This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft File: a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json) Hash identifier: aczFFa39eFOe7aPAItQqoKpGJrp6l76khJBuzv3tTUg= Subject key identifier: 15:FB:94:21:E7:58:E9:98:68:14:17:82:54:4A:BE:0E:27:B3:A3:18 Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 Certificate issuer: /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Certificate serial: 019B24AC8048C3A8D21232DB1C243A056F94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft Manifest number: 0B3B Signing time: Tue 16 Dec 2025 01:00:43 +0000 Manifest this update: Tue 16 Dec 2025 01:00:43 +0000 Manifest next update: Wed 17 Dec 2025 01:00:43 +0000 Files and hashes: 1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: xaJyuOsAIW19r4wxObtYOY/wjXeFP96DALWdwMM4N+Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:ac:80:48:c3:a8:d2:12:32:db:1c:24:3a:05:6f:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Validity Not Before: Dec 16 01:00:43 2025 GMT Not After : Dec 17 01:00:43 2025 GMT Subject: CN=15fb9421e758e99868141782544abe0e27b3a318 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:12:0b:13:d1:c1:2c:23:48:2f:73:6e:f3:93: 4b:b2:f2:4b:55:25:7d:72:f9:ec:e6:21:b4:86:2b: dd:9f:6a:02:8c:e9:39:d3:25:9d:49:34:9f:17:8c: 98:cd:bd:8c:41:6e:75:8f:62:88:53:34:ce:cf:df: 8a:da:b6:fa:bc:27:b4:1e:94:9b:68:3f:4e:bc:2c: 3f:65:ac:70:f4:e7:f3:0d:85:8b:34:6c:39:cf:51: 56:a8:02:2d:ba:38:9f:70:c7:0f:e8:44:a3:b9:dc: 2d:4c:f2:ee:f6:d3:18:c9:5a:60:d0:27:01:ff:88: 65:db:32:60:84:14:f0:f2:ca:a7:4f:b1:87:7a:4e: 1f:fd:4c:77:ff:bc:ff:2e:4c:f2:ac:9f:af:d1:4e: fa:26:79:48:02:13:3b:5c:d7:e4:4f:f5:a0:c1:e6: 78:86:7a:48:f2:5a:3f:aa:90:11:ad:ef:c3:fb:19: c6:93:a9:c5:28:9d:f3:3b:89:87:99:1b:f3:5f:d8: 89:3a:e0:7c:51:54:cf:7e:09:4f:2b:a9:7b:52:9e: 25:9d:ca:f1:ac:8d:9c:b6:1b:ec:04:39:0d:02:d9: 8a:00:f9:87:58:c9:f7:4c:a6:53:87:06:e1:86:82: a7:1b:10:7e:bb:30:0a:a4:2f:e8:17:e2:89:10:42: df:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:FB:94:21:E7:58:E9:98:68:14:17:82:54:4A:BE:0E:27:B3:A3:18 X509v3 Authority Key Identifier: keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:75:cb:91:8c:05:14:00:91:96:ff:d9:90:30:06:7e:cf:a4: c3:76:75:5e:48:e3:0e:2b:cb:a1:7b:87:16:7c:86:35:f6:c7: 6b:f2:48:2e:32:73:f8:5f:b5:ac:92:45:e5:65:3b:f3:07:56: b9:36:cf:77:1d:89:01:55:67:77:e0:77:0a:fc:3c:0f:26:32: c9:da:c8:e2:32:a9:db:da:52:c5:4c:6a:3f:2c:c0:63:97:72: 34:3e:4d:8d:4f:15:57:02:35:cd:ed:09:a4:8a:cf:2c:0e:d0: 6e:58:f4:03:94:a6:82:fd:16:52:62:7d:fd:32:48:af:e7:51: 6d:f4:28:35:64:8c:86:83:4c:53:e9:4e:41:ab:70:ee:82:9d: 20:5a:e3:58:71:a1:70:a4:86:e8:16:9d:c2:06:6b:d9:5a:a2: 40:41:51:13:47:39:91:57:92:9b:dc:f6:93:8a:12:3d:c5:f6: cb:c6:5d:05:da:df:e6:02:33:69:a7:42:5a:f5:a0:32:0a:21: 7f:57:c6:3c:65:7c:18:92:58:b9:f7:db:ca:9d:24:77:f9:a9: 24:f8:4e:e1:37:c9:c8:dd:cf:e5:08:47:ef:21:42:54:e8:32: 4a:5c:ae:d2:84:e8:a6:d4:c8:e2:f4:33:ef:9d:ca:1f:3e:8e: 8c:45:74:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskrIBIw6jSEjLbHCQ6BW+UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj ZmFkNjEwHhcNMjUxMjE2MDEwMDQzWhcNMjUxMjE3MDEwMDQzWjAzMTEwLwYDVQQD EygxNWZiOTQyMWU3NThlOTk4NjgxNDE3ODI1NDRhYmUwZTI3YjNhMzE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRILE9HBLCNIL3Nu85NLsvJLVSV9 cvns5iG0hivdn2oCjOk50yWdSTSfF4yYzb2MQW51j2KIUzTOz9+K2rb6vCe0HpSb aD9OvCw/Zaxw9OfzDYWLNGw5z1FWqAItujifcMcP6ESjudwtTPLu9tMYyVpg0CcB /4hl2zJghBTw8sqnT7GHek4f/Ux3/7z/LkzyrJ+v0U76JnlIAhM7XNfkT/WgweZ4 hnpI8lo/qpARre/D+xnGk6nFKJ3zO4mHmRvzX9iJOuB8UVTPfglPK6l7Up4lncrx rI2cthvsBDkNAtmKAPmHWMn3TKZThwbhhoKnGxB+uzAKpC/oF+KJEELfMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBX7lCHnWOmYaBQXglRKvg4ns6MYMB8GA1UdIwQY MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5 LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAInXLkYwF FACRlv/ZkDAGfs+kw3Z1XkjjDivLoXuHFnyGNfbHa/JILjJz+F+1rJJF5WU78wdW uTbPdx2JAVVnd+B3Cvw8DyYyydrI4jKp29pSxUxqPyzAY5dyND5NjU8VVwI1ze0J pIrPLA7Qblj0A5Smgv0WUmJ9/TJIr+dRbfQoNWSMhoNMU+lOQatw7oKdIFrjWHGh cKSG6BadwgZr2VqiQEFRE0c5kVeSm9z2k4oSPcX2y8ZdBdrf5gIzaadCWvWgMgoh f1fGPGV8GJJYuffbyp0kd/mpJPhO4TfJyN3P5QhH7yFCVOgySlyu0oToptTI4vQz 753KHz6OjEV0jA== -----END CERTIFICATE-----Generated at Tue Dec 16 06:43:56 2025 by rpki-client