This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft File: ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json) Hash identifier: SLZbMESt8n2n3PgDrdSXDp0mqIkzT0ybQiuMiUVdl3c= Subject key identifier: D8:26:1C:56:90:45:8D:F7:B2:F6:B5:D5:B5:5C:7A:DE:83:43:B7:CA Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C Certificate issuer: /CN=6daef3029629de029db98ab7b4e9bd221c28991c Certificate serial: 019AF12DB93E5863B24D4AB57369DE9669C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft Manifest number: 0D4A Signing time: Sat 06 Dec 2025 01:01:36 +0000 Manifest this update: Sat 06 Dec 2025 01:01:36 +0000 Manifest next update: Sun 07 Dec 2025 01:01:36 +0000 Files and hashes: 1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: Omb1voVCas0DozwiM8//dnjxMZHPxBeNgkG7r2jjpY4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:b9:3e:58:63:b2:4d:4a:b5:73:69:de:96:69:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c Validity Not Before: Dec 6 01:01:36 2025 GMT Not After : Dec 7 01:01:36 2025 GMT Subject: CN=d8261c5690458df7b2f6b5d5b55c7ade8343b7ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8a:78:6c:69:67:7c:01:be:83:5b:f6:f0:72: cd:23:7f:a2:be:10:75:35:91:b6:30:48:aa:78:82: 24:f4:e9:85:d5:80:d5:fa:a1:44:cd:5a:5a:94:66: 0b:6c:c3:94:29:54:56:a7:05:76:a1:7a:44:fa:6b: b3:e6:cf:06:46:72:ee:36:87:25:b0:90:cb:00:3c: 53:43:87:ac:b1:b3:e8:72:88:62:3b:f0:41:95:55: fc:21:8c:89:54:6c:5d:16:99:d9:1c:00:54:bc:2f: 1f:d2:c2:21:22:bd:34:06:e9:64:88:b4:68:20:ab: 13:57:59:ea:dd:54:32:0d:49:a4:c8:0f:df:e8:69: 2f:e0:20:64:1c:a8:b0:1e:53:24:54:8d:b0:26:91: 14:af:31:55:e8:4e:8a:fa:31:19:ab:53:c7:89:c7: 68:2f:d6:8b:df:c8:f0:f9:17:f4:26:56:c7:b1:38: 66:5a:6e:8e:7b:e9:22:7e:6c:82:d4:78:05:23:09: 0f:94:de:3c:55:c0:74:b3:01:d8:d0:99:b0:5d:08: b3:b2:fb:89:63:69:c8:ad:4d:be:34:cb:5e:85:2b: 97:66:db:05:d9:1d:03:b6:c7:22:fa:95:f4:4f:9b: a2:ed:d1:c0:b3:46:5d:92:09:94:3c:39:41:26:50: c7:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:26:1C:56:90:45:8D:F7:B2:F6:B5:D5:B5:5C:7A:DE:83:43:B7:CA X509v3 Authority Key Identifier: keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:34:b5:66:ef:f6:e8:d9:db:b7:9c:97:92:2a:f0:b5:10:92: e6:02:0d:d8:cc:6c:87:d1:32:cd:5f:53:55:11:a7:3c:27:54: 31:b3:88:86:58:75:96:eb:ae:02:b3:4c:68:ce:5b:f5:61:f0: da:a3:7e:1a:7d:47:f9:2a:82:7a:86:16:a3:98:a5:b0:ff:03: 81:fc:6f:c2:c1:15:9d:e8:00:73:5f:13:ed:a7:a3:a7:65:49: 44:3c:20:ab:34:10:47:7a:ba:60:5a:18:e8:a6:f6:a0:4f:cd: 59:9b:6f:8f:52:a7:4d:28:6c:da:be:01:63:56:cd:8b:4e:25: 67:fb:99:70:27:4b:8f:d0:4a:7e:b6:67:6e:2b:8c:c4:71:6f: 43:06:9f:7a:34:9b:59:e5:da:6c:88:16:ae:38:17:49:90:f5: cd:ec:2c:85:73:59:a5:f1:e4:1c:42:f3:08:b9:1d:59:31:d9: 14:cd:97:0c:37:8b:81:4e:14:3c:d9:6b:e8:d7:6d:bb:49:a9: 79:8a:82:99:cc:3a:04:ba:8c:8c:50:f6:36:f3:79:b5:eb:e6: d8:02:2e:af:4a:e6:e5:ef:e0:8c:7d:8f:2d:cb:fb:91:8c:82: 8c:d3:f8:5a:8d:ce:34:d4:0e:a3:23:1a:c7:d8:17:44:e7:d9: 82:52:02:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLbk+WGOyTUq1c2nelmnCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy ODk5MWMwHhcNMjUxMjA2MDEwMTM2WhcNMjUxMjA3MDEwMTM2WjAzMTEwLwYDVQQD EyhkODI2MWM1NjkwNDU4ZGY3YjJmNmI1ZDViNTVjN2FkZTgzNDNiN2NhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYp4bGlnfAG+g1v28HLNI3+ivhB1 NZG2MEiqeIIk9OmF1YDV+qFEzVpalGYLbMOUKVRWpwV2oXpE+muz5s8GRnLuNocl sJDLADxTQ4essbPocohiO/BBlVX8IYyJVGxdFpnZHABUvC8f0sIhIr00BulkiLRo IKsTV1nq3VQyDUmkyA/f6Gkv4CBkHKiwHlMkVI2wJpEUrzFV6E6K+jEZq1PHicdo L9aL38jw+Rf0JlbHsThmWm6Oe+kifmyC1HgFIwkPlN48VcB0swHY0JmwXQizsvuJ Y2nIrU2+NMtehSuXZtsF2R0Dtsci+pX0T5ui7dHAs0ZdkgmUPDlBJlDHRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNgmHFaQRY33sva11bVcet6DQ7fKMB8GA1UdIwQY MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDS1Zu/2 6Nnbt5yXkirwtRCS5gIN2Mxsh9EyzV9TVRGnPCdUMbOIhlh1luuuArNMaM5b9WHw 2qN+Gn1H+SqCeoYWo5ilsP8DgfxvwsEVnegAc18T7aejp2VJRDwgqzQQR3q6YFoY 6Kb2oE/NWZtvj1KnTShs2r4BY1bNi04lZ/uZcCdLj9BKfrZnbiuMxHFvQwafejSb WeXabIgWrjgXSZD1zewshXNZpfHkHELzCLkdWTHZFM2XDDeLgU4UPNlr6Ndtu0mp eYqCmcw6BLqMjFD2NvN5tevm2AIur0rm5e/gjH2PLcv7kYyCjNP4Wo3ONNQOoyMa x9gXROfZglIC9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:18:35 2025 by rpki-client