This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft File: a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft (raw, json) Hash identifier: YCSIC6UDqZI3ROPHh8lIi6QLBJLPnekPFwgHCS0Mgvw= Subject key identifier: A3:64:90:33:01:1B:8C:85:BB:39:8A:8E:D0:88:BD:6A:32:D4:32:E7 Authority key identifier: 6B:57:C5:DF:F7:0E:BF:E6:7A:40:0D:55:F2:59:DB:2C:37:19:21:96 Certificate issuer: /CN=6b57c5dff70ebfe67a400d55f259db2c37192196 Certificate serial: 019B3E6C7116F7D791AE1B18AFBE230AF102 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft Manifest number: 0549 Signing time: Sun 21 Dec 2025 01:00:52 +0000 Manifest this update: Sun 21 Dec 2025 01:00:52 +0000 Manifest next update: Mon 22 Dec 2025 01:00:52 +0000 Files and hashes: 1: DXY1aPZOR4ljjfKNnTzK-ui2GtQ.roa (hash: HmRJXl6KdbWQ5yFSi3ORZiwzeQcQdEBbSpqG5+7FJoc=) 2: a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl (hash: vJa4T4OBlfhSRk++M1hX3EVENjrGiZefx8WRTYcmwCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:71:16:f7:d7:91:ae:1b:18:af:be:23:0a:f1:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b57c5dff70ebfe67a400d55f259db2c37192196 Validity Not Before: Dec 21 01:00:52 2025 GMT Not After : Dec 22 01:00:52 2025 GMT Subject: CN=a3649033011b8c85bb398a8ed088bd6a32d432e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a6:56:32:e5:66:1c:ba:0c:bc:70:92:bc:91: 3b:45:b1:4f:f4:b4:0e:33:6a:38:2c:be:76:ee:1f: 6d:da:34:31:f4:fd:43:de:16:12:62:00:e6:4c:0d: 94:fd:c2:00:42:6b:7d:fb:5d:ba:64:db:ef:14:8e: 72:16:a6:fc:54:08:3c:cf:a8:6c:c3:11:e1:ed:e2: 50:72:4b:fa:cc:10:6d:0d:c8:20:f9:d4:1c:87:d7: 74:24:70:cd:d0:60:8d:b7:e5:8b:67:10:5a:71:25: c5:24:ca:77:20:ce:6b:26:a2:ab:39:f3:32:56:5c: a1:45:43:98:46:13:c1:e5:36:99:3b:37:fb:4d:b5: e4:3a:4d:77:f6:78:55:98:f5:09:03:b8:ab:8c:b5: 8c:3a:9f:0a:a5:0b:b2:e8:69:ed:1b:26:c9:49:83: a2:68:ea:4b:1c:0d:4f:f8:f3:20:7c:bc:9f:43:c3: a5:63:91:86:7f:a6:77:7a:78:ab:65:ac:20:6f:f8: 1b:0d:c8:3d:b1:c5:e0:93:b6:db:4c:76:c2:35:47: 13:5b:db:35:85:40:c2:99:fd:9f:53:74:c4:38:60: fb:38:03:99:eb:02:eb:a4:67:27:8d:8f:2c:9a:09: dd:83:e1:f1:a4:52:a8:9c:ac:b4:4c:ee:61:fb:4a: f2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:64:90:33:01:1B:8C:85:BB:39:8A:8E:D0:88:BD:6A:32:D4:32:E7 X509v3 Authority Key Identifier: keyid:6B:57:C5:DF:F7:0E:BF:E6:7A:40:0D:55:F2:59:DB:2C:37:19:21:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6ae58c-7618-41ba-a343-c46d7bac02fc/1/a1fF3_cOv-Z6QA1V8lnbLDcZIZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cf:72:6a:4b:30:f5:de:47:2e:b7:6f:dc:a3:52:cf:66:77:6d: 