This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft File: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft (raw, json) Hash identifier: lSB9czdNzmobWuv61QeodElKaqMmI+tyM+/JWm5yxZw= Subject key identifier: BA:8F:3B:C5:5A:CF:19:61:F9:54:D0:C5:DD:2C:65:36:98:21:6D:15 Authority key identifier: 03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E Certificate issuer: /CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e Certificate serial: 019AF24027CA3E5CBE30FABBC49385AB1994 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft Manifest number: 06F2 Signing time: Sat 06 Dec 2025 06:01:21 +0000 Manifest this update: Sat 06 Dec 2025 06:01:21 +0000 Manifest next update: Sun 07 Dec 2025 06:01:21 +0000 Files and hashes: 1: 1ofY17NAwbyhAHFj_yBzaevRgc4.roa (hash: FPWNmGXZmy3JcSLxjIHQ6BJRP2baM9xmkXSCswGMYik=) 2: A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl (hash: ojp/BdN8AxnukI9DYTx/ozIh4pgo9+zN6WyVW7TNZ7k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:27:ca:3e:5c:be:30:fa:bb:c4:93:85:ab:19:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=035845f86cbc3cfa9e0e7987a0382d5d0dd7ce3e Validity Not Before: Dec 6 06:01:21 2025 GMT Not After : Dec 7 06:01:21 2025 GMT Subject: CN=ba8f3bc55acf1961f954d0c5dd2c653698216d15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:45:44:95:d6:64:bf:d0:5b:5a:c5:89:37:62: 6c:62:66:a4:8a:a0:16:41:7d:e3:0e:af:70:04:56: a6:e9:0d:2c:7a:79:7d:f3:b2:e8:78:5d:6b:7d:3b: 99:78:55:a5:11:e9:40:16:0e:1c:99:31:1f:74:d5: 04:11:ba:98:f7:1e:8b:fe:9d:ec:38:10:9a:65:18: 8f:de:b8:f2:26:e3:54:b4:3f:b5:8f:23:be:02:35: 12:c0:84:48:60:30:c4:23:bf:63:62:5a:43:35:a5: d5:6d:66:eb:e9:af:7c:bd:a1:ec:09:12:7e:49:92: a2:dd:2f:ab:ed:84:70:0f:67:61:d6:15:ff:36:29: bc:1f:2a:ce:bf:e5:fa:31:d7:f6:80:ba:87:46:d2: c9:aa:77:8d:d3:08:5c:a6:31:d1:86:20:d6:88:4e: e2:88:ab:05:e9:ef:1f:e9:f7:ff:39:54:42:fb:b1: 4c:3a:f3:f5:3c:d4:9a:7b:0a:a2:69:37:f8:64:23: 88:78:9f:33:ea:1a:48:f5:19:af:ff:53:f4:52:4e: 4e:b1:82:2d:25:ee:bf:01:a6:c3:82:3f:cc:9a:c9: 86:78:96:56:ba:d7:c9:ff:b6:e9:87:56:c0:11:df: 8c:29:63:4b:95:e9:fb:d8:ce:f8:d9:51:27:c4:2f: 47:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:8F:3B:C5:5A:CF:19:61:F9:54:D0:C5:DD:2C:65:36:98:21:6D:15 X509v3 Authority Key Identifier: