This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft File: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft (raw, json) Hash identifier: 8HmDwm6rAwaqZNFsiOrClJYF6wltVbXOZk7RbV5lXkY= Subject key identifier: 8E:61:2D:59:25:87:3D:27:33:B6:64:E0:7B:25:3C:62:FA:C2:09:3C Authority key identifier: 6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 Certificate issuer: /CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Certificate serial: 019AF3C07BB919DB0753A8DBF8E1B8D42281 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft Manifest number: 04EF Signing time: Sat 06 Dec 2025 13:01:09 +0000 Manifest this update: Sat 06 Dec 2025 13:01:09 +0000 Manifest next update: Sun 07 Dec 2025 13:01:09 +0000 Files and hashes: 1: bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl (hash: ZF2jO5MI8hnSG6o3dH1eJkId5gpjJhbvGmiVMyTSDNY=) 2: xfuYQjKIwNsH8n8qNl-5nn5swlA.roa (hash: EURGAPm/xAIC/hIpJIK0VPaCfzGhmdAUIaI/It3KKIY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:7b:b9:19:db:07:53:a8:db:f8:e1:b8:d4:22:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb850deb28bdb2f655e2f1b02d37c13c6d43452 Validity Not Before: Dec 6 13:01:09 2025 GMT Not After : Dec 7 13:01:09 2025 GMT Subject: CN=8e612d5925873d2733b664e07b253c62fac2093c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:e5:f7:20:73:e7:50:84:d0:7e:bf:c1:63:96: df:81:f8:d1:af:a6:80:23:4b:09:05:b1:03:7d:68: a8:99:ba:00:a5:53:b8:2e:10:bd:35:26:6e:60:e5: e2:d1:33:49:71:72:51:29:a0:71:c9:11:55:7a:cf: 8b:55:a3:85:9d:4f:73:75:fb:c1:45:d0:eb:33:c1: e3:ba:b1:da:92:2f:10:94:db:6d:84:ef:b0:ec:d0: b3:92:a4:70:1c:f2:06:05:1d:2b:23:b7:04:40:cc: af:fd:22:a0:b9:96:ab:d0:66:55:41:b3:31:12:22: 52:80:b1:f3:40:65:6a:76:dd:bc:fb:1e:94:34:2d: 1d:4f:aa:10:10:d5:8e:21:36:0b:70:70:95:04:87: 67:4f:0b:f7:13:97:e8:ab:58:61:99:e4:3b:83:e7: a1:e9:95:68:f2:74:14:b4:f0:c8:a0:62:1e:56:f3: eb:2a:de:e1:66:61:dc:da:20:8c:45:2f:29:71:f5: 4e:15:c0:46:cf:ae:d2:db:de:00:14:ae:1b:ad:bc: 03:d4:e7:3d:52:80:9e:31:fc:f7:97:78:ab:05:95: 69:f0:2a:91:d6:ba:3e:5b:fb:d3:2f:68:fc:61:cc: da:b3:b7:18:7c:a8:e1:6f:4c:6a:b1:cf:d7:7a:96: f4:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:61:2D:59:25:87:3D:27:33:B6:64:E0:7B:25:3C:62:FA:C2:09:3C X509v3 Authority Key Identifier: keyid:6C:B8:50:DE:B2:8B:DB:2F:65:5E:2F:1B:02:D3:7C:13:C6:D4:34:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/b2d70d-4953-4d61-b8c9-88b2d2cf7c31/1/bLhQ3rKL2y9lXi8bAtN8E8bUNFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:af:c5:4c:0a:fc:03:d1:0e:f0:02:45:a8:51:16:fb:85:aa: 