25:bb:81:86:65:08:a8:a1:e2:1b:58:e3:a8:fe:c9:f7:5a:11: a2:99:86:0b:5d:f7:ef:14:11:68:09:39:2c:44:38:da:c8:d0: b0:af:50:4a:3e:d8:6b:42:6e:9e:62:61:72:6d:ae:09:08:1b: 12:cb:ab:3c:43:f5:68:ca:70:0f:aa:de:4b:9d:26:6e:bd:78: c0:61:3c:e8:b7:a6:c6:08:e9:e5:08:ef:f6:34:dc:12:29:7a: cb:7a:fd:d9:a2:7a:4c:9d:79:24:a5:17:f3:d7:cc:a8:4b:93: 1e:a1:18:cb:07:72:bd:d8:7a:8d:1c:a1:38:99:20:58:b2:31: 3d:13:c8:4d:2b:c9:77:bb:79:00:e9:c9:6f:1f:b7:fd:de:90: a0:bd:c3:21:ab:ed:bb:6b:04:55:1a:6f:95:11:a3:90:67:f2: dc:7d:33:29:bd:ef:71:32:72:c6:45:28:51:a7:bd:d8:b6:7e: bf:ef:69:a0:2e:cc:c4:2c:e5:fe:c6:ab:7e:08:00:3a:b0:47: 2a:94:a5:7e:26:8d:4e:a3:ad:50:1c:7b:02:c8:c4:21:a1:c7: c7:3c:eb:f9:1b:aa:65:29:c9:c8:9b:16:00:fa:0f:8f:d8:b6: e1:8e:89:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bHEW99eRrhsYr74jCvECMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNTdjNWRmZjcwZWJmZTY3YTQwMGQ1NWYyNTlkYjJjMzcx OTIxOTYwHhcNMjUxMjIxMDEwMDUyWhcNMjUxMjIyMDEwMDUyWjAzMTEwLwYDVQQD EyhhMzY0OTAzMzAxMWI4Yzg1YmIzOThhOGVkMDg4YmQ2YTMyZDQzMmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaZWMuVmHLoMvHCSvJE7RbFP9LQO M2o4LL527h9t2jQx9P1D3hYSYgDmTA2U/cIAQmt9+126ZNvvFI5yFqb8VAg8z6hs wxHh7eJQckv6zBBtDcgg+dQch9d0JHDN0GCNt+WLZxBacSXFJMp3IM5rJqKrOfMy VlyhRUOYRhPB5TaZOzf7TbXkOk139nhVmPUJA7irjLWMOp8KpQuy6GntGybJSYOi aOpLHA1P+PMgfLyfQ8OlY5GGf6Z3enirZawgb/gbDcg9scXgk7bbTHbCNUcTW9s1 hUDCmf2fU3TEOGD7OAOZ6wLrpGcnjY8smgndg+HxpFKonKy0TO5h+0ryfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKNkkDMBG4yFuzmKjtCIvWoy1DLnMB8GA1UdIwQY MBaAFGtXxd/3Dr/mekANVfJZ2yw3GSGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YWU1OGMtNzYxOC00MWJhLWEzNDMt YzQ2ZDdiYWMwMmZjLzEvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS82YWU1OGMtNzYxOC00MWJhLWEzNDMtYzQ2ZDdiYWMwMmZj LzEvYTFmRjNfY092LVo2UUExVjhsbmJMRGNaSVpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz3JqSzD1 3kcut2/co1LPZndtJbuBhmUIqKHiG1jjqP7J91oRopmGC1337xQRaAk5LEQ42sjQ sK9QSj7Ya0JunmJhcm2uCQgbEsurPEP1aMpwD6reS50mbr14wGE86Lemxgjp5Qjv 9jTcEil6y3r92aJ6TJ15JKUX89fMqEuTHqEYywdyvdh6jRyhOJkgWLIxPRPITSvJ d7t5AOnJbx+3/d6QoL3DIavtu2sEVRpvlRGjkGfy3H0zKb3vcTJyxkUoUae92LZ+ v+9poC7MxCzl/sarfggAOrBHKpSlfiaNTqOtUBx7AsjEIaHHxzzr+RuqZSnJyJsW APoPj9i24Y6JDg== -----END CERTIFICATE-----Generated at Sun Dec 21 06:03:40 2025 by rpki-client