This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft File: r7ALKTlueAM-26yv75hQsbDjUyM.mft (raw, json) Hash identifier: QchUzCWey0h+U7by0mkwP23CGE4SOhlpglusonIDk4U= Subject key identifier: D9:25:B5:9C:3A:0A:38:BC:00:9E:09:68:A8:19:3E:0A:7B:AF:7A:2B Authority key identifier: AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23 Certificate issuer: /CN=afb00b29396e78033edbacafef9850b1b0e35323 Certificate serial: 019B68B1F22EB78E9AFE7B33420F287C1C95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft Manifest number: 104C Signing time: Mon 29 Dec 2025 06:00:50 +0000 Manifest this update: Mon 29 Dec 2025 06:00:50 +0000 Manifest next update: Tue 30 Dec 2025 06:00:50 +0000 Files and hashes: 1: CY3YIBeeXy7d304leRk_84B6aOw.roa (hash: a5cqctkZKmbgtiXrSitwhHqbpFExqVK4hQecaTEUPK8=) 2: r7ALKTlueAM-26yv75hQsbDjUyM.crl (hash: UDPdtguM4n1SvhDzYw7vpM8rdFIFmJrWYkzDURK0Eeo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 06:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:b1:f2:2e:b7:8e:9a:fe:7b:33:42:0f:28:7c:1c:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afb00b29396e78033edbacafef9850b1b0e35323 Validity Not Before: Dec 29 06:00:50 2025 GMT Not After : Dec 30 06:00:50 2025 GMT Subject: CN=d925b59c3a0a38bc009e0968a8193e0a7baf7a2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c1:82:d2:76:95:62:77:25:87:9e:a2:d9:5a: 21:4f:2a:ed:31:20:45:ef:7d:a8:ce:b0:e4:c3:2a: 32:db:9e:98:27:86:8f:e9:b2:ff:3e:81:11:ea:19: 5a:60:73:5e:af:50:eb:e1:a2:74:38:77:bd:5f:88: 78:0d:85:8e:d2:88:b4:c0:96:ed:aa:08:9f:e7:cb: 66:c5:ed:63:f9:d2:63:e7:c6:a0:36:d2:b2:16:e2: 34:14:f5:24:43:4a:96:1b:97:a5:45:c8:47:69:31: 11:53:f1:e6:63:ae:c8:1b:f2:30:d0:f4:4a:6a:be: a8:4c:5e:d0:a7:c2:e5:61:04:2a:e3:c4:87:f9:db: 27:e5:56:10:67:58:cb:cb:aa:32:d9:8d:8b:eb:cf: d7:9a:f7:1f:f3:0f:01:d6:68:ee:be:50:60:8b:a6: 07:9e:a1:57:a7:06:2a:0e:2f:c6:30:0c:b9:bd:4b: ac:bc:c2:42:33:d7:d5:84:e0:38:ac:54:cd:1f:c7: dc:dc:ad:22:69:54:ae:81:8a:bf:93:ad:fb:28:04: e3:ba:f1:3a:95:15:57:56:a9:5c:82:32:86:fd:fd: f6:6b:3a:71:b8:01:7c:39:5b:8a:2c:71:1f:c8:23: af:6d:41:62:f7:72:fc:7d:d8:fb:7f:0a:7f:18:3c: 70:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:25:B5:9C:3A:0A:38:BC:00:9E:09:68:A8:19:3E:0A:7B:AF:7A:2B X509v3 Authority Key Identifier: keyid:AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:cc:f4:4d:14:bb:9d:a7:3a:2b:e1:1f:75:a2:5e:57:a9:95: 56:1b:ef:ff:6d:ce:28:01:a2:05:32:4e:1a:f4:19:f6:1d:4a: 19:c1:31:fa:0c:48:6a:33:36:d7:62:db:75:77:02:e4:90:36: 0d:3c:40:23:c1:e3:29:9e:f8:88:25:76:40:9c:87:ce:d2:f2: 74:2c:ea:12:0e:a1:b5:bb:7d:44:e1:0f:73:9f:4d:ae:3a:5e: 67:75:fa:59:c4:7c:1e:1d:14:d7:d1:ea:2b:c9:ea:26:5b:6d: 75:b7:c4:e6:c7:8f:a9:a0:de:40:04:b2:ba:39:5c:6e:19:e1: 4d:f4:ef:38:e9:f4:b8:be:7c:0f:63:4e:86:a8:ab:24:39:99: 59:a5:48:13:29:82:e9:a2:0b:4e:7a:b1:9f:a5:b0:96:3c:27: ba:4c:c4:49:65:ff:3e:cf:61:e9:fd:05:0e:ea:f9:ce:ec:3a: 0f:c4:d9:d9:e2:45:94:8a:cd:8b:fb:6f:bd:1e:57:21:01:8e: 0e:ff:2d:e6:7e:db:49:1b:85:19:ff:45:17:6a:f1:65:f5:2c: c8:ad:de:b7:21:c4:fc:30:61:2b:8e:89:97:91:aa:a3:6b:95: 9a:db:6a:7e:2e:a2:d8:ea:46:07:91:81:37:32:55:90:16:d4: b1:2b:63:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtosfIut46a/nszQg8ofByVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmYjAwYjI5Mzk2ZTc4MDMzZWRiYWNhZmVmOTg1MGIxYjBl MzUzMjMwHhcNMjUxMjI5MDYwMDUwWhcNMjUxMjMwMDYwMDUwWjAzMTEwLwYDVQQD EyhkOTI1YjU5YzNhMGEzOGJjMDA5ZTA5NjhhODE5M2UwYTdiYWY3YTJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8GC0naVYnclh56i2VohTyrtMSBF 732ozrDkwyoy256YJ4aP6bL/PoER6hlaYHNer1Dr4aJ0OHe9X4h4DYWO0oi0wJbt qgif58tmxe1j+dJj58agNtKyFuI0FPUkQ0qWG5elRchHaTERU/HmY67IG/Iw0PRK ar6oTF7Qp8LlYQQq48SH+dsn5VYQZ1jLy6oy2Y2L68/Xmvcf8w8B1mjuvlBgi6YH nqFXpwYqDi/GMAy5vUusvMJCM9fVhOA4rFTNH8fc3K0iaVSugYq/k637KATjuvE6 lRVXVqlcgjKG/f32azpxuAF8OVuKLHEfyCOvbUFi93L8fdj7fwp/GDxwfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNkltZw6Cji8AJ4JaKgZPgp7r3orMB8GA1UdIwQY MBaAFK+wCyk5bngDPtusr++YULGw41MjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2It NjVhOWE0ZGZhZDllLzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2ItNjVhOWE0ZGZhZDll LzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArsz0TRS7 nac6K+EfdaJeV6mVVhvv/23OKAGiBTJOGvQZ9h1KGcEx+gxIajM212LbdXcC5JA2 DTxAI8HjKZ74iCV2QJyHztLydCzqEg6htbt9ROEPc59NrjpeZ3X6WcR8Hh0U19Hq K8nqJlttdbfE5sePqaDeQASyujlcbhnhTfTvOOn0uL58D2NOhqirJDmZWaVIEymC 6aILTnqxn6WwljwnukzESWX/Ps9h6f0FDur5zuw6D8TZ2eJFlIrNi/tvvR5XIQGO Dv8t5n7bSRuFGf9FF2rxZfUsyK3etyHE/DBhK46Jl5Gqo2uVmttqfi6i2OpGB5GB NzJVkBbUsStjSw== -----END CERTIFICATE-----Generated at Mon Dec 29 12:05:15 2025 by rpki-client