This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft File: a0P3ovQ2ixel4DXOS9km-KFC1os.mft (raw, json) Hash identifier: DaXiJE5j0vE/SE8P+1Np7pRgdDZw+k6adS0vealxT9g= Subject key identifier: 23:89:0F:21:BF:1A:23:EA:19:E1:C3:B7:32:E4:97:4A:8E:12:D0:02 Authority key identifier: 6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B Certificate issuer: /CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Certificate serial: 019B0FA5A68CF9CCC6C779BE24F61F3D7DEF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft Manifest number: 176F Signing time: Thu 11 Dec 2025 23:01:12 +0000 Manifest this update: Thu 11 Dec 2025 23:01:12 +0000 Manifest next update: Fri 12 Dec 2025 23:01:12 +0000 Files and hashes: 1: MRvoKs_tNg3-xTMgCbueoBg-yMU.roa (hash: lEsMSNpmyZrLO0pVpESTwzarMUanf5zfZ6XbX+ha5s8=) 2: a0P3ovQ2ixel4DXOS9km-KFC1os.crl (hash: DiBg6nrUUGiSfRscj5SgyAnHLFgNiksPGrtIi+7pdo8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a5:a6:8c:f9:cc:c6:c7:79:be:24:f6:1f:3d:7d:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b43f7a2f4368b17a5e035ce4bd926f8a142d68b Validity Not Before: Dec 11 23:01:12 2025 GMT Not After : Dec 12 23:01:12 2025 GMT Subject: CN=23890f21bf1a23ea19e1c3b732e4974a8e12d002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:83:64:8a:9b:b4:f0:2b:1f:6e:30:a3:21:2c: 43:a2:d8:79:04:65:d4:47:88:51:bb:b5:a6:a1:ff: 21:7e:65:00:25:92:31:fb:b1:fd:22:d7:1d:ea:7a: 84:5d:dc:b2:57:98:ac:c0:31:13:b1:d5:54:f5:18: d0:2a:15:f9:8a:00:e6:63:77:af:91:2f:34:ca:1c: 96:3d:ef:1b:57:03:a6:37:c3:ab:9b:b6:b3:39:4b: 2f:42:e8:57:64:ac:33:6a:83:6f:55:b0:cb:57:2a: 8f:d3:e7:0c:28:2d:d4:c6:76:fb:e1:40:2e:42:5e: e7:4e:93:a1:52:fd:d8:fc:e7:78:b8:55:51:30:b7: ff:d4:00:4f:eb:0d:55:a2:c1:62:24:00:cf:3d:a9: dd:43:97:5d:b6:6e:60:ef:62:b2:8b:a0:2b:a4:fb: 88:75:e1:10:9a:d4:ee:d8:83:86:db:b6:36:ea:a9: bb:1b:3b:d2:2f:07:c5:35:b2:74:4d:de:e7:5e:f2: c9:54:4d:08:4d:b9:17:b2:6e:74:f7:3c:8f:df:cb: 28:5f:c5:6d:d7:12:68:48:8d:a6:ed:94:da:bc:1d: ac:e9:a2:9b:a9:f7:6c:fb:cf:e2:dc:f6:b2:9b:a1: 09:1e:fb:84:0b:8e:e6:82:32:30:1b:a3:f2:57:a5: 13:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:89:0F:21:BF:1A:23:EA:19:E1:C3:B7:32:E4:97:4A:8E:12:D0:02 X509v3 Authority Key Identifier: keyid:6B:43:F7:A2:F4:36:8B:17:A5:E0:35:CE:4B:D9:26:F8:A1:42:D6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0P3ovQ2ixel4DXOS9km-KFC1os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ba7dba-474a-42fd-a9c3-35b03136dd03/1/a0P3ovQ2ixel4DXOS9km-KFC1os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:dd:fa:49:92:ce:f7:0e:77:f2:d8:24:b0:8e:80:bf:c0:ea: 