This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft File: a-BR-5PgFam3YbtFr-EJ2740fGY.mft (raw, json) Hash identifier: tjw4poIW1rXKOTqfrNXWFHN6fNu7fAI707QG1kHtZ/0= Subject key identifier: 60:C0:A3:B7:66:44:E8:4E:F4:F5:CF:FC:80:2D:57:08:2E:E3:EA:D6 Authority key identifier: 6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66 Certificate issuer: /CN=6be051fb93e015a9b761bb45afe109dbbe347c66 Certificate serial: 019B5A51B8CA9DC77C291A83DB4B40C0F6C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft Manifest number: 0748 Signing time: Fri 26 Dec 2025 11:01:03 +0000 Manifest this update: Fri 26 Dec 2025 11:01:03 +0000 Manifest next update: Sat 27 Dec 2025 11:01:03 +0000 Files and hashes: 1: a-BR-5PgFam3YbtFr-EJ2740fGY.crl (hash: rnILSHkJ9cobxuG9+kdJHnLiKJlkIRp/ANhFOx2An6A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:b8:ca:9d:c7:7c:29:1a:83:db:4b:40:c0:f6:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6be051fb93e015a9b761bb45afe109dbbe347c66 Validity Not Before: Dec 26 11:01:03 2025 GMT Not After : Dec 27 11:01:03 2025 GMT Subject: CN=60c0a3b76644e84ef4f5cffc802d57082ee3ead6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8e:68:9b:5c:2b:a7:32:97:d6:3c:20:c4:6b: 83:0b:38:53:eb:f2:d6:b1:b7:fc:0d:de:c8:10:b4: 56:b7:b9:bf:8b:ef:c5:b9:24:2d:b6:ae:f8:7f:65: ff:8c:8c:36:09:15:0a:d6:ef:19:5c:17:dd:24:97: 47:66:90:01:9b:e2:31:cd:01:20:f4:59:66:b4:4e: ce:24:67:cc:a5:4b:fb:d8:9d:e9:78:1b:f9:e7:da: aa:1e:3c:2b:22:7b:71:e6:9f:fa:b3:4c:fd:b6:29: a2:40:c1:a7:bb:ba:d1:57:72:9c:66:78:1f:8c:ef: 4e:5a:c7:8c:b4:b7:0f:e6:b3:91:5c:1c:f2:73:3f: 61:04:29:39:26:1c:b1:d7:a6:f3:96:4e:ca:b9:75: d5:12:cd:19:31:8c:4e:1d:2d:81:9f:25:1e:62:cb: 70:6b:07:9a:6b:94:98:b1:ca:6a:42:ed:2b:12:b6: ed:f8:3d:49:e4:d9:87:f9:8c:ee:0b:1d:67:c5:4a: 52:ed:ec:57:9a:e7:de:6a:5b:d9:66:e6:cb:cf:4d: 72:1b:6f:09:b1:1d:2c:ee:a4:fe:39:59:c5:a5:53: 28:c7:d7:ee:3c:17:d2:7d:76:56:62:17:22:b1:15: 13:04:e6:82:40:a5:8c:63:09:0a:df:73:1b:fb:b1: 88:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:C0:A3:B7:66:44:E8:4E:F4:F5:CF:FC:80:2D:57:08:2E:E3:EA:D6 X509v3 Authority Key Identifier: keyid:6B:E0:51:FB:93:E0:15:A9:B7:61:BB:45:AF:E1:09:DB:BE:34:7C:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-BR-5PgFam3YbtFr-EJ2740fGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/25f85e-d070-488b-89f6-f4e59f39a74a/1/a-BR-5PgFam3YbtFr-EJ2740fGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:c8:a4:45:ec:73:be:16:e5:5d:be:7a:47:ed:cf:46:de:7a: