This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft File: a2NBovdF2amQDhaaHlGypxruOyQ.mft (raw, json) Hash identifier: D73BkohXVV02RZekMAq2mlZ159pZgUNB9puFMxOXSug= Subject key identifier: 0C:93:DC:9A:1D:C8:F8:7D:02:2A:43:AA:A3:83:CB:DA:CE:DE:0D:6A Authority key identifier: 6B:63:41:A2:F7:45:D9:A9:90:0E:16:9A:1E:51:B2:A7:1A:EE:3B:24 Certificate issuer: /CN=6b6341a2f745d9a9900e169a1e51b2a71aee3b24 Certificate serial: 019AF1D20B816B33E1A17B359AF295FA3490 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft Manifest number: 1D Signing time: Sat 06 Dec 2025 04:01:05 +0000 Manifest this update: Sat 06 Dec 2025 04:01:05 +0000 Manifest next update: Sun 07 Dec 2025 04:01:05 +0000 Files and hashes: 1: a2NBovdF2amQDhaaHlGypxruOyQ.crl (hash: sDZHjCTl71YNJ02HFii0TVfA0nSsxIHT/o/g4isu+UI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:0b:81:6b:33:e1:a1:7b:35:9a:f2:95:fa:34:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b6341a2f745d9a9900e169a1e51b2a71aee3b24 Validity Not Before: Dec 6 04:01:05 2025 GMT Not After : Dec 7 04:01:05 2025 GMT Subject: CN=0c93dc9a1dc8f87d022a43aaa383cbdacede0d6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5f:7f:6a:58:78:67:04:2e:56:c1:6b:47:c8: 29:64:bc:95:98:1d:02:4b:bc:71:2d:3c:08:84:d1: d5:c1:11:ca:4f:36:cd:37:ca:b2:e2:0f:35:7a:87: 6e:7f:ae:d6:0d:0a:93:d2:d6:b7:2a:e9:bc:3a:0a: 4c:13:d7:d6:1f:9e:67:1e:0b:d6:92:59:02:e9:de: 62:67:ee:d4:31:ab:6c:ae:fa:f7:39:a6:f4:70:61: 75:4c:1f:0c:42:3e:02:37:74:82:d0:1c:7d:e8:20: 21:08:54:78:7f:ff:70:6e:c1:d9:fd:85:82:ed:da: 48:f1:f9:3e:06:16:8d:35:a4:4f:93:36:d2:a9:6a: 17:2f:97:64:be:65:38:f1:46:e0:cc:24:c1:63:cf: d6:96:70:0e:74:44:84:29:43:d5:9e:4b:73:d7:4b: 17:f1:10:35:50:e8:fe:e4:13:88:d5:bd:51:8c:c3: fd:c4:9c:8a:d2:51:23:64:d9:3d:8d:6a:e2:e1:98: 89:f0:6d:56:d6:2d:02:66:ee:70:58:be:6c:9c:17: 3b:e8:15:4e:ed:4a:53:f7:a8:33:b0:b8:11:65:66: a7:16:e7:b3:31:5b:38:04:43:4b:67:41:30:ec:ae: 47:cb:c8:88:54:ab:98:8a:5a:38:1d:da:3f:fa:18: 71:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:93:DC:9A:1D:C8:F8:7D:02:2A:43:AA:A3:83:CB:DA:CE:DE:0D:6A X509v3 Authority Key Identifier: keyid:6B:63:41:A2:F7:45:D9:A9:90:0E:16:9A:1E:51:B2:A7:1A:EE:3B:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2NBovdF2amQDhaaHlGypxruOyQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/655bca-5550-4c7a-9f16-d78b3e1cabb1/1/a2NBovdF2amQDhaaHlGypxruOyQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:f3:da:3a:ce:2d:ab:3f:f5:e1:4d:2f:6c:3c:31:50:e1:d6: 