This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft File: ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json) Hash identifier: HYUvPpn79KJieFq0mKxG9dq012dIbIVWbZ+CpTxpPfI= Subject key identifier: 18:81:FC:F6:3B:DA:BA:F0:6B:03:52:26:ED:C7:64:DD:48:C1:6C:6D Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C Certificate issuer: /CN=6daef3029629de029db98ab7b4e9bd221c28991c Certificate serial: 019B6EB4BF899B1F123B847A064E6FF1C5FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft Manifest number: 0D8B Signing time: Tue 30 Dec 2025 10:01:37 +0000 Manifest this update: Tue 30 Dec 2025 10:01:37 +0000 Manifest next update: Wed 31 Dec 2025 10:01:37 +0000 Files and hashes: 1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: aw+w4xgjVZMs07lgixQ9JTiJkkxeQTooXqFoFILQvZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:b4:bf:89:9b:1f:12:3b:84:7a:06:4e:6f:f1:c5:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c Validity Not Before: Dec 30 10:01:37 2025 GMT Not After : Dec 31 10:01:37 2025 GMT Subject: CN=1881fcf63bdabaf06b035226edc764dd48c16c6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:01:b4:a6:d7:83:6a:79:c5:9b:f8:28:f0:b6: 40:65:f8:8b:ad:08:6d:20:d9:e2:1e:68:37:4b:4c: ff:5d:53:56:74:4e:d9:fb:02:d6:6c:16:89:93:fc: 8b:5c:bd:de:ac:42:7a:a2:49:ac:39:30:c0:e3:0d: d3:9a:d3:c9:ae:db:5c:4b:65:b2:48:90:57:84:53: 81:45:63:bb:ec:28:a9:12:b7:d3:c3:51:c1:42:65: 12:14:0e:e7:6f:50:ba:bd:4b:97:5a:81:6b:94:36: 3b:f1:0f:3d:26:4f:88:33:d0:5a:77:24:04:6f:c2: 5f:f2:1f:29:0c:06:b4:29:57:87:1d:c2:5d:e9:d8: 4f:d6:78:5f:53:42:74:0c:f8:85:ba:68:62:20:69: 4c:90:9f:a7:2a:2c:12:db:80:4f:a3:79:66:0a:5f: 91:3e:5d:e7:c6:6b:91:c9:a6:a7:8c:ae:91:c0:87: d0:10:ea:99:59:ed:f8:b9:c5:a6:42:ef:43:00:ff: b7:67:59:8f:e1:c8:d9:9f:49:35:3c:76:e7:de:a3: 3a:c2:4e:2b:a2:4c:67:d4:d1:3f:82:c9:45:c9:c9: e0:72:6b:ca:34:bb:01:d9:ce:7a:54:56:18:4d:75: d4:0b:85:37:9c:f4:c1:da:93:cf:f2:d8:16:f4:3f: c3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:81:FC:F6:3B:DA:BA:F0:6B:03:52:26:ED:C7:64:DD:48:C1:6C:6D X509v3 Authority Key Identifier: keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:88:5c:aa:1d:fb:55:70:06:fc:36:ad:ca:4f:07:67:65:8d: 31:a0:fc:81:65:0f:4c:a7:0b:55:eb:70:5f:d4:11:ba:b2:6c: 66:05:cd:7b:ff:85:f8:16:56:3f:c3:34:be:89:02:0f:53:6a: eb:cb:6a:ee:fb:a8:75:e1:72:7d:13:11:11:ad:8b:dd:27:84: 0b:22:33:42:82:d9:4e:e4:d0:a5:41:50:14:62:c5:9a:20:aa: 29:6b:cb:5f:2f:2e:50:15:d0:46:a0:58:03:a8:aa:bb:c8:7d: 8b:40:6c:c0:c8:80:47:a9:48:e7:a3:1b:09:9d:94:a0:67:81: 88:e3:3e:0f:b0:ab:70:e7:ba:7c:f7:96:e0:da:45:d1:47:a8: d1:d4:ec:21:aa:d4:b2:19:1f:32:cb:4b:fd:be:d2:da:cd:53: 88:2d:3a:da:16:2f:d1:f8:19:81:53:e4:0b:b0:10:ef:64:9e: 8d:6f:b0:94:7a:2e:c7:3f:81:3f:c8:03:e9:e2:68:25:95:9d: ba:8e:a8:f0:9a:e4:ae:08:38:ca:7d:45:05:10:43:08:5b:e2: d2:87:4d:7f:6e:cf:40:ea:0d:27:6e:c0:8c:73:7e:d0:72:e3: de:a8:97:be:a4:3c:df:00:42:cc:6c:3f:f8:be:ac:0a:0d:48: c2:60:f0:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtutL+Jmx8SO4R6Bk5v8cX7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy ODk5MWMwHhcNMjUxMjMwMTAwMTM3WhcNMjUxMjMxMTAwMTM3WjAzMTEwLwYDVQQD EygxODgxZmNmNjNiZGFiYWYwNmIwMzUyMjZlZGM3NjRkZDQ4YzE2YzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwG0pteDannFm/go8LZAZfiLrQht INniHmg3S0z/XVNWdE7Z+wLWbBaJk/yLXL3erEJ6okmsOTDA4w3TmtPJrttcS2Wy SJBXhFOBRWO77CipErfTw1HBQmUSFA7nb1C6vUuXWoFrlDY78Q89Jk+IM9BadyQE b8Jf8h8pDAa0KVeHHcJd6dhP1nhfU0J0DPiFumhiIGlMkJ+nKiwS24BPo3lmCl+R Pl3nxmuRyaanjK6RwIfQEOqZWe34ucWmQu9DAP+3Z1mP4cjZn0k1PHbn3qM6wk4r okxn1NE/gslFycngcmvKNLsB2c56VFYYTXXUC4U3nPTB2pPP8tgW9D/DdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBiB/PY72rrwawNSJu3HZN1IwWxtMB8GA1UdIwQY MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIhcqh37 VXAG/Datyk8HZ2WNMaD8gWUPTKcLVetwX9QRurJsZgXNe/+F+BZWP8M0vokCD1Nq 68tq7vuodeFyfRMREa2L3SeECyIzQoLZTuTQpUFQFGLFmiCqKWvLXy8uUBXQRqBY A6iqu8h9i0BswMiAR6lI56MbCZ2UoGeBiOM+D7CrcOe6fPeW4NpF0Ueo0dTsIarU shkfMstL/b7S2s1TiC062hYv0fgZgVPkC7AQ72SejW+wlHouxz+BP8gD6eJoJZWd uo6o8Jrkrgg4yn1FBRBDCFvi0odNf27PQOoNJ27AjHN+0HLj3qiXvqQ83wBCzGw/ +L6sCg1IwmDwjw== -----END CERTIFICATE-----Generated at Tue Dec 30 14:59:45 2025 by rpki-client