This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft File: BmVsWtlzg3LVTAN-OX81vpqpJNs.mft (raw, json) Hash identifier: wXCbkCqBph2twAcf3qwcCJ6/5C36hcXi40ACus4EZR0= Subject key identifier: AB:0D:9F:C4:F5:D1:16:A2:F8:97:4C:FE:25:46:9C:11:D2:6C:1D:3D Authority key identifier: 06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB Certificate issuer: /CN=06656c5ad9738372d54c037e397f35be9aa924db Certificate serial: 019B04B3CC6A159007FD367125981F5A0563 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft Manifest number: 0339 Signing time: Tue 09 Dec 2025 20:00:50 +0000 Manifest this update: Tue 09 Dec 2025 20:00:50 +0000 Manifest next update: Wed 10 Dec 2025 20:00:50 +0000 Files and hashes: 1: BOJlFcCNxlleMHUbR9TjmHCDeZc.roa (hash: ujITDNQNM0fpryFmlYjLZ0Q/wbil/+me/IAh88EFBg8=) 2: BmVsWtlzg3LVTAN-OX81vpqpJNs.crl (hash: 7adJ62WF5g55o1/ybceZiarmBnmplH5oTwbtewHxQq8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 10 Dec 2025 16:15:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:04:b3:cc:6a:15:90:07:fd:36:71:25:98:1f:5a:05:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06656c5ad9738372d54c037e397f35be9aa924db Validity Not Before: Dec 9 20:00:50 2025 GMT Not After : Dec 10 20:00:50 2025 GMT Subject: CN=ab0d9fc4f5d116a2f8974cfe25469c11d26c1d3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:96:18:bb:c5:53:f7:dd:4f:24:89:51:d5:48: 8f:17:e3:de:78:f3:9f:33:bf:9c:83:5b:f9:1b:a8: 27:d3:b2:bc:82:36:7f:de:43:7c:6a:4c:4f:2d:59: 56:29:fe:5d:a6:99:2a:d8:20:02:17:a5:8c:4d:cd: 12:f3:05:3f:26:4c:3a:27:5b:de:eb:2a:b6:61:1e: 3f:78:01:a3:2e:cf:cb:68:6f:91:f0:70:ee:91:d9: 35:83:9b:3b:cd:0c:b2:21:0f:6e:b9:fa:a7:6a:53: f6:db:11:27:3f:d0:da:e4:00:a9:0b:24:cd:ef:ba: 40:b3:c1:1e:1c:00:0d:41:31:23:7b:33:5d:5c:c8: 15:bb:0b:39:59:f9:fe:94:ad:90:05:e2:60:34:06: 39:74:3c:5a:ce:cd:8a:a4:5f:de:72:a4:be:6b:79: d6:6f:de:3d:d4:ce:78:12:9b:be:88:fe:ae:71:a6: 6f:f1:a1:a6:54:8a:7b:66:46:ff:3b:21:cf:6e:18: 5b:a1:5f:9c:7e:b3:38:fb:08:46:8d:97:ed:e0:4c: 90:5a:3f:6e:bb:db:bb:c8:26:67:10:dc:9d:60:03: 72:49:2a:4c:8f:73:d6:76:97:67:67:54:41:8a:5a: 9d:a7:21:00:fe:d6:9e:d3:de:30:aa:6b:84:b8:69: f4:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:0D:9F:C4:F5:D1:16:A2:F8:97:4C:FE:25:46:9C:11:D2:6C:1D:3D X509v3 Authority Key Identifier: keyid:06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:25:e9:f8:ab:9e:3a:1a:6e:56:cd:00:46:f0:f3:a3:e7:55: 55:34:62:40:1a:9a:55:4f:19:53:33:d3:70:95:08:89:ea:1c: 0d:f1:c7:b9:9a:bf:fc:03:78:72:0b:11:25:e2:94:4e:74:53: 2d:25:38:19:a2:c5:98:3f:de:1d:61:d2:d6:f9:d2:01:cb:ab: b2:90:52:28:4c:fd:18:81:0d:62:a8:94:28:8d:57:75:2f:87: c4:04:58:cb:51:48:ac:7f:52:66:2b:56:32:68:5a:6f:33:1e: 61:4d:f1:a1:75:2e:30:fe:65:ef:1d:31:43:b1:f9:d7:d2:e8: 6f:f4:4a:09:da:00:6f:5a:bd:e6:a8:b3:2c:e6:0c:46:aa:82: 7f:3a:e5:21:80:1c:0e:8a:8c:d7:67:fe:d2:b7:c9:28:0a:bb: f9:44:1d:3f:8d:99:12:0f:6b:3a:ff:97:38:ad:48:b2:50:ea: 9e:81:b3:24:e3:c8:c2:01:0a:5f:67:67:5d:cd:64:14:23:e8: aa:f9:39:52:a7:9e:91:1d:84:b4:6b:22:ee:40:51:9d:a1:bf: 98:f5:65:0c:98:5a:2d:31:97:c2:4e:9a:53:f8:86:0e:38:1e: b8:be:46:e0:4d:70:f1:18:98:c1:f6:3b:de:65:36:f2:84:92: 2b:66:17:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsEs8xqFZAH/TZxJZgfWgVjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NjU2YzVhZDk3MzgzNzJkNTRjMDM3ZTM5N2YzNWJlOWFh OTI0ZGIwHhcNMjUxMjA5MjAwMDUwWhcNMjUxMjEwMjAwMDUwWjAzMTEwLwYDVQQD EyhhYjBkOWZjNGY1ZDExNmEyZjg5NzRjZmUyNTQ2OWMxMWQyNmMxZDNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZYYu8VT991PJIlR1UiPF+PeePOf M7+cg1v5G6gn07K8gjZ/3kN8akxPLVlWKf5dppkq2CACF6WMTc0S8wU/Jkw6J1ve 6yq2YR4/eAGjLs/LaG+R8HDukdk1g5s7zQyyIQ9uufqnalP22xEnP9Da5ACpCyTN 77pAs8EeHAANQTEjezNdXMgVuws5Wfn+lK2QBeJgNAY5dDxazs2KpF/ecqS+a3nW b9491M54Epu+iP6ucaZv8aGmVIp7Zkb/OyHPbhhboV+cfrM4+whGjZft4EyQWj9u u9u7yCZnENydYANySSpMj3PWdpdnZ1RBilqdpyEA/tae094wqmuEuGn0YQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKsNn8T10Rai+JdM/iVGnBHSbB09MB8GA1UdIwQY MBaAFAZlbFrZc4Ny1UwDfjl/Nb6aqSTbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMt OGIwNzYyNTZmMzlkLzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMtOGIwNzYyNTZmMzlk LzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGiXp+Kue OhpuVs0ARvDzo+dVVTRiQBqaVU8ZUzPTcJUIieocDfHHuZq//AN4cgsRJeKUTnRT LSU4GaLFmD/eHWHS1vnSAcurspBSKEz9GIENYqiUKI1XdS+HxARYy1FIrH9SZitW MmhabzMeYU3xoXUuMP5l7x0xQ7H519Lob/RKCdoAb1q95qizLOYMRqqCfzrlIYAc DoqM12f+0rfJKAq7+UQdP42ZEg9rOv+XOK1IslDqnoGzJOPIwgEKX2dnXc1kFCPo qvk5UqeekR2EtGsi7kBRnaG/mPVlDJhaLTGXwk6aU/iGDjgeuL5G4E1w8RiYwfY7 3mU28oSSK2YX6Q== -----END CERTIFICATE-----Generated at Wed Dec 10 02:10:07 2025 by rpki-client