06:43:d2:4a:fa:d6:8b:25:8f:2c:08:32:8d:8a:e2:e3:a1:ea: 78:af:b4:c5:f8:2c:f1:5f:27:41:ab:7b:4d:9c:5c:7a:0a:65: d9:71:19:ab:03:b3:05:e0:5d:74:fd:73:04:35:f3:24:2a:de: 2c:f5:bf:0e:d9:a5:e8:2d:c5:de:26:4f:d9:a3:be:b3:15:e3: 24:19:1f:e0:1a:bd:30:43:2d:40:d3:6e:0a:fe:69:21:01:ef: 56:88:b4:8d:58:c1:aa:7b:96:e8:d3:93:dd:3e:63:e5:56:30: 2f:e6:0b:d8:3c:b1:f9:40:c6:6e:bd:c9:93:d3:49:60:ac:d7: c9:eb:f4:51:c5:11:aa:8a:8e:32:e7:fb:5a:3d:4b:81:04:78: 66:9d:75:03:fc:8c:e2:8d:36:dc:e2:68:3d:40:42:ed:a2:17: c9:f5:dc:a4:e8:23:75:ae:86:2a:b5:4a:d3:f2:18:8c:db:e5: 37:17:e5:36:cb:e2:90:da:04:a1:b1:f2:f4:37:8b:68:0d:aa: 59:b6:7e:ba:6f:27:37:8b:5c:74:a2:6c:b7:bf:0c:de:01:d4: 89:5e:22:82:c3:60:70:18:05:0d:f2:41:74:de:89:cc:02:76: e3:74:07:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0guBazPhoXs1mvKV+jSQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNjM0MWEyZjc0NWQ5YTk5MDBlMTY5YTFlNTFiMmE3MWFl ZTNiMjQwHhcNMjUxMjA2MDQwMTA1WhcNMjUxMjA3MDQwMTA1WjAzMTEwLwYDVQQD EygwYzkzZGM5YTFkYzhmODdkMDIyYTQzYWFhMzgzY2JkYWNlZGUwZDZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt19/alh4ZwQuVsFrR8gpZLyVmB0C S7xxLTwIhNHVwRHKTzbNN8qy4g81eoduf67WDQqT0ta3Kum8OgpME9fWH55nHgvW klkC6d5iZ+7UMatsrvr3Oab0cGF1TB8MQj4CN3SC0Bx96CAhCFR4f/9wbsHZ/YWC 7dpI8fk+BhaNNaRPkzbSqWoXL5dkvmU48UbgzCTBY8/WlnAOdESEKUPVnktz10sX 8RA1UOj+5BOI1b1RjMP9xJyK0lEjZNk9jWri4ZiJ8G1W1i0CZu5wWL5snBc76BVO 7UpT96gzsLgRZWanFuezMVs4BENLZ0Ew7K5Hy8iIVKuYilo4Hdo/+hhxiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAyT3JodyPh9AipDqqODy9rO3g1qMB8GA1UdIwQY MBaAFGtjQaL3RdmpkA4Wmh5Rsqca7jskMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82NTViY2EtNTU1MC00YzdhLTlmMTYt ZDc4YjNlMWNhYmIxLzEvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy82NTViY2EtNTU1MC00YzdhLTlmMTYtZDc4YjNlMWNhYmIx LzEvYTJOQm92ZEYyYW1RRGhhYUhsR3lweHJ1T3lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt/PaOs4t qz/14U0vbDwxUOHWBkPSSvrWiyWPLAgyjYri46HqeK+0xfgs8V8nQat7TZxcegpl 2XEZqwOzBeBddP1zBDXzJCreLPW/Dtml6C3F3iZP2aO+sxXjJBkf4Bq9MEMtQNNu Cv5pIQHvVoi0jVjBqnuW6NOT3T5j5VYwL+YL2Dyx+UDGbr3Jk9NJYKzXyev0UcUR qoqOMuf7Wj1LgQR4Zp11A/yM4o023OJoPUBC7aIXyfXcpOgjda6GKrVK0/IYjNvl NxflNsvikNoEobHy9DeLaA2qWbZ+um8nN4tcdKJst78M3gHUiV4igsNgcBgFDfJB dN6JzAJ243QHAA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:50:30 2025 by rpki-client