This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json) Hash identifier: vmXGlphjDX6zjdCmJXFbba23f0uXUhMGx26kFvzbH+Q= Subject key identifier: BB:53:0B:35:E7:D8:C8:E2:D3:E2:D9:F8:74:20:15:30:23:8B:DD:29 Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Certificate serial: 019B2E8B869EF347D04E6E373BAC3C1B1057 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft Manifest number: 177F Signing time: Wed 17 Dec 2025 23:00:54 +0000 Manifest this update: Wed 17 Dec 2025 23:00:54 +0000 Manifest next update: Thu 18 Dec 2025 23:00:54 +0000 Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=) 2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: pUTVNT/yo418tHS4BiMN3h9rrPERXfGnP93Yu2iwDH0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:8b:86:9e:f3:47:d0:4e:6e:37:3b:ac:3c:1b:10:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Validity Not Before: Dec 17 23:00:54 2025 GMT Not After : Dec 18 23:00:54 2025 GMT Subject: CN=bb530b35e7d8c8e2d3e2d9f874201530238bdd29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:24:a7:de:67:b4:f6:90:08:b1:96:ea:15:ba: 88:52:bf:cb:81:30:4c:98:79:9f:ec:a3:15:fe:6e: 03:97:43:30:7e:fb:3f:dd:5d:4f:c5:0d:67:c0:62: 8f:ba:9e:50:64:be:63:b0:fe:91:98:d0:8c:59:f8: 31:ee:50:d9:62:03:46:79:22:f7:11:10:be:39:e3: 73:6f:a3:e3:de:b6:57:61:d7:0d:8b:8a:7b:20:f0: 74:6d:d3:a8:ac:14:b3:8f:1a:37:ba:4f:18:10:d8: 39:e2:ad:07:22:7e:ae:df:ea:e6:63:41:8d:4a:e4: e7:c1:8d:88:cf:d0:a0:c4:1a:42:89:b7:dd:7d:b4: 27:4b:d2:c7:b5:ad:ea:ae:76:ab:d1:38:72:10:dd: 04:c6:82:f6:93:59:7f:88:04:f5:d8:45:c4:16:06: 79:f1:ab:75:bd:ab:12:5c:e9:f8:da:de:95:1b:28: f5:a3:54:36:af:78:d5:ca:7a:79:ca:8b:2c:e2:35: c4:c5:58:1c:9f:a6:60:3d:83:1b:f0:be:df:fd:a5: 46:5a:d2:82:a1:34:cf:df:40:12:08:a6:cc:4e:4a: 15:85:1c:0e:f5:6b:ac:4c:6f:b9:c2:8e:83:b3:0c: b2:00:72:70:6c:0f:56:c2:5b:97:10:0c:06:74:88: 88:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:53:0B:35:E7:D8:C8:E2:D3:E2:D9:F8:74:20:15:30:23:8B:DD:29 X509v3 Authority Key Identifier: keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:b8:44:07:f6:31:62:b6:a6:31:ed:72:9c:dc:45:42:16:bf: 79:c1:96:be:59:65:60:52:cc:92:2a:7b:42:b7:c5:88:a6:d0: b3:fa:90:dc:33:6d:15:3b:13:aa:17:9e:fb:75:ea:9e:f2:2c: 52:30:a7:e4:ad:a6:2c:fc:23:a1:68:dc:d8:b4:d4:d5:df:04: 19:53:7a:18:a9:27:b9:1e:dc:e0:9b:93:0b:5a:ae:35:e9:ac: b1:04:f0:4a:07:cf:cf:01:dc:ca:c7:06:5c:b0:1f:2a:53:8c: 8e:b4:69:61:bb:ad:55:e2:c6:8c:fd:3c:85:8f:77:f9:2f:28: d6:44:7d:f5:20:0a:8a:7f:5b:cf:57:2e:70:6e:0b:91:68:ef: 34:95:9e:2a:17:62:ba:ca:77:0a:06:c9:99:f7:14:a8:cf:bb: aa:54:26:1d:39:6b:ce:39:61:36:5e:ad:dc:26:8f:50:0a:56: 31:64:30:c5:e5:1f:c8:d8:09:5b:e5:39:d1:76:a2:31:43:f3: e8:d9:53:11:31:7f:9b:8b:58:a5:51:18:1b:2b:8a:3e:1a:4d: b6:0c:28:20:cd:1d:73:8c:89:c1:fc:a0:22:96:e3:1d:0f:96: a4:5c:dd:fc:6d:38:1c:14:61:9c:d7:8d:f5:3c:65:9a:a5:8e: ef:64:49:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsui4ae80fQTm43O6w8GxBXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0 MmQ2OGIwHhcNMjUxMjE3MjMwMDU0WhcNMjUxMjE4MjMwMDU0WjAzMTEwLwYDVQQD EyhiYjUzMGIzNWU3ZDhjOGUyZDNlMmQ5Zjg3NDIwMTUzMDIzOGJkZDI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iSn3me09pAIsZbqFbqIUr/LgTBM mHmf7KMV/m4Dl0Mwfvs/3V1PxQ1nwGKPup5QZL5jsP6RmNCMWfgx7lDZYgNGeSL3 ERC+OeNzb6Pj3rZXYdcNi4p7IPB0bdOorBSzjxo3uk8YENg54q0HIn6u3+rmY0GN SuTnwY2Iz9CgxBpCibfdfbQnS9LHta3qrnar0ThyEN0ExoL2k1l/iAT12EXEFgZ5 8at1vasSXOn42t6VGyj1o1Q2r3jVynp5yoss4jXExVgcn6ZgPYMb8L7f/aVGWtKC oTTP30ASCKbMTkoVhRwO9WusTG+5wo6DswyyAHJwbA9WwluXEAwGdIiIrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtTCzXn2Mji0+LZ+HQgFTAji90pMB8GA1UdIwQY MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbhEB/Yx YramMe1ynNxFQha/ecGWvlllYFLMkip7QrfFiKbQs/qQ3DNtFTsTqhee+3XqnvIs UjCn5K2mLPwjoWjc2LTU1d8EGVN6GKknuR7c4JuTC1quNemssQTwSgfPzwHcyscG XLAfKlOMjrRpYbutVeLGjP08hY93+S8o1kR99SAKin9bz1cucG4LkWjvNJWeKhdi usp3CgbJmfcUqM+7qlQmHTlrzjlhNl6t3CaPUApWMWQwxeUfyNgJW+U50XaiMUPz 6NlTETF/m4tYpVEYGyuKPhpNtgwoIM0dc4yJwfygIpbjHQ+WpFzd/G04HBRhnNeN 9TxlmqWO72RJjA== -----END CERTIFICATE-----Generated at Thu Dec 18 07:10:36 2025 by rpki-client