This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft File: BaO2FkB7l-JhFjNId8aqkoqq7rI.mft (raw, json) Hash identifier: kZ3mXP2fQhWSxymjOuQiwENxp/+SddQcGVhJ5e5dMwA= Subject key identifier: B5:65:BC:5A:53:84:72:44:F9:54:B6:E4:41:F8:6A:26:C1:CD:88:E2 Authority key identifier: 05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 Certificate issuer: /CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Certificate serial: 019AF2770FA284567279A9AAE27AC8DC81E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft Manifest number: 0B50 Signing time: Sat 06 Dec 2025 07:01:20 +0000 Manifest this update: Sat 06 Dec 2025 07:01:20 +0000 Manifest next update: Sun 07 Dec 2025 07:01:20 +0000 Files and hashes: 1: BaO2FkB7l-JhFjNId8aqkoqq7rI.crl (hash: aICuAGfSIEREyz2QNv2DHMd2XJdc1dnzGV+W3+FkrjA=) 2: bDkAt0CCYnB2xqRfpALpEK1gmgo.roa (hash: HzyjrIASJdGjjHtk6b54LHkaX+3Gt8eRcO+z/aYxOaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:0f:a2:84:56:72:79:a9:aa:e2:7a:c8:dc:81:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Validity Not Before: Dec 6 07:01:20 2025 GMT Not After : Dec 7 07:01:20 2025 GMT Subject: CN=b565bc5a53847244f954b6e441f86a26c1cd88e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1a:45:a4:62:ae:64:a4:64:dc:36:e1:bb:0d: 6d:b5:bd:b7:70:91:8a:4d:53:5b:1f:d6:61:f1:5a: 64:d6:8c:cd:e6:9f:b2:5f:1c:be:0d:ae:d7:2a:d9: 8f:79:cb:4e:1c:92:04:63:d5:0d:2d:da:c7:19:ed: f0:83:a2:77:c4:04:83:6b:66:a4:6c:f1:05:cf:bf: 57:54:a9:b9:a0:cc:7f:c6:fd:09:c4:00:c9:b5:58: be:fe:b3:06:18:45:f0:79:dc:de:52:82:03:f8:84: 9a:35:b3:5b:b8:fa:47:ff:d3:18:80:35:d7:65:9c: 1d:e1:7b:b0:a6:41:0f:c3:7a:e3:60:40:5b:fe:05: 37:59:7e:fd:a2:4e:47:2f:57:f4:10:2b:df:e0:1f: 8c:54:2a:53:5b:87:24:29:02:3a:e5:d9:44:29:42: eb:51:89:f9:65:98:25:e0:54:3f:da:55:0e:b0:eb: 6d:be:a9:59:4e:b6:12:9f:18:34:cf:50:8f:51:7f: 5d:b0:5e:9a:e6:28:25:0d:d8:c0:f9:8d:1a:aa:fb: 06:d6:a7:a9:dc:ba:08:90:77:b5:25:c5:b2:0e:cb: e4:ea:f1:51:e6:be:ec:3d:61:7f:d1:3a:00:ac:db: ff:16:9e:72:1a:e7:9d:70:44:f0:f3:85:c7:cc:59: 6f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:65:BC:5A:53:84:72:44:F9:54:B6:E4:41:F8:6A:26:C1:CD:88:E2 X509v3 Authority Key Identifier: keyid:05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:74:8f:8d:08:57:02:f5:70:de:d7:e5:d3:ac:d8:94:1a:01: f5:07:4d:51:6a:76:24:b6:8b:8e:9e:6a:a6:c1:ee:cb:19:1e: 1b:d9:bb:16:9c:cb:40:f0:a8:59:a2:06:b8:c9:f1:9c:3b:d5: 7e:0b:14:01:60:d4:7e:bb:d8:57:bc:70:44:52:2e:01:61:35: 51:90:94:38:c8:5c:4e:e1:13:6a:74:e6:65:1f:81:39:37:0c: a1:6c:ea:3f:30:ca:40:df:76:9b:a0:40:00:00:34:90:77:ec: 93:74:a0:0f:88:35:55:ac:24:2d:03:0d:c8:61:f0:0f:1d:f4: 33:48:f0:1b:e0:e5:4f:d4:3a:c0:e1:f3:63:93:93:69:66:69: a6:0d:92:f7:5d:c8:5b:e1:76:14:63:e1:19:26:6b:49:5f:aa: cd:56:93:9d:b8:01:7a:ef:0a:6a:f8:ac:25:51:3a:c5:ba:4d: c0:63:f0:2f:37:bc:e4:6b:97:07:a1:80:f5:5c:b5:11:9e:50: 8e:3f:de:1a:8c:cb:4a:b5:51:bd:2d:b2:90:f9:f0:64:cc:08: de:dd:1d:d5:e7:8b:72:96:23:c9:06:e8:79:70:21:aa:c2:61: d7:ca:a4:27:d6:16:59:47:77:16:d4:89:bc:26:aa:bc:f6:e7: 5a:4d:98:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydw+ihFZyeamq4nrI3IHgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1YTNiNjE2NDA3Yjk3ZTI2MTE2MzM0ODc3YzZhYTkyOGFh YWVlYjIwHhcNMjUxMjA2MDcwMTIwWhcNMjUxMjA3MDcwMTIwWjAzMTEwLwYDVQQD EyhiNTY1YmM1YTUzODQ3MjQ0Zjk1NGI2ZTQ0MWY4NmEyNmMxY2Q4OGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxpFpGKuZKRk3Dbhuw1ttb23cJGK TVNbH9Zh8Vpk1ozN5p+yXxy+Da7XKtmPectOHJIEY9UNLdrHGe3wg6J3xASDa2ak bPEFz79XVKm5oMx/xv0JxADJtVi+/rMGGEXwedzeUoID+ISaNbNbuPpH/9MYgDXX ZZwd4XuwpkEPw3rjYEBb/gU3WX79ok5HL1f0ECvf4B+MVCpTW4ckKQI65dlEKULr UYn5ZZgl4FQ/2lUOsOttvqlZTrYSnxg0z1CPUX9dsF6a5iglDdjA+Y0aqvsG1qep 3LoIkHe1JcWyDsvk6vFR5r7sPWF/0ToArNv/Fp5yGuedcETw84XHzFlvjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLVlvFpThHJE+VS25EH4aibBzYjiMB8GA1UdIwQY MBaAFAWjthZAe5fiYRYzSHfGqpKKqu6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2Et YWQ1MTM1NzRhNDA0LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2EtYWQ1MTM1NzRhNDA0 LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHSPjQhX AvVw3tfl06zYlBoB9QdNUWp2JLaLjp5qpsHuyxkeG9m7FpzLQPCoWaIGuMnxnDvV fgsUAWDUfrvYV7xwRFIuAWE1UZCUOMhcTuETanTmZR+BOTcMoWzqPzDKQN92m6BA AAA0kHfsk3SgD4g1VawkLQMNyGHwDx30M0jwG+DlT9Q6wOHzY5OTaWZppg2S913I W+F2FGPhGSZrSV+qzVaTnbgBeu8KavisJVE6xbpNwGPwLze85GuXB6GA9Vy1EZ5Q jj/eGozLSrVRvS2ykPnwZMwI3t0d1eeLcpYjyQboeXAhqsJh18qkJ9YWWUd3FtSJ vCaqvPbnWk2Y/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 10:32:26 2025 by rpki-client