This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft File: aQqw79d1diHIbXtpx29gssP6w1Y.mft (raw, json) Hash identifier: plWl61coUGt52yx/hq/wVQPWUiRcAFTrH1OoImEh9fE= Subject key identifier: BA:4A:37:FE:1C:41:98:C1:39:FE:08:96:5E:9F:85:8A:46:B0:9F:30 Authority key identifier: 69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56 Certificate issuer: /CN=690ab0efd7757621c86d7b69c76f60b2c3fac356 Certificate serial: 019AF208BFCDE68AF1CC54F7B2A3CC83CCC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft Manifest number: 04B0 Signing time: Sat 06 Dec 2025 05:00:50 +0000 Manifest this update: Sat 06 Dec 2025 05:00:50 +0000 Manifest next update: Sun 07 Dec 2025 05:00:50 +0000 Files and hashes: 1: aQqw79d1diHIbXtpx29gssP6w1Y.crl (hash: WF3NB7eHYB9ecTLSHpXwInrbkKoGatQtvALrAyvdxcE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:bf:cd:e6:8a:f1:cc:54:f7:b2:a3:cc:83:cc:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=690ab0efd7757621c86d7b69c76f60b2c3fac356 Validity Not Before: Dec 6 05:00:50 2025 GMT Not After : Dec 7 05:00:50 2025 GMT Subject: CN=ba4a37fe1c4198c139fe08965e9f858a46b09f30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:cc:dc:11:69:8b:73:5e:5f:09:17:e1:19:63: 6b:b0:96:f9:0e:43:7f:5c:53:1e:a7:3f:8f:53:47: 28:63:38:47:87:1d:0b:dc:29:07:76:b2:ba:bc:57: 27:4c:69:7e:13:96:c4:c8:76:e5:26:3d:76:27:5a: 98:16:03:f6:29:a1:1d:e8:78:86:8d:47:03:27:3f: cd:13:0e:0b:37:53:59:50:70:45:06:bf:96:15:e2: f0:79:5a:d0:69:8c:f9:86:4f:cf:c9:79:60:0b:14: f4:37:36:ca:fa:95:50:e2:1b:4e:53:ca:c6:8e:cc: 49:96:0c:dd:67:a9:8c:87:13:27:16:d6:8e:cb:04: 96:84:f7:ab:9a:17:a7:e4:af:d4:72:77:b8:83:27: c7:e6:e0:26:7a:49:0d:66:f1:8a:2d:1d:0b:52:86: c9:67:9e:8b:84:6a:7c:8c:30:49:c2:d8:a3:6a:71: 9a:49:30:bd:dc:6b:78:e5:1f:d7:49:e5:98:35:a4: b0:7c:39:58:34:e0:8d:9d:d8:f8:20:8e:cf:5f:e8: 23:88:05:e7:eb:c8:53:bd:b1:7c:9b:98:bc:01:9b: f1:41:06:6e:8a:91:47:9c:f9:cb:f1:7c:df:13:2c: 82:bd:52:7c:6b:3e:80:d3:70:d9:fd:96:9c:ff:ff: df:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:4A:37:FE:1C:41:98:C1:39:FE:08:96:5E:9F:85:8A:46:B0:9F:30 X509v3 Authority Key Identifier: keyid:69:0A:B0:EF:D7:75:76:21:C8:6D:7B:69:C7:6F:60:B2:C3:FA:C3:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQqw79d1diHIbXtpx29gssP6w1Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/45b225-64e3-4d34-80d9-21c815a6eb9e/1/aQqw79d1diHIbXtpx29gssP6w1Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:67:32:cb:40:a5:7f:1a:74:01:21:d5:f0:9d:13:0a:0b:a4: 