36:c9:76:9a:ad:b2:d8:71:95:a4:f3:e7:c1:25:92:3e:a6:85: 54:57:e2:b6:0a:66:b1:d8:a9:a3:12:0c:ce:e9:50:7a:9d:41: 70:62:83:ec:3e:52:ec:8a:56:19:1c:17:13:73:2a:ca:bf:30: e4:d1:bc:5e:d0:10:9d:fb:58:ba:13:34:cc:35:aa:e2:b3:e9: 4f:df:b4:b4:07:01:e2:fb:df:4a:38:77:a9:67:d5:9f:8e:b2: dc:f7:5f:22:a4:13:34:4f:5a:db:70:96:68:e2:e4:47:b6:a2: 1b:b0:21:7e:7c:c0:a3:3d:47:1f:e2:28:30:ad:f2:bf:14:9c: 90:7c:a6:5c:fd:4b:23:c6:88:a7:a9:f5:ae:81:9c:bc:ce:d8: 6b:f7:3f:de:1d:2d:b0:bd:a3:0f:be:34:46:d6:af:60:dc:1e: 14:13:b1:23:2c:c2:a8:b5:13:3c:ef:ea:a6:7d:96:c5:37:fe: 29:dd:dc:ab:98:c0:09:c3:91:9a:a4:6f:38:2c:d4:f1:13:d3: 08:fb:97:ac:c4:b9:3f:d9:28:2b:df:d1:b1:8c:a4:81:5e:d0: 2f:af:08:60:f7:39:9f:8a:07:23:e8:b2:7c:b7:ec:de:ed:48: 44:7c:55:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpaaM+czGx3m+JPYfPX3vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDNmN2EyZjQzNjhiMTdhNWUwMzVjZTRiZDkyNmY4YTE0 MmQ2OGIwHhcNMjUxMjExMjMwMTEyWhcNMjUxMjEyMjMwMTEyWjAzMTEwLwYDVQQD EygyMzg5MGYyMWJmMWEyM2VhMTllMWMzYjczMmU0OTc0YThlMTJkMDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvINkipu08CsfbjCjISxDoth5BGXU R4hRu7Wmof8hfmUAJZIx+7H9Itcd6nqEXdyyV5iswDETsdVU9RjQKhX5igDmY3ev kS80yhyWPe8bVwOmN8Orm7azOUsvQuhXZKwzaoNvVbDLVyqP0+cMKC3Uxnb74UAu Ql7nTpOhUv3Y/Od4uFVRMLf/1ABP6w1VosFiJADPPandQ5ddtm5g72Kyi6ArpPuI deEQmtTu2IOG27Y26qm7GzvSLwfFNbJ0Td7nXvLJVE0ITbkXsm509zyP38soX8Vt 1xJoSI2m7ZTavB2s6aKbqfds+8/i3Paym6EJHvuEC47mgjIwG6PyV6UTmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCOJDyG/GiPqGeHDtzLkl0qOEtACMB8GA1UdIwQY MBaAFGtD96L0NosXpeA1zkvZJvihQtaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMt MzViMDMxMzZkZDAzLzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9iYTdkYmEtNDc0YS00MmZkLWE5YzMtMzViMDMxMzZkZDAz LzEvYTBQM292UTJpeGVsNERYT1M5a20tS0ZDMW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF936SZLO 9w538tgksI6Av8DqNsl2mq2y2HGVpPPnwSWSPqaFVFfitgpmsdipoxIMzulQep1B cGKD7D5S7IpWGRwXE3Mqyr8w5NG8XtAQnftYuhM0zDWq4rPpT9+0tAcB4vvfSjh3 qWfVn46y3PdfIqQTNE9a23CWaOLkR7aiG7AhfnzAoz1HH+IoMK3yvxSckHymXP1L I8aIp6n1roGcvM7Ya/c/3h0tsL2jD740RtavYNweFBOxIyzCqLUTPO/qpn2WxTf+ Kd3cq5jACcORmqRvOCzU8RPTCPuXrMS5P9koK9/RsYykgV7QL68IYPc5n4oHI+iy fLfs3u1IRHxV1w== -----END CERTIFICATE-----Generated at Fri Dec 12 05:17:09 2025 by rpki-client