2c:6e:94:75:20:9e:4e:25:ad:64:92:47:d2:66:df:1c:9a: f1:bb:48:e7:66:8b:77:35:3b:a3:70:44:a7:e9:45:f8:e7:a5: ad:0d:87:fe:86:36:fa:49:e4:84:d6:f0:71:0a:9d:f0:b3:3b: 0d:79:4e:30:bf:0e:27:26:fb:be:0b:99:80:48:06:60:82:ef: e7:0e:18:1f:25:92:14:3a:1c:8f:a1:18:5b:4c:d4:10:80:2f: 45:0b:e9:d5:18:e4:f4:15:33:d1:de:70:5c:bd:2a:18:a1:e4: e8:2c:09:e3:54:a9:a4:e1:df:fc:28:55:70:9d:0f:d9:d1:1f: 45:7d:35:0d:4c:79:0f:e1:9c:0e:6f:07:20:77:f7:7d:9a:23: 4c:24:1e:4f:41:8b:6a:1f:0d:d8:80:0f:94:50:04:f9:f3:28: b9:da:d2:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fVxeSxHBKYLP8IgDSaEfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz NzU5ODQwHhcNMjUxMjIwMDIwMTE1WhcNMjUxMjIxMDIwMTE1WjAzMTEwLwYDVQQD EyhhZTE5YzhjNzUzNTkxNTRlNzY1Zjg5YWMwMDk3NThmZGVjMTQ5NmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ub6bdHns1IiFPiROtG9BEgm1//X eUve6uuhKRAN8y+no3D7MhCC0b+HiX5YxlvlgBQMvCKWwNY1mge5GsoH8ocw77og Mq25kujpyL2LeOInD/2xJ2TH7shjI4/Db5Mvn9MaD2lKmMd/GtYsh6eBJdCd66Bu BIPuSSFi80l5e6wdCdPlcAP3Qr/XV45DKVutcd/AFlJDOHZJoWX676ePX+Qi6Q1M zgU1ogE6aIxsx73IcZY9QbURrcQwK9Be4BQftfY1ChJhU95izI58slkvByAjjQte 7/6ppsQ7qjesfS/d79ecXYlZF1Jh3hy04k/PcwxMJXPu9PhpJqcdoaFbrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK4ZyMdTWRVOdl+JrACXWP3sFJb/MB8GA1UdIwQY MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4 LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORucP4Nt 0royrBddKcGq+P6bkUVTrLRPcD1AaEwL/Ei6bE9cAIKTaO6Jnc/+6DymAEuwFweF 6NB8P+OzDwvxzLXh4yMTTElsTsPLKQXNXZ1ch8WSctQKiPNdUSxulHUgnk4lrWSS R9Jm3xya8btI52aLdzU7o3BEp+lF+OelrQ2H/oY2+knkhNbwcQqd8LM7DXlOML8O Jyb7vguZgEgGYILv5w4YHyWSFDocj6EYW0zUEIAvRQvp1Rjk9BUz0d5wXL0qGKHk 6CwJ41SppOHf/ChVcJ0P2dEfRX01DUx5D+GcDm8HIHf3fZojTCQeT0GLah8N2IAP lFAE+fMoudrS5A== -----END CERTIFICATE-----Generated at Sat Dec 20 08:39:33 2025 by rpki-client