This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft File: raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json) Hash identifier: riRRnD7zb8z2YSHxv6u3K/glqUyOFlKklaOWZ8Jnd/Y= Subject key identifier: 6B:0F:18:CF:47:0C:1D:07:84:13:84:91:B9:9D:4E:29:AA:4A:5E:F7 Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E Certificate issuer: /CN=ada6af87b43694dd39994c0e3214306875519f2e Certificate serial: 019AF31C235838BFEA48B2ACEA10277B3B74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft Manifest number: 0CBE Signing time: Sat 06 Dec 2025 10:01:38 +0000 Manifest this update: Sat 06 Dec 2025 10:01:38 +0000 Manifest next update: Sun 07 Dec 2025 10:01:38 +0000 Files and hashes: 1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: ojtZd2AypBQgHvDt7w4KJr5M15PC9idBw+RD2fbhUwE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:23:58:38:bf:ea:48:b2:ac:ea:10:27:7b:3b:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e Validity Not Before: Dec 6 10:01:38 2025 GMT Not After : Dec 7 10:01:38 2025 GMT Subject: CN=6b0f18cf470c1d0784138491b99d4e29aa4a5ef7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d8:87:83:31:3f:eb:87:ed:0c:90:61:79:58: 3a:c9:b1:5c:9d:f4:6e:c0:1b:7f:c4:0a:ba:4f:3d: d1:c6:9b:c3:a7:65:36:b8:09:48:91:07:4f:c7:2a: 8e:37:6d:ae:3a:11:68:15:d8:0d:58:a0:d6:38:57: c5:c2:ca:f5:5c:3a:a4:f4:9c:c2:b3:f0:60:44:9c: 21:a9:bc:6a:aa:31:f6:9d:33:2a:55:fa:63:74:59: 8a:1e:14:b1:fd:99:3a:d9:75:6a:12:14:1b:7d:00: a1:78:6b:3c:d4:06:d8:3c:ba:10:2a:67:23:c9:42: f9:90:24:71:ad:b9:cf:fa:9b:07:32:54:cd:7a:49: c0:21:ce:3d:16:11:2b:df:55:3a:c1:94:a3:bd:a5: a6:59:8b:fb:b7:ad:cf:df:9c:d3:b9:89:e8:0a:b7: 9b:51:94:5c:7d:38:5e:d7:69:90:c7:f7:ac:af:86: fc:e7:4f:54:05:69:64:d8:00:a1:5f:a7:d8:d6:c1: e4:13:4b:05:e9:6d:4e:f6:73:a7:f5:7f:48:ad:4b: 49:25:11:9d:1a:23:d4:ce:70:1d:b2:10:1d:90:8f: b1:0d:0a:77:df:4c:3c:c0:61:d3:30:4e:fb:5a:6d: 75:e0:54:e4:42:2f:b0:3b:f6:aa:fb:4c:b5:e2:ff: 5e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:0F:18:CF:47:0C:1D:07:84:13:84:91:B9:9D:4E:29:AA:4A:5E:F7 X509v3 Authority Key Identifier: keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:b6:6a:03:83:3e:cd:9a:b0:a8:8d:0d:43:97:8d:aa:ec:f8: 12:57:c8:11:fc:bd:53:71:24:50:9a:df:0b:62:fd:7e:0e:44: 90:78:7d:70:d2:ec:4f:44:c3:c5:f1:b7:49:78:a5:d0:31:d4: ac:b0:5c:e0:d2:31:90:a1:aa:5a:37:ab:0c:ac:41:34:6d:5e: 48:a2:95:08:42:8c:f2:0a:52:c3:38:f7:29:37:7e:1a:0f:c3: 15:ad:de:6a:e3:6e:63:8e:1e:7c:be:ce:c7:42:76:17:01:b8: 89:6b:2d:2e:89:5d:37:2d:ea:ad:ba:47:6b:b4:b0:76:8d:4e: c0:d2:2a:a1:ce:fb:9d:c2:9f:ed:6f:02:6a:5d:e0:ef:b3:cf: 25:a7:8a:c8:93:2c:f0:82:0c:64:03:2d:a0:66:6c:f2:e4:6b: 5c:fb:e7:69:68:6f:19:98:f1:35:36:3e:f7:31:95:98:03:1d: e3:ef:b5:d2:9f:91:04:16:ca:37:5e:4f:72:71:a1:49:d9:6c: bd:6d:5b:5d:21:5f:56:1f:7e:53:64:70:66:e9:81:e0:3e:73: 37:88:04:71:78:f8:20:9e:01:55:6c:89:76:e2:3e:fa:42:28: b2:cf:67:69:5b:20:b0:85:68:fc:69:80:50:da:9d:3a:c1:71: f5:4b:18:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHCNYOL/qSLKs6hAnezt0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1 MTlmMmUwHhcNMjUxMjA2MTAwMTM4WhcNMjUxMjA3MTAwMTM4WjAzMTEwLwYDVQQD Eyg2YjBmMThjZjQ3MGMxZDA3ODQxMzg0OTFiOTlkNGUyOWFhNGE1ZWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdiHgzE/64ftDJBheVg6ybFcnfRu wBt/xAq6Tz3RxpvDp2U2uAlIkQdPxyqON22uOhFoFdgNWKDWOFfFwsr1XDqk9JzC s/BgRJwhqbxqqjH2nTMqVfpjdFmKHhSx/Zk62XVqEhQbfQCheGs81AbYPLoQKmcj yUL5kCRxrbnP+psHMlTNeknAIc49FhEr31U6wZSjvaWmWYv7t63P35zTuYnoCreb UZRcfThe12mQx/esr4b8509UBWlk2AChX6fY1sHkE0sF6W1O9nOn9X9IrUtJJRGd GiPUznAdshAdkI+xDQp330w8wGHTME77Wm114FTkQi+wO/aq+0y14v9evwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGsPGM9HDB0HhBOEkbmdTimqSl73MB8GA1UdIwQY MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0 LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7ZqA4M+ zZqwqI0NQ5eNquz4ElfIEfy9U3EkUJrfC2L9fg5EkHh9cNLsT0TDxfG3SXil0DHU rLBc4NIxkKGqWjerDKxBNG1eSKKVCEKM8gpSwzj3KTd+Gg/DFa3eauNuY44efL7O x0J2FwG4iWstLoldNy3qrbpHa7Swdo1OwNIqoc77ncKf7W8Cal3g77PPJaeKyJMs 8IIMZAMtoGZs8uRrXPvnaWhvGZjxNTY+9zGVmAMd4++10p+RBBbKN15PcnGhSdls vW1bXSFfVh9+U2RwZumB4D5zN4gEcXj4IJ4BVWyJduI++kIoss9naVsgsIVo/GmA UNqdOsFx9UsYAw== -----END CERTIFICATE-----Generated at Sat Dec 6 15:08:21 2025 by rpki-client