This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft File: BMWTwzo9oilIzOIyis8F2YoB8aU.mft (raw, json) Hash identifier: oiYyEZM/pEFJ7GCbhOArADKFCIOHvjhKwWbTc9LaKlg= Subject key identifier: 1E:6A:4A:E4:09:A2:6C:D5:65:EB:29:48:AB:D4:FA:CC:92:1B:A6:C5 Authority key identifier: 04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 Certificate issuer: /CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Certificate serial: 019AF50B575E1A8DA27B01B0750DC457B94C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft Manifest number: 0894 Signing time: Sat 06 Dec 2025 19:02:32 +0000 Manifest this update: Sat 06 Dec 2025 19:02:32 +0000 Manifest next update: Sun 07 Dec 2025 19:02:32 +0000 Files and hashes: 1: BMWTwzo9oilIzOIyis8F2YoB8aU.crl (hash: ui7FTTjBOp/LPWomcFDOyoNLoDZd4HltvdaNFlvacyA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:57:5e:1a:8d:a2:7b:01:b0:75:0d:c4:57:b9:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Validity Not Before: Dec 6 19:02:32 2025 GMT Not After : Dec 7 19:02:32 2025 GMT Subject: CN=1e6a4ae409a26cd565eb2948abd4facc921ba6c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:fa:c2:a1:eb:c8:76:e6:9d:12:8e:8f:30:ea: 8f:37:70:c0:84:da:ab:c1:43:ba:2a:74:fa:92:08: 9d:38:48:d5:4c:de:5d:30:68:f7:f1:1b:fb:33:86: d7:0e:5d:0b:a0:5c:a3:cd:d0:ee:61:1c:58:8d:33: 7d:61:d8:7b:36:7b:1f:68:83:b7:89:c0:d0:ca:7e: eb:fa:32:b6:53:1a:2a:ff:76:3e:4e:d3:99:97:ad: 90:72:e7:4a:4c:b3:d2:f3:81:b2:62:c1:99:dc:00: 49:e7:bb:62:a6:b0:61:0f:d8:76:f6:cc:fc:bd:6a: cb:9a:5c:0b:42:b9:d1:7f:8a:6e:52:d7:5d:85:76: 15:6c:cf:10:74:47:46:39:fe:26:d8:13:c5:71:e8: 8a:5c:c1:33:9b:42:6c:e5:b9:2f:42:cb:00:1a:4b: 58:b0:f0:95:98:f0:4e:7a:07:d3:c3:05:e5:58:40: 39:d6:df:bc:3e:3b:d6:58:4f:de:d6:f8:ba:28:02: 42:01:9d:1e:b8:ea:96:d7:15:b6:b2:d1:6f:21:10: 7d:04:2f:a2:2d:f7:9d:63:d1:a1:b2:26:df:dc:47: 3e:9a:e3:04:59:34:8f:63:e0:bf:0b:b4:4f:01:56: e6:84:d9:3e:a7:b2:0b:3f:25:07:3a:82:e6:4b:d2: c4:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:6A:4A:E4:09:A2:6C:D5:65:EB:29:48:AB:D4:FA:CC:92:1B:A6:C5 X509v3 Authority Key Identifier: keyid:04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:7d:19:9f:fb:6d:c9:5b:fe:7d:a7:ef:ac:50:e6:af:bd:38: 14:be:f2:7c:f3:e4:b4:8d:ac:ed:c2:f4:88:bb:f0:9a:41:8f: f8:06:93:fd:ac:f7:58:34:f6:30:19:df:e3:0c:b6:6f:35:6a: 02:3f:16:1c:85:8e:92:ff:9f:76:9b:03:2a:38:2a:44:36:ba: 97:68:34:97:6b:f3:79:bb:fa:d4:44:50:4c:f6:4f:01:bf:5f: bb:bf:fe:95:3f:96:9d:83:bc:24:69:ff:fb:3c:89:ec:1c:aa: 95:a3:07:1b:8e:41:f3:14:87:89:e3:ac:94:60:8a:f2:95:b2: db:3e:53:90:fc:ce:bd:cb:79:95:a8:6d:fe:c2:7b:fb:bc:51: c6:50:83:1a:9a:7f:db:49:22:05:ed:21:cd:2e:78:83:6e:b5: 13:33:0a:5e:fc:f2:68:5e:62:13:1b:3b:e1:c3:48:d8:2a:84: 0e:ea:fe:66:e7:6d:58:c9:3f:50:76:b9:52:f4:70:27:de:21: a4:03:df:67:ce:ae:db:ec:47:ed:d9:00:0e:6a:66:f7:51:c9: bf:4f:8a:c2:a8:be:f1:63:d6:ea:01:e9:3d:f6:da:64:5e:2b: aa:6c:86:10:dd:88:8a:73:28:f1:cd:53:4e:ff:71:90:63:86: d8:cb:6d:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C1deGo2iewGwdQ3EV7lMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YzU5M2MzM2EzZGEyMjk0OGNjZTIzMjhhY2YwNWQ5OGEw MWYxYTUwHhcNMjUxMjA2MTkwMjMyWhcNMjUxMjA3MTkwMjMyWjAzMTEwLwYDVQQD EygxZTZhNGFlNDA5YTI2Y2Q1NjVlYjI5NDhhYmQ0ZmFjYzkyMWJhNmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0frCoevIduadEo6PMOqPN3DAhNqr wUO6KnT6kgidOEjVTN5dMGj38Rv7M4bXDl0LoFyjzdDuYRxYjTN9Ydh7NnsfaIO3 icDQyn7r+jK2Uxoq/3Y+TtOZl62QcudKTLPS84GyYsGZ3ABJ57tiprBhD9h29sz8 vWrLmlwLQrnRf4puUtddhXYVbM8QdEdGOf4m2BPFceiKXMEzm0Js5bkvQssAGktY sPCVmPBOegfTwwXlWEA51t+8PjvWWE/e1vi6KAJCAZ0euOqW1xW2stFvIRB9BC+i LfedY9Ghsibf3Ec+muMEWTSPY+C/C7RPAVbmhNk+p7ILPyUHOoLmS9LEiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB5qSuQJomzVZespSKvU+sySG6bFMB8GA1UdIwQY MBaAFATFk8M6PaIpSMziMorPBdmKAfGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEt NTBhNzM1YjI5NzYwLzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEtNTBhNzM1YjI5NzYw LzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKn0