This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft File: a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json) Hash identifier: DO+UArpWta4Tqeu4I9jiciKyN6SzBzJr/2ZXcfMC0kk= Subject key identifier: 97:C9:31:53:7E:B1:A7:D9:50:65:34:F8:CE:B5:7F:D5:BF:38:E0:B1 Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66 Certificate issuer: /CN=6be051fb93e015a9b761bb45afe109dbbe347c66 Certificate serial: 019AF208E564EAC3F29176F56FACDD3A44EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft Manifest number: 0712 Signing time: Sat 06 Dec 2025 05:01:00 +0000 Manifest this update: Sat 06 Dec 2025 05:01:00 +0000 Manifest next update: Sun 07 Dec 2025 05:01:00 +0000 Files and hashes: 1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: VAnD1+5e9tWhYw+XkOpWxG1cAjoowQUtnHfqZfodZOA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:e5:64:ea:c3:f2:91:76:f5:6f:ac:dd:3a:44:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66 Validity Not Before: Dec 6 05:01:00 2025 GMT Not After : Dec 7 05:01:00 2025 GMT Subject: CN=97c931537eb1a7d9506534f8ceb57fd5bf38e0b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0f:82:d9:9c:4e:ac:51:bf:90:1d:9f:e7:6e: 45:a1:46:23:a0:17:d4:6c:47:ee:2f:2b:0b:98:54: 37:6f:4a:a7:4d:e4:30:60:d2:69:7a:4f:29:33:6f: 17:77:ce:0f:c1:fa:06:47:67:d0:f1:5a:d5:b8:17: b3:39:13:ec:78:a4:a5:31:f1:fb:76:8e:ad:3c:b8: e7:68:f6:89:cf:85:8c:cc:76:8d:70:99:a8:cc:da: 30:5c:88:75:df:9a:47:00:ff:4a:88:44:d6:ad:eb: e3:22:74:dc:2c:23:4c:71:54:d5:d4:6a:27:0c:27: fa:c4:06:fd:92:ba:9a:3e:3c:16:dc:f4:2d:ef:4a: 94:48:0e:23:ec:a7:f9:02:ce:ba:da:b8:39:db:85: b4:62:89:2c:3c:ad:52:80:08:fc:77:4a:f4:f7:7b: ec:4e:8a:ba:1f:aa:62:9c:46:b5:26:8a:41:3a:f8: 93:f6:a5:50:7c:7c:5b:cd:60:76:9f:60:60:db:44: 62:5b:80:81:ef:f7:28:0f:96:e8:40:3b:68:a6:70: f4:45:61:94:83:d4:06:cd:8e:0b:e3:a2:9c:2e:69: 8e:8f:15:35:7d:a3:b8:f2:d9:31:d7:a0:a9:20:82: 0a:a1:c7:9c:bf:1b:7d:58:39:34:0c:bb:c1:82:f9: 9f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:C9:31:53:7E:B1:A7:D9:50:65:34:F8:CE:B5:7F:D5:BF:38:E0:B1 X509v3 Authority Key Identifier: keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:40:53:50:47:f6:02:b0:9c:8b:5d:1f:da:36:51:f3:69:ce: 4e:93:64:e8:6b:02:ad:86:95:a3:64:25:cd:71:53:b8:cc:94: ae:67:de:09:a0:26:8e:36:d7:19:6f:6d:df:3f:f1:75:55:d0: b0:dc:1e:ea:1c:ce:fb:7a:61:94:6b:5e:15:a8:36:1d:03:5d: 61:18:3b:ee:81:ae:d8:5b:b1:49:6a:ae:74:09:80:8c:bf:9d: 20:a4:f3:f4:af:35:09:4e:bf:27:c1:b3:10:45:59:cd:7b:93: 1a:bf:67:25:bb:9d:43:fc:a0:c9:33:94:ee:0d:17:03:13:db: d7:3c:3c:9f:df:63:6f:5f:ec:7e:6b:19:1e:0a:1c:2f:ce:76: e1:11:95:f6:61:c5:7d:f7:58:46:2d:97:bc:36:16:a1:18:d0: 5d:2e:63:9d:ac:24:29:f4:b1:36:17:59:33:14:a6:ba:bf:3d: 59:9a:81:85:d6:86:8f:ce:4c:ea:fa:fb:a3:db:fc:b9:09:57: 39:3e:70:11:f7:c1:0d:69:e2:31:0f:11:98:ae:08:f1:01:23: de:92:b4:68:92:d7:b5:1f:0a:bf:1a:23:e5:f0:b4:55:e5:48: a5:f9:66:c9:32:14:d1:40:04:e5:df:98:b0:c6:7b:83:31:9b: af:76:ae:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCOVk6sPykXb1b6zdOkTrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz NDdjNjYwHhcNMjUxMjA2MDUwMTAwWhcNMjUxMjA3MDUwMTAwWjAzMTEwLwYDVQQD Eyg5N2M5MzE1MzdlYjFhN2Q5NTA2NTM0ZjhjZWI1N2ZkNWJmMzhlMGIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg+C2ZxOrFG/kB2f525FoUYjoBfU bEfuLysLmFQ3b0qnTeQwYNJpek8pM28Xd84PwfoGR2fQ8VrVuBezORPseKSlMfH7 do6tPLjnaPaJz4WMzHaNcJmozNowXIh135pHAP9KiETWrevjInTcLCNMcVTV1Gon DCf6xAb9krqaPjwW3PQt70qUSA4j7Kf5As662rg524W0YoksPK1SgAj8d0r093vs Toq6H6pinEa1JopBOviT9qVQfHxbzWB2n2Bg20RiW4CB7/coD5boQDtopnD0RWGU g9QGzY4L46KcLmmOjxU1faO48tkx16CpIIIKocecvxt9WDk0DLvBgvmfoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJfJMVN+safZUGU0+M61f9W/OOCxMB8GA1UdIwQY MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckBTUEf2 ArCci10f2jZR82nOTpNk6GsCrYaVo2QlzXFTuMyUrmfeCaAmjjbXGW9t3z/xdVXQ sNwe6hzO+3phlGteFag2HQNdYRg77oGu2FuxSWqudAmAjL+dIKTz9K81CU6/J8Gz EEVZzXuTGr9nJbudQ/ygyTOU7g0XAxPb1zw8n99jb1/sfmsZHgocL8524RGV9mHF ffdYRi2XvDYWoRjQXS5jnawkKfSxNhdZMxSmur89WZqBhdaGj85M6vr7o9v8uQlX OT5wEffBDWniMQ8RmK4I8QEj3pK0aJLXtR8Kvxoj5fC0VeVIpflmyTIU0UAE5d+Y sMZ7gzGbr3aufg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:33:18 2025 by rpki-client