This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json) Hash identifier: U+5nTviy64ZI9l6vXXDgeiYUlDAZDSewBR5nLfsPrfo= Subject key identifier: F6:8D:91:0F:41:75:A4:C6:F9:D7:97:BB:F3:7D:B0:5B:BD:8D:2A:6D Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Certificate serial: 019AF0BFA0236B971CB40DC395C6707C771A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft Manifest number: 175F Signing time: Fri 05 Dec 2025 23:01:21 +0000 Manifest this update: Fri 05 Dec 2025 23:01:21 +0000 Manifest next update: Sat 06 Dec 2025 23:01:21 +0000 Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=) 2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: yoG14HJF/jjVhRg8N7zh3IrnjCR0k8/vzuMUEdNGJVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:a0:23:6b:97:1c:b4:0d:c3:95:c6:70:7c:77:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Validity Not Before: Dec 5 23:01:21 2025 GMT Not After : Dec 6 23:01:21 2025 GMT Subject: CN=f68d910f4175a4c6f9d797bbf37db05bbd8d2a6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e8:8d:75:62:9a:8f:9c:cf:67:60:11:10:cf: 86:2d:eb:7b:b2:68:e2:c0:39:85:0b:ef:66:fd:7c: 03:ea:2f:25:c1:cf:91:65:2c:10:a2:1c:3a:6d:94: 79:1d:8d:79:7c:20:b7:a7:2a:40:75:f3:a0:63:aa: 12:d4:a4:67:a8:1d:51:9e:4b:70:cf:f6:99:0f:d4: f7:ad:23:40:de:58:c4:bd:57:21:40:a4:02:e5:11: 56:25:88:99:59:ae:b6:11:9d:bd:3e:17:f2:0d:d9: 45:95:95:27:cf:d1:ef:ba:65:b7:a8:4b:80:09:94: 27:56:05:93:85:09:88:51:10:fd:10:5b:d5:e9:15: fd:fe:e4:c4:5c:e7:70:2e:c5:c7:ad:74:ed:f1:28: 65:5f:41:e2:66:19:a0:e8:a0:6f:76:c6:04:f6:61: 49:a3:37:2f:43:2e:eb:ac:9c:e5:73:e0:fe:a3:dd: 5e:0c:60:2d:ed:9b:6b:7c:c3:ff:e0:1c:c2:78:90: f7:41:2e:c8:7a:92:c6:bc:48:bb:d3:5e:54:c5:6b: 70:93:7c:2e:1f:15:6c:58:67:23:3f:6e:dc:15:67: 1e:fb:09:92:f1:fe:f7:57:19:5b:e4:fe:fd:58:21: 53:52:ea:84:16:89:84:7e:63:b0:d6:5b:bb:6d:a3: 15:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:8D:91:0F:41:75:A4:C6:F9:D7:97:BB:F3:7D:B0:5B:BD:8D:2A:6D X509v3 Authority Key Identifier: keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:70:bc:7e:31:be:54:ee:54:45:a2:13:ac:7a:37:98:86:1c: 3e:37:cd:c6:46:bf:bb:86:98:fb:40:b4:bb:fb:d0:9d:3b:3a: 4b:64:34:ea:ad:db:8f:38:9d:1e:8f:29:7f:2c:68:c8:1d:0c: af:36:42:bf:7b:36:5a:32:fa:91:48:1d:35:7c:a9:87:35:34: 23:d7:d7:94:53:3b:04:d3:fb:53:b9:a0:ef:41:81:49:62:0b: dd:11:e3:0f:b6:b5:5f:56:e1:c0:da:3b:86:39:7c:ec:39:98: 21:3a:9f:0a:e8:ea:a8:30:c6:58:24:ed:0b:06:33:24:7b:07: 66:67:52:3e:e8:31:12:e3:ac:ef:ab:b4:ce:a0:37:f0:db:00: 8e:5c:fb:34:5b:03:73:a2:44:7a:41:1f:0a:87:17:85:58:80: 29:d0:c7:fa:9f:f6:41:aa:e3:fb:e3:32:86:c5:47:5a:a6:60: 7e:6e:53:f8:46:a0:79:ba:03:4d:7e:2c:d3:63:10:38:f5:a4: 29:98:d1:00:eb:b9:df:6b:7c:37:5f:20:c3:30:a3:e0:fc:30: c5:2e:a3:f1:83:af:99:7d:75:5f:b1:56:0e:75:ff:f7:48:92: 42:0c:3b:a5:96:fe:f5:08:3d:dd:a3:47:65:8a:af:dd:81:3e: 3a:fc:1a:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv6Aja5cctA3DlcZwfHcaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0 MmQ2OGIwHhcNMjUxMjA1MjMwMTIxWhcNMjUxMjA2MjMwMTIxWjAzMTEwLwYDVQQD EyhmNjhkOTEwZjQxNzVhNGM2ZjlkNzk3YmJmMzdkYjA1YmJkOGQyYTZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOiNdWKaj5zPZ2AREM+GLet7smji wDmFC+9m/XwD6i8lwc+RZSwQohw6bZR5HY15fCC3pypAdfOgY6oS1KRnqB1Rnktw z/aZD9T3rSNA3ljEvVchQKQC5RFWJYiZWa62EZ29PhfyDdlFlZUnz9HvumW3qEuA CZQnVgWThQmIURD9EFvV6RX9/uTEXOdwLsXHrXTt8ShlX0HiZhmg6KBvdsYE9mFJ ozcvQy7rrJzlc+D+o91eDGAt7ZtrfMP/4BzCeJD3QS7IepLGvEi7015UxWtwk3wu HxVsWGcjP27cFWce+wmS8f73Vxlb5P79WCFTUuqEFomEfmOw1lu7baMVzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPaNkQ9BdaTG+deXu/N9sFu9jSptMB8GA1UdIwQY MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3C8fjG+ VO5URaITrHo3mIYcPjfNxka/u4aY+0C0u/vQnTs6S2Q06q3bjzidHo8pfyxoyB0M rzZCv3s2WjL6kUgdNXyphzU0I9fXlFM7BNP7U7mg70GBSWIL3RHjD7a1X1bhwNo7 hjl87DmYITqfCujqqDDGWCTtCwYzJHsHZmdSPugxEuOs76u0zqA38NsAjlz7NFsD c6JEekEfCocXhViAKdDH+p/2Qarj++MyhsVHWqZgfm5T+EageboDTX4s02MQOPWk KZjRAOu532t8N18gwzCj4PwwxS6j8YOvmX11X7FWDnX/90iSQgw7pZb+9Qg93aNH ZYqv3YE+Ovwa3g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:44 2025 by rpki-client