This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft File: bQih9MOF86e2KYTVPoFmWplUEPM.mft (raw, json) Hash identifier: St60+OOiAdQQiAbdocSmhDrrxejSxH2CvOYc/M9mb0I= Subject key identifier: EA:E6:6A:83:A3:18:8A:54:E8:FF:9C:D0:46:71:D2:F3:A4:7C:59:A4 Authority key identifier: 6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3 Certificate issuer: /CN=6d08a1f4c385f3a7b62984d53e81665a995410f3 Certificate serial: 019AF2AD9B318A81C2A62AE552777D5E3017 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft Manifest number: 0B61 Signing time: Sat 06 Dec 2025 08:00:54 +0000 Manifest this update: Sat 06 Dec 2025 08:00:54 +0000 Manifest next update: Sun 07 Dec 2025 08:00:54 +0000 Files and hashes: 1: J7EMvjCrDCSEaNvEXQjzbwryII4.roa (hash: Ak6AJOV8w0m5lQCAa41zEyYCpJIBSURSyT+w9pihP/8=) 2: bQih9MOF86e2KYTVPoFmWplUEPM.crl (hash: +ahyDP/grXYwK4mKlnhqK+eM7qvM0mSZ9HNnJIy2/4Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:9b:31:8a:81:c2:a6:2a:e5:52:77:7d:5e:30:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d08a1f4c385f3a7b62984d53e81665a995410f3 Validity Not Before: Dec 6 08:00:54 2025 GMT Not After : Dec 7 08:00:54 2025 GMT Subject: CN=eae66a83a3188a54e8ff9cd04671d2f3a47c59a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6b:d0:a3:75:32:e1:56:99:6a:b4:c3:51:ff: b6:bf:4d:d8:51:68:9d:29:d6:4f:b7:ac:eb:b1:85: 1c:50:e8:6a:86:64:51:2e:06:4b:de:72:6b:63:07: 0e:76:da:2d:8a:1a:74:f3:e4:4c:f5:25:2f:6e:4a: c9:5b:67:d8:8a:cd:be:f7:68:e2:42:33:34:71:1b: 44:71:bf:11:af:c1:e5:90:02:c1:c7:30:d8:5f:58: 73:50:17:be:0b:ef:00:58:2f:7c:c1:d0:76:a7:07: 04:b7:5d:d9:69:9c:00:29:39:20:87:a0:20:13:ed: 8f:bb:92:6f:55:d5:b4:f7:85:35:55:f5:e8:d0:5d: f3:ac:ee:09:09:f4:f0:b0:57:fe:f9:32:f5:39:7e: 53:ca:c5:95:99:a5:72:b2:29:b9:ae:d2:f3:c7:15: bf:d9:2c:c6:c1:f3:48:32:74:e0:15:64:64:61:84: e8:27:58:eb:93:9f:35:e0:96:5c:31:b1:e8:f5:55: 10:f3:ee:2e:e8:d3:02:b4:54:b0:a8:58:8f:dc:5f: 18:e5:e3:d1:ab:fb:a5:e7:fd:6e:86:97:81:f7:5b: bf:53:2b:5f:88:0b:86:2e:68:3d:b4:94:52:2a:a0: 95:0e:34:4f:3c:42:4f:8c:89:96:d6:a0:1a:1e:68: 5c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:E6:6A:83:A3:18:8A:54:E8:FF:9C:D0:46:71:D2:F3:A4:7C:59:A4 X509v3 Authority Key Identifier: keyid:6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:4a:df:c4:4d:c4:de:de:04:38:70:c7:23:3c:16:b6:3f:63: 61:26:b8:bb:38:95:fc:6c:e2:43:7a:0e:9c:a9:91:70:b5:0a: 7c:c9:be:5e:90:1d:34:fe:94:1b:30:a1:fe:31:9d:be:c2:6e: 39:f7:28:8f:9a:24:0a:5c:58:b8:78:17:55:19:5b:c7:11:09: 04:53:d2:09:9f:8c:e2:71:df:36:42:f6:86:72:b0:1b:8f:86: f8:0a:54:78:c9:be:76:05:9b:ae:c9:46:3a:d3:7b:42:d6:c5: 3d:95:1b:35:12:01:f4:9e:12:2a:52:69:35:96:ee:a0:85:cd: bd:28:40:08:39:a6:50:5c:20:e4:3d:2e:85:97:9b:a1:18:b0: 1d:91:76:13:fa:e6:de:00:62:4f:d4:7a:25:81:a7:45:e9:86: bf:87:ec:d6:85:dc:43:14:62:82:4c:9a:53:d7:35:31:a8:01: 32:3c:fb:85:ca:87:8f:5e:9f:79:08:72:83:dc:ff:0f:1a:a5: 29:75:ba:b1:17:10:33:51:31:00:d8:ba:68:13:7a:9f:4e:fc: 0d:72:13:82:23:5c:e6:f4:a5:e9:b8:d6:5a:6c:01:7d:54:79: a0:11:66:c9:7c:e9:d0:6d:c1:69:2b:0f:ac:25:fb:fd:5c:2d: a7:76:f6:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrZsxioHCpirlUnd9XjAXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDhhMWY0YzM4NWYzYTdiNjI5ODRkNTNlODE2NjVhOTk1 NDEwZjMwHhcNMjUxMjA2MDgwMDU0WhcNMjUxMjA3MDgwMDU0WjAzMTEwLwYDVQQD EyhlYWU2NmE4M2EzMTg4YTU0ZThmZjljZDA0NjcxZDJmM2E0N2M1OWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWvQo3Uy4VaZarTDUf+2v03YUWid KdZPt6zrsYUcUOhqhmRRLgZL3nJrYwcOdtotihp08+RM9SUvbkrJW2fYis2+92ji QjM0cRtEcb8Rr8HlkALBxzDYX1hzUBe+C+8AWC98wdB2pwcEt13ZaZwAKTkgh6Ag E+2Pu5JvVdW094U1VfXo0F3zrO4JCfTwsFf++TL1OX5TysWVmaVysim5rtLzxxW/ 2SzGwfNIMnTgFWRkYYToJ1jrk5814JZcMbHo9VUQ8+4u6NMCtFSwqFiP3F8Y5ePR q/ul5/1uhpeB91u/UytfiAuGLmg9tJRSKqCVDjRPPEJPjImW1qAaHmhchwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOrmaoOjGIpU6P+c0EZx0vOkfFmkMB8GA1UdIwQY MBaAFG0IofTDhfOntimE1T6BZlqZVBDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEt NDNhODUyNmQ4MmJiLzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEtNDNhODUyNmQ4MmJi LzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa0rfxE3E 3t4EOHDHIzwWtj9jYSa4uziV/GziQ3oOnKmRcLUKfMm+XpAdNP6UGzCh/jGdvsJu Ofcoj5okClxYuHgXVRlbxxEJBFPSCZ+M4nHfNkL2hnKwG4+G+ApUeMm+dgWbrslG OtN7QtbFPZUbNRIB9J4SKlJpNZbuoIXNvShACDmmUFwg5D0uhZeboRiwHZF2E/rm 3gBiT9R6JYGnRemGv4fs1oXcQxRigkyaU9c1MagBMjz7hcqHj16feQhyg9z/Dxql KXW6sRcQM1ExANi6aBN6n078DXITgiNc5vSl6bjWWmwBfVR5oBFmyXzp0G3BaSsP rCX7/Vwtp3b2qQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:23:44 2025 by rpki-client