This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft File: u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json) Hash identifier: pXrDDDFAz64Ki/Ab2uWLitUdwKMnCMLQkO+hK1WjMfg= Subject key identifier: 1B:B6:EA:54:B2:D1:59:58:9B:82:17:B7:59:CA:90:B4:43:4B:88:49 Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE Certificate issuer: /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae Certificate serial: 019AF12E12C0A4FCA6C9E7B34BBDD4ED941B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft Manifest number: 11A1 Signing time: Sat 06 Dec 2025 01:01:59 +0000 Manifest this update: Sat 06 Dec 2025 01:01:59 +0000 Manifest next update: Sun 07 Dec 2025 01:01:59 +0000 Files and hashes: 1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: OB+qDejfNC48o5r50hcpjlkS4NP+1rcPDqaADM8NAq8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:12:c0:a4:fc:a6:c9:e7:b3:4b:bd:d4:ed:94:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae Validity Not Before: Dec 6 01:01:59 2025 GMT Not After : Dec 7 01:01:59 2025 GMT Subject: CN=1bb6ea54b2d159589b8217b759ca90b4434b8849 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:07:db:45:fb:93:d2:3d:d9:98:5c:c9:29:7b: ec:18:7f:e1:ef:e4:25:b2:06:02:e3:d1:85:c5:15: 06:e8:6e:a4:b6:e8:81:ff:48:30:fe:4c:42:c9:47: a8:11:37:1a:03:73:9b:0f:00:a5:c7:6b:5d:fd:45: c6:35:4b:13:e3:f8:8b:0c:99:ad:da:0f:9c:f8:20: a6:1a:8b:03:de:23:c2:b8:22:d5:9c:85:48:59:f0: 44:eb:2a:fd:a9:08:84:af:70:ee:ce:f1:e4:b5:f7: 81:d6:73:b9:ee:5e:e4:25:1d:62:36:77:ef:ee:65: dc:1d:1a:34:fb:c6:90:b8:9e:84:54:c5:cd:ff:e0: e7:5b:cd:5e:83:3c:22:ee:0e:c8:ba:38:a9:23:89: 31:3c:8d:16:ce:6f:c4:1c:07:78:7d:69:4c:63:19: dc:40:db:7e:31:0b:c5:75:2e:24:54:c7:e6:3b:8d: 53:97:b1:8e:94:a9:a0:78:0d:2b:0c:6e:a9:88:34: a2:09:e7:09:7a:bf:b9:53:24:73:ee:7a:92:0f:4f: 71:91:34:44:9e:2f:b9:09:7e:dc:ac:15:1e:e1:3d: 74:45:29:60:52:74:93:a9:a3:5a:51:b5:4e:e0:b1: 8a:db:2a:4a:1d:73:35:d1:e4:ae:77:f0:05:b1:29: 56:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:B6:EA:54:B2:D1:59:58:9B:82:17:B7:59:CA:90:B4:43:4B:88:49 X509v3 Authority Key Identifier: keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:03:44:18:51:9f:e6:23:ee:d8:e4:15:9f:0c:d0:bc:5c:73: 49:87:21:e4:f7:21:7c:99:9c:eb:89:38:71:63:a5:46:12:69: 20:c9:0e:b1:aa:f1:37:c0:71:ef:cb:9e:8f:aa:c1:f8:e6:b2: 1f:d6:9a:bb:14:71:19:6e:eb:1d:60:57:bc:9a:22:d3:3c:bb: 89:83:d7:45:48:63:6f:96:76:6b:9b:06:37:37:01:03:61:ed: 2a:d5:6d:be:32:3b:66:e2:7f:88:d0:01:a1:69:42:f4:e2:ed: 6a:04:db:66:ec:a8:a1:f5:78:6e:b3:2f:ca:fb:fb:c7:17:00: de:72:77:ef:13:e3:d9:7a:ed:7b:eb:15:26:1c:b9:b8:22:37: 0d:b3:ff:db:82:cd:7b:38:b4:e5:94:27:57:24:e2:33:92:0a: fa:06:3d:5a:58:c1:f6:5b:28:b8:77:81:bc:de:eb:c1:55:b6: 69:f1:da:8f:d4:7a:c3:91:7b:a0:a3:38:c4:58:b7:35:59:09: fa:3c:7f:bd:9b:68:d0:e2:f7:3c:ab:9e:30:a5:ae:ce:f1:2b: 5c:1b:16:38:98:2a:97:bf:23:a1:58:20:ab:13:42:86:02:7d: bf:f2:1c:f2:fc:f2:10:78:03:53:b3:8b:df:1c:76:4d:f7:c6: 0a:4f:94:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLhLApPymyeezS73U7ZQbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy ZDlmYWUwHhcNMjUxMjA2MDEwMTU5WhcNMjUxMjA3MDEwMTU5WjAzMTEwLwYDVQQD EygxYmI2ZWE1NGIyZDE1OTU4OWI4MjE3Yjc1OWNhOTBiNDQzNGI4ODQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwfbRfuT0j3ZmFzJKXvsGH/h7+Ql sgYC49GFxRUG6G6ktuiB/0gw/kxCyUeoETcaA3ObDwClx2td/UXGNUsT4/iLDJmt 2g+c+CCmGosD3iPCuCLVnIVIWfBE6yr9qQiEr3DuzvHktfeB1nO57l7kJR1iNnfv 7mXcHRo0+8aQuJ6EVMXN/+DnW81egzwi7g7IujipI4kxPI0Wzm/EHAd4fWlMYxnc QNt+MQvFdS4kVMfmO41Tl7GOlKmgeA0rDG6piDSiCecJer+5UyRz7nqSD09xkTRE ni+5CX7crBUe4T10RSlgUnSTqaNaUbVO4LGK2ypKHXM10eSud/AFsSlWewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBu26lSy0VlYm4IXt1nKkLRDS4hJMB8GA1UdIwQY MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3 LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQNEGFGf 5iPu2OQVnwzQvFxzSYch5PchfJmc64k4cWOlRhJpIMkOsarxN8Bx78uej6rB+Oay H9aauxRxGW7rHWBXvJoi0zy7iYPXRUhjb5Z2a5sGNzcBA2HtKtVtvjI7ZuJ/iNAB oWlC9OLtagTbZuyoofV4brMvyvv7xxcA3nJ37xPj2Xrte+sVJhy5uCI3DbP/24LN ezi05ZQnVyTiM5IK+gY9WljB9lsouHeBvN7rwVW2afHaj9R6w5F7oKM4xFi3NVkJ +jx/vZto0OL3PKueMKWuzvErXBsWOJgql78joVggqxNChgJ9v/Ic8vzyEHgDU7OL 3xx2TffGCk+UPQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:15:11 2025 by rpki-client