This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft File: BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json) Hash identifier: 98oL0PALQj07XF8mjeWV4Lrf5X3R6wh2jV76XHGbs/E= Subject key identifier: 5F:C6:E7:CF:A0:1D:6F:EC:96:B1:FD:FF:58:AF:C5:31:9A:0D:F1:18 Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C Certificate issuer: /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c Certificate serial: 019AF31B7DB56FFE005E813BFAC801E6D9E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft Manifest number: 048C Signing time: Sat 06 Dec 2025 10:00:56 +0000 Manifest this update: Sat 06 Dec 2025 10:00:56 +0000 Manifest next update: Sun 07 Dec 2025 10:00:56 +0000 Files and hashes: 1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: IeUE24+LzG8fZmybR3YhkFikn10T7X6apyzt7tzwOvs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:7d:b5:6f:fe:00:5e:81:3b:fa:c8:01:e6:d9:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c Validity Not Before: Dec 6 10:00:56 2025 GMT Not After : Dec 7 10:00:56 2025 GMT Subject: CN=5fc6e7cfa01d6fec96b1fdff58afc5319a0df118 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a1:e2:3b:fe:ef:d6:1d:3c:11:7d:00:28:6c: 5f:8e:a9:d5:13:3d:0d:09:d9:c7:4c:30:46:fd:37: 0e:d1:f6:b5:ee:cb:2a:67:67:23:d8:e1:67:fe:83: dd:d7:39:16:3f:53:e8:7b:df:11:15:05:2d:de:93: 0e:46:54:ed:be:d4:e5:e3:ca:5b:8b:84:75:c6:5b: 30:c2:32:5e:eb:09:b8:8f:f6:33:51:78:a6:a1:9f: c7:97:6d:5d:5e:cd:f6:ec:de:0a:d1:6e:a4:12:4d: 4e:15:0d:7a:10:63:69:ba:e8:8f:96:ef:38:f2:0a: b3:7e:0a:11:1c:8a:d1:61:3f:ed:65:a7:85:46:bf: 25:25:c8:9e:d9:24:f4:a3:a1:cf:34:82:cf:c4:ba: c9:3e:4b:84:0c:bc:00:b8:02:c7:0d:74:43:98:1c: 88:f6:d2:12:7e:40:6b:a3:5c:ee:19:80:7c:af:01: aa:1d:ff:77:1b:59:f9:4a:5d:75:73:36:3f:ee:7b: a6:36:7d:7b:03:0a:d9:fe:4b:21:75:9b:e2:6d:85: ca:f1:bc:62:d8:a6:9e:5c:39:b9:0f:3c:83:fe:e8: 06:97:8f:72:e3:8d:fc:bb:ff:94:c1:dd:25:0d:0b: c6:23:24:7e:7d:7d:15:58:9b:94:7e:93:7e:fc:33: 35:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C6:E7:CF:A0:1D:6F:EC:96:B1:FD:FF:58:AF:C5:31:9A:0D:F1:18 X509v3 Authority Key Identifier: keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:c6:60:20:d7:5c:7c:5a:3f:cc:46:b2:2d:0a:a6:18:78:cd: 4f:36:b4:0d:e9:96:5f:de:a2:2e:a5:98:3e:f3:33:6f:9e:8a: 72:b6:4f:4f:e2:5e:58:86:ac:7f:26:0f:2e:7b:9a:03:42:8b: c2:66:f6:77:0d:df:0c:54:f6:ae:01:a8:0e:b5:d5:af:37:f7: 95:3a:82:d2:8a:1d:e3:35:09:49:e0:5a:5e:cb:e4:ca:77:ce: 81:25:1e:ae:da:d9:99:7a:9a:c0:97:c7:cd:ed:d2:d6:6c:6c: fb:b9:00:50:d6:4e:67:02:9b:e2:d5:77:09:06:de:a0:d7:3e: ed:95:bf:37:80:d2:f2:2a:4f:db:4c:d3:ce:01:2b:bc:38:2f: 27:fb:9f:f1:bd:cd:cd:c7:ea:81:6d:97:16:f1:5f:73:87:0f: 4a:91:46:9b:86:ed:3d:fb:50:8a:ae:29:17:39:57:09:76:5f: 9b:90:6d:6b:0b:4b:11:a9:85:97:46:3c:f3:f5:22:92:3b:db: 7b:41:a9:21:c4:74:27:d7:88:11:a9:a1:95:1a:f0:bc:e4:e4: ba:d7:e1:1c:1f:26:df:1c:b2:68:2b:b3:8d:8b:d3:58:f1:bb: 84:73:ee:3d:dc:61:e3:cd:89:14:6c:e3:2d:dd:f3:11:d2:3f: b4:7f:1c:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG321b/4AXoE7+sgB5tnoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw ZTBhN2MwHhcNMjUxMjA2MTAwMDU2WhcNMjUxMjA3MTAwMDU2WjAzMTEwLwYDVQQD Eyg1ZmM2ZTdjZmEwMWQ2ZmVjOTZiMWZkZmY1OGFmYzUzMTlhMGRmMTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKHiO/7v1h08EX0AKGxfjqnVEz0N CdnHTDBG/TcO0fa17ssqZ2cj2OFn/oPd1zkWP1Poe98RFQUt3pMORlTtvtTl48pb i4R1xlswwjJe6wm4j/YzUXimoZ/Hl21dXs327N4K0W6kEk1OFQ16EGNpuuiPlu84 8gqzfgoRHIrRYT/tZaeFRr8lJcie2ST0o6HPNILPxLrJPkuEDLwAuALHDXRDmByI 9tISfkBro1zuGYB8rwGqHf93G1n5Sl11czY/7numNn17AwrZ/kshdZvibYXK8bxi 2KaeXDm5DzyD/ugGl49y4438u/+Uwd0lDQvGIyR+fX0VWJuUfpN+/DM13wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF/G58+gHW/slrH9/1ivxTGaDfEYMB8GA1UdIwQY MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4 LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgcZgINdc fFo/zEayLQqmGHjNTza0DemWX96iLqWYPvMzb56KcrZPT+JeWIasfyYPLnuaA0KL wmb2dw3fDFT2rgGoDrXVrzf3lTqC0ood4zUJSeBaXsvkynfOgSUertrZmXqawJfH ze3S1mxs+7kAUNZOZwKb4tV3CQbeoNc+7ZW/N4DS8ipP20zTzgErvDgvJ/uf8b3N zcfqgW2XFvFfc4cPSpFGm4btPftQiq4pFzlXCXZfm5BtawtLEamFl0Y88/Uikjvb e0GpIcR0J9eIEamhlRrwvOTkutfhHB8m3xyyaCuzjYvTWPG7hHPuPdxh482JFGzj Ld3zEdI/tH8c5g== -----END CERTIFICATE-----Generated at Sat Dec 6 17:21:16 2025 by rpki-client