This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft File: a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json) Hash identifier: xCh1HE8TMDtthgR0Vc/84di7zzQZBs9K873MGlMBymY= Subject key identifier: FB:BB:B8:79:46:C1:22:E3:54:DA:03:02:95:CB:F5:28:34:85:39:BF Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 Certificate issuer: /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Certificate serial: 019AF088881A04651F82B188A7DD017D978C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft Manifest number: 0B20 Signing time: Fri 05 Dec 2025 22:01:10 +0000 Manifest this update: Fri 05 Dec 2025 22:01:10 +0000 Manifest next update: Sat 06 Dec 2025 22:01:10 +0000 Files and hashes: 1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: WHmPoIAusaQ0yCNAE/TeNyF8XDmcCFoHasLdT7loduw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:88:1a:04:65:1f:82:b1:88:a7:dd:01:7d:97:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Validity Not Before: Dec 5 22:01:10 2025 GMT Not After : Dec 6 22:01:10 2025 GMT Subject: CN=fbbbb87946c122e354da030295cbf528348539bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f1:39:5e:33:b4:e9:b2:50:9a:dc:1e:19:7a: 79:58:5e:f9:82:22:f6:8c:ca:58:79:be:a9:b9:77: 74:63:e9:a0:c9:f6:f6:e0:04:f7:ac:2b:66:6b:74: d1:e4:3a:d7:77:e3:4c:5e:a8:1b:7a:b8:22:06:c8: 80:b7:5b:05:e9:07:5b:aa:9e:10:23:68:a1:ab:57: 26:8a:e2:24:78:7f:04:ab:23:be:a9:41:ce:36:ff: b6:dc:99:bd:5a:54:50:92:b9:c2:f1:18:9e:83:64: 9c:bf:fa:07:69:73:a9:02:70:47:46:dc:de:99:9a: cc:a2:e6:bf:69:fd:6d:2c:9b:b3:a9:d1:55:b0:18: c8:0c:d9:d9:93:36:62:32:00:73:5f:89:95:8c:87: 85:92:b8:84:f6:8e:26:37:72:2e:bf:c8:d5:cb:97: 26:a4:bc:8a:89:b2:81:fe:0d:7e:ce:9f:cd:5a:b3: f4:2d:6b:5b:62:ec:e8:a9:b3:5e:3e:00:7f:5c:49: b6:6f:23:35:cc:a0:e8:54:f6:e4:68:0e:35:da:6f: 87:8a:fd:5e:0c:6d:4a:a9:c6:d5:f1:44:a7:38:29: 74:81:97:68:e5:ff:c7:15:56:33:0c:bc:e5:ce:54: 2b:35:bf:82:43:f3:79:87:74:1e:6a:66:cf:05:a2: 73:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:BB:B8:79:46:C1:22:E3:54:DA:03:02:95:CB:F5:28:34:85:39:BF X509v3 Authority Key Identifier: keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:61:cd:6d:97:50:4c:98:cd:49:76:9a:2b:84:25:e9:20:06: 92:5d:14:38:14:c2:36:40:ab:06:a9:05:8f:85:9b:88:e3:d8: 10:c2:15:48:5c:71:ad:22:ec:36:30:fe:44:2a:bc:5c:51:e1: 2a:10:04:cc:2d:c3:a2:ce:2b:f9:b0:85:4d:d8:cf:ee:42:62: 0c:49:42:f1:ab:1e:aa:c2:7d:92:81:f8:86:8a:a3:ca:a9:a3: db:37:ad:bb:76:f6:ab:bf:dc:c8:2b:de:e2:05:b2:f7:ad:58: 18:92:5d:00:a3:10:10:2f:a7:7b:75:cd:ae:3c:38:07:84:74: 08:c1:4b:fb:6c:38:1e:d4:1b:07:39:c1:42:83:c9:6e:91:22: 71:27:31:bc:a3:43:3a:1f:10:e6:d3:53:fc:01:d5:13:9d:52: 10:dc:f3:f0:7e:67:d3:02:bf:a4:74:8a:5c:e2:79:13:45:9b: 5d:75:ad:f9:42:f5:6f:00:1d:a1:f9:ad:8c:6b:d0:cf:8e:53: 9d:72:af:1a:70:72:a9:15:82:37:35:47:85:49:ee:7d:21:eb: 23:20:69:ab:1b:eb:92:c4:c2:5a:5d:39:69:c4:21:89:c3:55: f0:dc:79:df:13:5f:db:82:23:36:6e:c3:fb:a5:a4:ef:5e:fa: 3c:48:b2:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiIgaBGUfgrGIp90BfZeMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj ZmFkNjEwHhcNMjUxMjA1MjIwMTEwWhcNMjUxMjA2MjIwMTEwWjAzMTEwLwYDVQQD EyhmYmJiYjg3OTQ2YzEyMmUzNTRkYTAzMDI5NWNiZjUyODM0ODUzOWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/E5XjO06bJQmtweGXp5WF75giL2 jMpYeb6puXd0Y+mgyfb24AT3rCtma3TR5DrXd+NMXqgbergiBsiAt1sF6Qdbqp4Q I2ihq1cmiuIkeH8EqyO+qUHONv+23Jm9WlRQkrnC8Rieg2Scv/oHaXOpAnBHRtze mZrMoua/af1tLJuzqdFVsBjIDNnZkzZiMgBzX4mVjIeFkriE9o4mN3Iuv8jVy5cm pLyKibKB/g1+zp/NWrP0LWtbYuzoqbNePgB/XEm2byM1zKDoVPbkaA412m+Hiv1e DG1KqcbV8USnOCl0gZdo5f/HFVYzDLzlzlQrNb+CQ/N5h3QeambPBaJzdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPu7uHlGwSLjVNoDApXL9Sg0hTm/MB8GA1UdIwQY MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5 LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGHNbZdQ TJjNSXaaK4Ql6SAGkl0UOBTCNkCrBqkFj4WbiOPYEMIVSFxxrSLsNjD+RCq8XFHh KhAEzC3Dos4r+bCFTdjP7kJiDElC8aseqsJ9koH4hoqjyqmj2zetu3b2q7/cyCve 4gWy961YGJJdAKMQEC+ne3XNrjw4B4R0CMFL+2w4HtQbBznBQoPJbpEicScxvKND Oh8Q5tNT/AHVE51SENzz8H5n0wK/pHSKXOJ5E0WbXXWt+UL1bwAdofmtjGvQz45T nXKvGnByqRWCNzVHhUnufSHrIyBpqxvrksTCWl05acQhicNV8Nx53xNf24IjNm7D +6Wk7176PEiyZg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:52 2025 by rpki-client