35:59:fa:c8:0b:87:1c:9d:e9:23:e6:b2:1a:08:a6:a6:21:55: ab:6a:c7:a0:5b:ab:5b:13:f4:3b:69:fb:7f:3f:92:38:3f:8b: 51:2d:ff:62:c6:e0:f4:01:a6:ba:81:4c:e3:8c:45:b5:d3:67: 70:f8:57:6b:02:57:d7:df:08:05:d4:4b:4a:c9:b3:a0:b5:2e: cb:4a:1a:fd:9d:2d:ca:09:c9:44:c4:86:c2:2f:13:a8:20:bf: a0:d6:4d:6b:27:f2:80:15:33:76:0e:60:ef:08:a5:20:c5:a6: 93:1f:cf:0b:c9:c2:de:63:20:d7:16:c5:8d:ba:80:fa:80:e0: 88:fb:ba:66:fc:c9:9b:0e:aa:34:b1:5f:ec:f7:56:6f:e5:21: 62:61:86:63:12:57:0f:b0:3b:fa:3e:aa:a3:b3:19:7b:b0:9d: 80:fb:90:d1:69:f0:1e:6b:8a:f8:12:30:02:e8:e9:d9:74:1d: 7f:f8:63:63:75:ba:1d:24:38:e9:c4:cb:48:25:a9:8a:d5:d1: 9b:4a:d3:36:3f:9c:b0:b9:79:3e:c0:60:ee:e9:59:54:f3:a6: 8b:6c:f1:40:08:17:3f:d6:3f:8a:f8:69:39:0c:44:8b:75:e4: f5:3d:15:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwHu5GdsHU6jb+OG41CKBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjg1MGRlYjI4YmRiMmY2NTVlMmYxYjAyZDM3YzEzYzZk NDM0NTIwHhcNMjUxMjA2MTMwMTA5WhcNMjUxMjA3MTMwMTA5WjAzMTEwLwYDVQQD Eyg4ZTYxMmQ1OTI1ODczZDI3MzNiNjY0ZTA3YjI1M2M2MmZhYzIwOTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+X3IHPnUITQfr/BY5bfgfjRr6aA I0sJBbEDfWiomboApVO4LhC9NSZuYOXi0TNJcXJRKaBxyRFVes+LVaOFnU9zdfvB RdDrM8HjurHaki8QlNtthO+w7NCzkqRwHPIGBR0rI7cEQMyv/SKguZar0GZVQbMx EiJSgLHzQGVqdt28+x6UNC0dT6oQENWOITYLcHCVBIdnTwv3E5foq1hhmeQ7g+eh 6ZVo8nQUtPDIoGIeVvPrKt7hZmHc2iCMRS8pcfVOFcBGz67S294AFK4brbwD1Oc9 UoCeMfz3l3irBZVp8CqR1ro+W/vTL2j8Yczas7cYfKjhb0xqsc/Xepb0LwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI5hLVklhz0nM7Zk4HslPGL6wgk8MB8GA1UdIwQY MBaAFGy4UN6yi9svZV4vGwLTfBPG1DRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4Yzkt ODhiMmQyY2Y3YzMxLzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9iMmQ3MGQtNDk1My00ZDYxLWI4YzktODhiMmQyY2Y3YzMx LzEvYkxoUTNyS0wyeTlsWGk4YkF0TjhFOGJVTkZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPq/FTAr8 A9EO8AJFqFEW+4WqNVn6yAuHHJ3pI+ayGgimpiFVq2rHoFurWxP0O2n7fz+SOD+L US3/Ysbg9AGmuoFM44xFtdNncPhXawJX198IBdRLSsmzoLUuy0oa/Z0tygnJRMSG wi8TqCC/oNZNayfygBUzdg5g7wilIMWmkx/PC8nC3mMg1xbFjbqA+oDgiPu6ZvzJ mw6qNLFf7PdWb+UhYmGGYxJXD7A7+j6qo7MZe7CdgPuQ0WnwHmuK+BIwAujp2XQd f/hjY3W6HSQ46cTLSCWpitXRm0rTNj+csLl5PsBg7ulZVPOmi2zxQAgXP9Y/ivhp OQxEi3Xk9T0Vtg== -----END CERTIFICATE-----Generated at Sat Dec 6 20:01:19 2025 by rpki-client