This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft File: r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json) Hash identifier: 7XDvuZXhfUXrarF6Bunm6JRK4eMHxAyk8hi3f1EJCQw= Subject key identifier: 99:30:17:23:7A:7D:02:4C:27:F6:56:DE:46:02:A7:27:8C:E1:67:E9 Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 Certificate issuer: /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Certificate serial: 019B2FD4D2B1CE2EBFDCE710843944B59169 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft Manifest number: 03F3 Signing time: Thu 18 Dec 2025 05:00:35 +0000 Manifest this update: Thu 18 Dec 2025 05:00:35 +0000 Manifest next update: Fri 19 Dec 2025 05:00:35 +0000 Files and hashes: 1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: OKbUsS1bOCUedeeom0doaQMZ7a6nMM3Q2rKsuRcNmxw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d4:d2:b1:ce:2e:bf:dc:e7:10:84:39:44:b5:91:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984 Validity Not Before: Dec 18 05:00:35 2025 GMT Not After : Dec 19 05:00:35 2025 GMT Subject: CN=993017237a7d024c27f656de4602a7278ce167e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8e:9a:dd:ea:7a:ed:c2:7f:aa:f8:67:36:62: ee:cb:7f:e3:63:19:5e:28:62:1e:8a:03:c6:05:95: f7:69:96:93:3f:cc:16:2a:bb:f7:6d:c1:91:e5:31: e9:56:6f:7f:1d:18:6d:9c:94:aa:e9:e1:e9:20:eb: 64:ad:87:6c:25:46:85:7b:7a:92:fa:e2:21:50:73: 56:71:97:6b:21:cc:0b:42:58:5c:e2:9c:6d:4d:a5: 27:3c:ed:fb:ca:96:37:b5:eb:07:f5:45:f8:f5:72: 09:d2:8c:c9:1b:e0:b7:6a:cd:03:af:47:7e:b3:52: 5c:d4:85:14:55:a4:f9:0a:1c:9f:a1:ba:e0:7f:fd: 3b:3c:73:84:8f:fc:2f:51:03:f7:a3:75:76:12:45: 56:74:08:69:c1:62:19:54:cd:95:20:f6:0d:17:ff: 4d:d0:ea:8c:85:36:46:41:17:3b:a7:0c:5f:a1:39: 20:ec:ad:03:a5:3a:c0:c7:35:ee:e5:9b:c6:7d:cb: f2:aa:28:4c:d7:b5:9b:fe:d0:56:5e:13:43:bf:82: f0:0d:be:36:04:a7:c9:47:fa:58:4c:70:50:99:7e: aa:47:55:3c:c2:a2:19:04:14:c2:b9:63:3f:93:48: 5f:fe:e9:54:f0:9e:0f:1d:ca:c7:f1:b4:44:7f:f9: 0a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:30:17:23:7A:7D:02:4C:27:F6:56:DE:46:02:A7:27:8C:E1:67:E9 X509v3 Authority Key Identifier: keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:a9:6d:30:89:e3:e6:af:6d:e6:ad:fa:e1:7b:04:5d:98:60: eb:ee:66:32:b0:f4:86:41:ad:77:37:20:87:d3:c8:91:67:9f: 70:ac:8e:48:2e:d3:54:bb:2a:f5:62:d2:4e:b1:6a:13:33:94: ff:56:bf:8b:ba:a7:c5:26:b4:86:6e:a0:b6:43:8c:f3:e9:ab: 6f:25:24:f4:06:1b:91:3c:ee:f2:bf:64:02:b9:e7:30:6c:63: 99:a0:3e:d4:52:d9:b3:53:f8:20:fb:a1:58:bf:6b:87:91:87: 9e:b4:a5:e4:4d:ff:df:21:c9:8d:e2:13:d6:eb:7b:78:9f:30: 0f:17:5e:ee:94:6d:6a:5d:42:23:23:30:ef:95:89:f6:8a:93: d8:76:3e:2e:8f:47:1c:6e:b8:dc:d5:07:65:1a:f8:a8:48:93: 17:0f:71:d1:74:e0:4c:be:94:83:55:e5:5d:aa:01:72:f0:37: 70:dd:de:a2:fc:8a:15:5f:69:1e:52:1d:70:43:b2:55:6b:73: cf:61:a8:f4:d3:ac:90:d4:6e:ee:3c:2f:c3:75:53:b6:da:5a: f9:5e:4d:8e:90:08:62:8d:bd:be:79:26:e0:85:38:1a:55:40: 92:49:51:ec:25:19:90:bb:cf:0a:f4:df:cf:9a:85:b0:22:76: d2:ea:bb:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1NKxzi6/3OcQhDlEtZFpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz NzU5ODQwHhcNMjUxMjE4MDUwMDM1WhcNMjUxMjE5MDUwMDM1WjAzMTEwLwYDVQQD Eyg5OTMwMTcyMzdhN2QwMjRjMjdmNjU2ZGU0NjAyYTcyNzhjZTE2N2U5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy46a3ep67cJ/qvhnNmLuy3/jYxle KGIeigPGBZX3aZaTP8wWKrv3bcGR5THpVm9/HRhtnJSq6eHpIOtkrYdsJUaFe3qS +uIhUHNWcZdrIcwLQlhc4pxtTaUnPO37ypY3tesH9UX49XIJ0ozJG+C3as0Dr0d+ s1Jc1IUUVaT5Chyfobrgf/07PHOEj/wvUQP3o3V2EkVWdAhpwWIZVM2VIPYNF/9N 0OqMhTZGQRc7pwxfoTkg7K0DpTrAxzXu5ZvGfcvyqihM17Wb/tBWXhNDv4LwDb42 BKfJR/pYTHBQmX6qR1U8wqIZBBTCuWM/k0hf/ulU8J4PHcrH8bREf/kKXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJkwFyN6fQJMJ/ZW3kYCpyeM4WfpMB8GA1UdIwQY MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4 LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqltMInj 5q9t5q364XsEXZhg6+5mMrD0hkGtdzcgh9PIkWefcKyOSC7TVLsq9WLSTrFqEzOU /1a/i7qnxSa0hm6gtkOM8+mrbyUk9AYbkTzu8r9kArnnMGxjmaA+1FLZs1P4IPuh WL9rh5GHnrSl5E3/3yHJjeIT1ut7eJ8wDxde7pRtal1CIyMw75WJ9oqT2HY+Lo9H HG643NUHZRr4qEiTFw9x0XTgTL6Ug1XlXaoBcvA3cN3eovyKFV9pHlIdcEOyVWtz z2Go9NOskNRu7jwvw3VTttpa+V5NjpAIYo29vnkm4IU4GlVAkklR7CUZkLvPCvTf z5qFsCJ20uq7hg== -----END CERTIFICATE-----Generated at Thu Dec 18 11:56:48 2025 by rpki-client