This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft File: Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json) Hash identifier: 4BRrQVrz8/8iQTv16V9pFwe5mNcazdlVfBI5QkxSFDk= Subject key identifier: 2D:64:54:5D:47:62:81:EC:C9:BF:F9:75:F6:EA:2F:AA:FF:A7:64:FD Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34 Certificate issuer: /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234 Certificate serial: 019AF208C3E6BFC2B4D3152D019E4A9E922D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft Manifest number: 0F38 Signing time: Sat 06 Dec 2025 05:00:51 +0000 Manifest this update: Sat 06 Dec 2025 05:00:51 +0000 Manifest next update: Sun 07 Dec 2025 05:00:51 +0000 Files and hashes: 1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: AyzjUROPp1jyMP6E2kCJrDBeVrY97IgdfbSRnOOKnx4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:c3:e6:bf:c2:b4:d3:15:2d:01:9e:4a:9e:92:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234 Validity Not Before: Dec 6 05:00:51 2025 GMT Not After : Dec 7 05:00:51 2025 GMT Subject: CN=2d64545d476281ecc9bff975f6ea2faaffa764fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:68:35:7f:fd:a5:83:53:fc:66:ee:2d:0d:3a: 68:fe:a0:a3:d2:76:a0:f2:59:a2:50:9c:bd:e0:45: 68:9b:1b:a2:a9:bc:6a:0f:32:37:15:bd:f7:9b:9c: f8:38:d2:9d:e5:19:af:d7:17:c2:a9:6a:c2:17:cb: 07:48:11:86:87:7b:9b:d3:1f:1a:36:0a:fe:43:52: b8:e0:a4:eb:40:b3:3d:56:60:d8:77:06:47:fb:05: fe:71:04:f8:5a:ed:a5:53:17:c1:ba:f2:19:d0:5e: f0:ba:df:29:01:ee:e3:54:15:fe:c7:4d:52:c2:71: 2a:d2:06:65:d3:c5:10:e0:e8:e2:2d:8f:f5:85:ae: 3a:65:3e:d4:1a:67:0b:c8:9f:05:85:09:3d:ac:3d: 99:d2:2f:db:db:50:5a:f7:90:49:d0:fd:2b:74:be: 29:34:b5:c3:77:14:90:05:e5:b3:08:3e:f1:db:98: 10:14:69:d6:6e:dd:72:aa:48:c6:ac:07:8d:80:46: 54:d3:22:83:b8:c9:1e:42:ce:77:1a:35:01:98:b9: e7:1c:78:fa:6b:cc:47:e4:ee:6c:8b:02:e9:09:fa: 53:bb:51:ea:e2:c1:26:ec:de:a0:9f:d4:3a:d5:30: 11:c3:b8:48:56:e4:7e:38:3e:21:0e:78:25:4d:07: 2a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:64:54:5D:47:62:81:EC:C9:BF:F9:75:F6:EA:2F:AA:FF:A7:64:FD X509v3 Authority Key Identifier: keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:32:78:80:99:42:8d:0e:3d:9b:90:cd:17:67:6c:44:16:4c: af:a8:b3:fe:f9:10:d2:2c:cd:cb:94:ff:fb:5b:57:03:00:80: 13:80:20:f8:b5:ab:99:e5:b8:25:2a:7d:2e:91:d1:3f:78:fb: fc:8f:b2:15:fa:d2:1c:11:fd:76:06:09:a6:01:47:b4:17:dc: 70:18:3d:03:66:f7:8c:df:5d:1d:ef:73:80:79:97:a2:4f:fc: a4:42:2e:ba:47:9f:aa:d8:4c:fb:90:19:fe:27:e3:48:5c:24: 40:07:8b:ec:04:92:3a:90:c9:22:fc:96:64:62:e7:6c:35:e7: b3:3b:73:b6:12:83:e5:ce:c8:aa:0f:95:7b:91:02:f5:97:22: 08:7e:66:c1:53:4d:19:70:ad:3d:4e:12:95:b3:1d:5e:d5:d4: 38:c9:97:44:76:d6:db:9e:be:01:33:22:d0:cf:7e:b0:19:02: 89:f7:8c:34:d1:c9:3a:41:43:58:99:1d:9e:b9:21:8b:71:84: 9a:b9:8b:5d:ab:27:b1:9c:17:e3:06:5e:e9:82:df:c9:52:a6: 61:3e:65:83:14:c1:dd:9b:61:73:0f:36:9c:3c:6e:b0:87:a5: 04:57:c2:05:b8:f2:27:b6:f3:51:4d:b8:66:ba:e7:e4:1f:f2: c8:86:1b:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCMPmv8K00xUtAZ5KnpItMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx ZTEyMzQwHhcNMjUxMjA2MDUwMDUxWhcNMjUxMjA3MDUwMDUxWjAzMTEwLwYDVQQD EygyZDY0NTQ1ZDQ3NjI4MWVjYzliZmY5NzVmNmVhMmZhYWZmYTc2NGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGg1f/2lg1P8Zu4tDTpo/qCj0nag 8lmiUJy94EVomxuiqbxqDzI3Fb33m5z4ONKd5Rmv1xfCqWrCF8sHSBGGh3ub0x8a Ngr+Q1K44KTrQLM9VmDYdwZH+wX+cQT4Wu2lUxfBuvIZ0F7wut8pAe7jVBX+x01S wnEq0gZl08UQ4OjiLY/1ha46ZT7UGmcLyJ8FhQk9rD2Z0i/b21Ba95BJ0P0rdL4p NLXDdxSQBeWzCD7x25gQFGnWbt1yqkjGrAeNgEZU0yKDuMkeQs53GjUBmLnnHHj6 a8xH5O5siwLpCfpTu1Hq4sEm7N6gn9Q61TARw7hIVuR+OD4hDnglTQcqWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC1kVF1HYoHsyb/5dfbqL6r/p2T9MB8GA1UdIwQY MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjJ4gJlC jQ49m5DNF2dsRBZMr6iz/vkQ0izNy5T/+1tXAwCAE4Ag+LWrmeW4JSp9LpHRP3j7 /I+yFfrSHBH9dgYJpgFHtBfccBg9A2b3jN9dHe9zgHmXok/8pEIuukefqthM+5AZ /ifjSFwkQAeL7ASSOpDJIvyWZGLnbDXnsztzthKD5c7Iqg+Ve5EC9ZciCH5mwVNN GXCtPU4SlbMdXtXUOMmXRHbW256+ATMi0M9+sBkCifeMNNHJOkFDWJkdnrkhi3GE mrmLXasnsZwX4wZe6YLfyVKmYT5lgxTB3Zthcw82nDxusIelBFfCBbjyJ7bzUU24 Zrrn5B/yyIYbkA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:39:36 2025 by rpki-client