This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft File: bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json) Hash identifier: nhDddD59oXzgKxboz/gO7Z1xr43PFEZ5JYr/p+CH1Qo= Subject key identifier: 0B:3E:15:D0:C8:5D:3B:A7:C8:3B:DA:80:C4:E1:4C:65:9F:A2:14:DC Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 Certificate issuer: /CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Certificate serial: 019AF49BF40B1A452579B5625728616C8808 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft Manifest number: 0477 Signing time: Sat 06 Dec 2025 17:00:52 +0000 Manifest this update: Sat 06 Dec 2025 17:00:52 +0000 Manifest next update: Sun 07 Dec 2025 17:00:52 +0000 Files and hashes: 1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: xITUH9hOesrrPJUUzxOEcu3yqLrdOuz3QuRBNmgpBls=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:f4:0b:1a:45:25:79:b5:62:57:28:61:6c:88:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Validity Not Before: Dec 6 17:00:52 2025 GMT Not After : Dec 7 17:00:52 2025 GMT Subject: CN=0b3e15d0c85d3ba7c83bda80c4e14c659fa214dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7e:a6:0e:70:19:09:66:da:9f:dd:62:d6:64: 7d:8c:ef:76:af:05:f4:3a:d2:21:84:40:a3:c2:a0: e9:c6:d0:d2:db:2e:be:47:a5:27:92:d8:6e:27:24: a1:7c:7f:c0:9d:51:c4:8f:1f:0f:17:82:34:18:60: 8f:59:95:43:f2:63:b0:51:81:5e:2a:c9:53:98:3b: 23:38:37:f0:66:07:25:ae:7d:86:f0:65:d2:3c:88: dc:ff:20:45:e4:bb:c0:14:96:b9:fd:f4:3a:93:68: dd:d1:1b:70:fe:a5:97:1f:df:96:2d:64:6e:b0:fa: 11:ee:ff:bb:7a:86:d7:65:81:09:ab:39:d8:7c:3f: 81:c9:25:a9:a6:12:1d:d0:b4:53:7a:39:db:bc:e0: 80:a4:20:c5:c4:bf:46:ab:bd:cf:07:5a:59:d2:48: 7b:b5:3f:c7:a7:3b:64:85:e8:a6:71:86:c5:78:fd: 44:bb:be:82:d1:53:19:3e:04:25:0c:14:a5:e2:12: b6:4f:ab:5f:6f:11:02:04:30:db:3f:7c:bf:72:95: 63:af:c6:51:c4:20:11:98:72:9f:6e:85:d6:ad:8f: 18:25:a5:ce:4e:8a:d6:a1:51:c5:a1:e9:a5:44:98: 7b:4e:15:07:3d:07:37:e1:92:11:2d:d3:1b:c8:b5: a5:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:3E:15:D0:C8:5D:3B:A7:C8:3B:DA:80:C4:E1:4C:65:9F:A2:14:DC X509v3 Authority Key Identifier: keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:c3:30:02:69:3c:16:dd:e1:79:c7:e6:13:33:e8:03:85:02: 93:cf:22:c4:f8:9e:24:68:18:36:5d:57:97:10:82:5c:4f:b7: 71:ef:56:71:81:e7:6b:32:c6:ce:66:b4:58:7f:38:64:a3:c7: a1:dc:4a:90:a2:22:75:0f:d8:6e:bf:27:a3:18:54:43:b8:6e: 09:55:15:28:b6:3d:76:b9:37:ca:b1:42:35:cf:58:44:21:6c: 2e:61:8a:8a:2d:7a:12:24:87:4b:7a:83:86:f2:9a:39:2b:3a: cd:87:fe:e3:a7:72:9c:29:19:28:8c:87:90:a2:2f:f6:1d:dc: e0:8c:a4:af:47:dc:4e:c6:27:bc:b8:71:d5:89:c2:c4:64:10: 3c:b6:76:b4:8b:49:04:22:20:75:1a:0f:43:e8:11:23:b2:62: 7f:e2:07:f7:a5:bb:b9:d4:5b:c1:e1:56:24:ac:46:c5:b0:fc: 3d:85:01:ae:d8:c3:db:b8:ee:77:cb:ac:4d:d5:ed:95:39:89: f1:76:f3:74:c9:1c:2e:e6:d2:72:92:f0:76:29:95:15:cc:a2: 9e:c6:45:07:53:e5:e5:bb:d9:41:82:b0:4d:3b:4f:59:fe:08: f8:0f:4e:ea:f8:16:07:c3:2a:12:21:e8:3d:6a:0b:75:8e:e2: c7:a7:16:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m/QLGkUlebViVyhhbIgIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk NjY4YTAwHhcNMjUxMjA2MTcwMDUyWhcNMjUxMjA3MTcwMDUyWjAzMTEwLwYDVQQD EygwYjNlMTVkMGM4NWQzYmE3YzgzYmRhODBjNGUxNGM2NTlmYTIxNGRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn6mDnAZCWban91i1mR9jO92rwX0 OtIhhECjwqDpxtDS2y6+R6UnkthuJyShfH/AnVHEjx8PF4I0GGCPWZVD8mOwUYFe KslTmDsjODfwZgclrn2G8GXSPIjc/yBF5LvAFJa5/fQ6k2jd0Rtw/qWXH9+WLWRu sPoR7v+7eobXZYEJqznYfD+BySWpphId0LRTejnbvOCApCDFxL9Gq73PB1pZ0kh7 tT/HpztkheimcYbFeP1Eu76C0VMZPgQlDBSl4hK2T6tfbxECBDDbP3y/cpVjr8ZR xCARmHKfboXWrY8YJaXOTorWoVHFoemlRJh7ThUHPQc34ZIRLdMbyLWlJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAs+FdDIXTunyDvagMThTGWfohTcMB8GA1UdIwQY MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgcMwAmk8 Ft3hecfmEzPoA4UCk88ixPieJGgYNl1XlxCCXE+3ce9WcYHnazLGzma0WH84ZKPH odxKkKIidQ/Ybr8noxhUQ7huCVUVKLY9drk3yrFCNc9YRCFsLmGKii16EiSHS3qD hvKaOSs6zYf+46dynCkZKIyHkKIv9h3c4Iykr0fcTsYnvLhx1YnCxGQQPLZ2tItJ BCIgdRoPQ+gRI7Jif+IH96W7udRbweFWJKxGxbD8PYUBrtjD27jud8usTdXtlTmJ 8XbzdMkcLubScpLwdimVFcyinsZFB1Pl5bvZQYKwTTtPWf4I+A9O6vgWB8MqEiHo PWoLdY7ix6cWug== -----END CERTIFICATE-----Generated at Sun Dec 7 02:26:45 2025 by rpki-client