keyid:03:58:45:F8:6C:BC:3C:FA:9E:0E:79:87:A0:38:2D:5D:0D:D7:CE:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d279d3-947e-45c7-a890-3b84d79abdaf/1/A1hF-Gy8PPqeDnmHoDgtXQ3Xzj4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:79:83:13:da:27:89:1b:14:a7:fe:e6:a5:99:f6:39:8d:e2: 7e:78:2b:cf:8e:ef:7c:9f:40:56:d6:1f:8f:28:6f:d3:27:52: cf:1c:0e:e7:7f:c9:a3:4b:26:ac:ca:84:25:51:94:ed:69:45: 85:2b:3a:60:cc:dc:e6:42:e3:3f:a5:2e:4a:5c:d3:3b:3f:7c: 37:a7:c1:38:42:c2:b0:75:8c:39:8b:91:fe:82:4f:6c:b3:8f: ab:ff:d3:f7:33:cf:43:e5:1c:97:91:d1:c9:a3:6a:ac:2e:45: c6:04:c4:cb:e9:27:83:3e:5a:b1:34:36:b8:2d:e2:19:90:5d: 47:24:e4:8b:55:3a:b8:a0:90:0b:6c:b8:67:04:16:5b:81:0f: 10:c4:00:d6:b0:5b:cd:88:a5:06:42:3b:5b:de:56:e2:5e:29: 95:27:78:5d:cc:9e:a3:ef:79:54:76:8a:54:7c:1b:f3:34:5f: c2:55:b0:f7:ac:59:db:84:2c:7c:6b:f9:95:ce:ae:56:7e:8b: 95:af:2b:b5:65:1f:b9:ef:e2:2a:31:41:1c:83:63:0d:71:c1: d6:10:7f:5c:01:ef:c0:0e:1e:cd:3b:69:62:c9:b7:bd:71:00: b9:5c:9c:e0:a9:d0:d1:61:90:07:d4:8a:9e:6a:23:69:37:4c: 2a:bd:ef:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQCfKPly+MPq7xJOFqxmUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNTg0NWY4NmNiYzNjZmE5ZTBlNzk4N2EwMzgyZDVkMGRk N2NlM2UwHhcNMjUxMjA2MDYwMTIxWhcNMjUxMjA3MDYwMTIxWjAzMTEwLwYDVQQD EyhiYThmM2JjNTVhY2YxOTYxZjk1NGQwYzVkZDJjNjUzNjk4MjE2ZDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUVEldZkv9BbWsWJN2JsYmakiqAW QX3jDq9wBFam6Q0senl987LoeF1rfTuZeFWlEelAFg4cmTEfdNUEEbqY9x6L/p3s OBCaZRiP3rjyJuNUtD+1jyO+AjUSwIRIYDDEI79jYlpDNaXVbWbr6a98vaHsCRJ+ SZKi3S+r7YRwD2dh1hX/Nim8HyrOv+X6Mdf2gLqHRtLJqneN0whcpjHRhiDWiE7i iKsF6e8f6ff/OVRC+7FMOvP1PNSaewqiaTf4ZCOIeJ8z6hpI9Rmv/1P0Uk5OsYIt Je6/AabDgj/MmsmGeJZWutfJ/7bph1bAEd+MKWNLlen72M742VEnxC9HJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLqPO8Vazxlh+VTQxd0sZTaYIW0VMB8GA1UdIwQY MBaAFANYRfhsvDz6ng55h6A4LV0N184+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAt M2I4NGQ3OWFiZGFmLzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9kMjc5ZDMtOTQ3ZS00NWM3LWE4OTAtM2I4NGQ3OWFiZGFm LzEvQTFoRi1HeThQUHFlRG5tSG9EZ3RYUTNYemo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOnmDE9on iRsUp/7mpZn2OY3ifngrz47vfJ9AVtYfjyhv0ydSzxwO53/Jo0smrMqEJVGU7WlF hSs6YMzc5kLjP6UuSlzTOz98N6fBOELCsHWMOYuR/oJPbLOPq//T9zPPQ+Ucl5HR yaNqrC5FxgTEy+kngz5asTQ2uC3iGZBdRyTki1U6uKCQC2y4ZwQWW4EPEMQA1rBb zYilBkI7W95W4l4plSd4Xcyeo+95VHaKVHwb8zRfwlWw96xZ24QsfGv5lc6uVn6L la8rtWUfue/iKjFBHINjDXHB1hB/XAHvwA4ezTtpYsm3vXEAuVyc4KnQ0WGQB9SK nmojaTdMKr3v3A== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:51 2025 by rpki-client