9a:b6:32:d5:43:a7:5a:54:51:e8:d4:7c:a6:47:78:94:2e:1f: a1:3a:ab:73:91:7f:4a:fa:47:e1:93:e1:c4:4c:32:cb:b7:61: de:e3:ca:cb:1f:db:53:a3:45:90:b8:13:c4:dd:63:6a:41:be: 9b:8a:64:26:90:68:43:e9:cc:34:56:fc:12:88:16:03:12:41: 1a:34:7f:79:88:e2:eb:43:76:30:8e:a9:a9:56:c2:ef:18:f9: f3:2b:90:5f:e5:db:f7:1f:1f:ea:cc:39:57:1a:4c:0f:c7:a0: db:37:bf:6d:13:1b:c1:21:ab:3f:90:30:16:9b:d1:9b:d8:f9: ff:a5:78:6a:67:8a:f5:0b:53:9b:22:8c:12:99:ef:df:60:b9: 95:a1:f1:1f:8d:5b:12:5c:4f:79:ad:76:ac:52:db:39:62:31: a6:19:50:b8:be:13:de:52:e5:4b:b4:b4:3b:3a:77:91:b4:ca: 2b:5f:7f:37:84:e4:ce:d7:66:f0:8a:b4:e4:f7:82:92:4a:9e: 0a:59:5e:d7:1b:b3:ae:f2:cf:4a:a5:a8:15:af:9e:46:16:83: a0:c4:5f:11:a6:8e:92:6c:de:86:0c:af:0e:46:a7:ea:85:8a: 70:35:58:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCL/N5orxzFT3sqPMg8zIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5MGFiMGVmZDc3NTc2MjFjODZkN2I2OWM3NmY2MGIyYzNm YWMzNTYwHhcNMjUxMjA2MDUwMDUwWhcNMjUxMjA3MDUwMDUwWjAzMTEwLwYDVQQD EyhiYTRhMzdmZTFjNDE5OGMxMzlmZTA4OTY1ZTlmODU4YTQ2YjA5ZjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8zcEWmLc15fCRfhGWNrsJb5DkN/ XFMepz+PU0coYzhHhx0L3CkHdrK6vFcnTGl+E5bEyHblJj12J1qYFgP2KaEd6HiG jUcDJz/NEw4LN1NZUHBFBr+WFeLweVrQaYz5hk/PyXlgCxT0NzbK+pVQ4htOU8rG jsxJlgzdZ6mMhxMnFtaOywSWhPermhen5K/Ucne4gyfH5uAmekkNZvGKLR0LUobJ Z56LhGp8jDBJwtijanGaSTC93Gt45R/XSeWYNaSwfDlYNOCNndj4II7PX+gjiAXn 68hTvbF8m5i8AZvxQQZuipFHnPnL8XzfEyyCvVJ8az6A03DZ/Zac///fKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLpKN/4cQZjBOf4Ill6fhYpGsJ8wMB8GA1UdIwQY MBaAFGkKsO/XdXYhyG17acdvYLLD+sNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDkt MjFjODE1YTZlYjllLzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS80NWIyMjUtNjRlMy00ZDM0LTgwZDktMjFjODE1YTZlYjll LzEvYVFxdzc5ZDFkaUhJYlh0cHgyOWdzc1A2dzFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHWcyy0Cl fxp0ASHV8J0TCgukmrYy1UOnWlRR6NR8pkd4lC4foTqrc5F/SvpH4ZPhxEwyy7dh 3uPKyx/bU6NFkLgTxN1jakG+m4pkJpBoQ+nMNFb8EogWAxJBGjR/eYji60N2MI6p qVbC7xj58yuQX+Xb9x8f6sw5VxpMD8eg2ze/bRMbwSGrP5AwFpvRm9j5/6V4ameK 9QtTmyKMEpnv32C5laHxH41bElxPea12rFLbOWIxphlQuL4T3lLlS7S0Ozp3kbTK K19/N4Tkztdm8Iq05PeCkkqeClle1xuzrvLPSqWoFa+eRhaDoMRfEaaOkmzehgyv Dkan6oWKcDVY2Q== -----END CERTIFICATE-----Generated at Sat Dec 6 10:14:19 2025 by rpki-client