e4:24:e6:3a:fe:6b:44:db:a4:e4:5c:6f:32:c2:ab:20:95:71: f9:d7:f4:36:46:1a:63:c7:8b:fb:30:c2:0e:5a:a6:d2:ab:b0: 1e:15:7f:f2:e8:9f:17:e1:54:22:9b:d4:25:77:18:c9:ac:29: 4d:82:34:00:26:a1:dc:4d:3d:b9:bd:86:36:c3:a1:a6:80:d5: 5d:b1:49:e3:a7:54:7e:f9:3d:16:20:e3:45:86:2f:fa:e0:16: ed:b8:11:b9:1e:91:98:8c:4d:83:f2:e2:82:06:b4:b0:c7:92: d7:69:81:b3:dd:18:41:44:ed:11:62:1b:c1:81:b7:7b:ec:09: a6:d4:4a:7f:c0:0e:e4:18:b5:d8:10:c8:e6:62:fa:9d:93:70: df:5d:89:70:e5:d5:08:94:57:e6:cb:c9:47:2b:0f:6d:b4:b2: dc:f0:e5:25:95:c6:8f:c1:f7:dc:11:cc:07:25:62:d0:13:a1: 04:23:f0:16:77:6a:dd:f8:90:7d:c7:96:83:b3:c4:93:33:ba: 28:ac:57:a6:75:66:2d:cf:11:e9:d6:03:cd:5a:5a:ef:45:ad: b5:d0:fe:a1:d3:7a:67:c1:e3:ce:ae:69:63:30:a6:19:80:c0: 38:80:e9:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUbjKncd8KRqD20tAwPbIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiZTA1MWZiOTNlMDE1YTliNzYxYmI0NWFmZTEwOWRiYmUz NDdjNjYwHhcNMjUxMjI2MTEwMTAzWhcNMjUxMjI3MTEwMTAzWjAzMTEwLwYDVQQD Eyg2MGMwYTNiNzY2NDRlODRlZjRmNWNmZmM4MDJkNTcwODJlZTNlYWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo5om1wrpzKX1jwgxGuDCzhT6/LW sbf8Dd7IELRWt7m/i+/FuSQttq74f2X/jIw2CRUK1u8ZXBfdJJdHZpABm+IxzQEg 9FlmtE7OJGfMpUv72J3peBv559qqHjwrIntx5p/6s0z9timiQMGnu7rRV3KcZngf jO9OWseMtLcP5rORXBzycz9hBCk5Jhyx16bzlk7KuXXVEs0ZMYxOHS2BnyUeYstw aweaa5SYscpqQu0rErbt+D1J5NmH+YzuCx1nxUpS7exXmufealvZZubLz01yG28J sR0s7qT+OVnFpVMox9fuPBfSfXZWYhcisRUTBOaCQKWMYwkK33Mb+7GIGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGDAo7dmROhO9PXP/IAtVwgu4+rWMB8GA1UdIwQY MBaAFGvgUfuT4BWpt2G7Ra/hCdu+NHxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYt ZjRlNTlmMzlhNzRhLzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yNWY4NWUtZDA3MC00ODhiLTg5ZjYtZjRlNTlmMzlhNzRh LzEvYS1CUi01UGdGYW0zWWJ0RnItRUoyNzQwZkdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcikRexz vhblXb56R+3PRt565CTmOv5rRNuk5FxvMsKrIJVx+df0NkYaY8eL+zDCDlqm0quw HhV/8uifF+FUIpvUJXcYyawpTYI0ACah3E09ub2GNsOhpoDVXbFJ46dUfvk9FiDj RYYv+uAW7bgRuR6RmIxNg/Ligga0sMeS12mBs90YQUTtEWIbwYG3e+wJptRKf8AO 5Bi12BDI5mL6nZNw312JcOXVCJRX5svJRysPbbSy3PDlJZXGj8H33BHMByVi0BOh BCPwFndq3fiQfceWg7PEkzO6KKxXpnVmLc8R6dYDzVpa70WttdD+odN6Z8Hjzq5p YzCmGYDAOIDpMw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:22 2025 by rpki-client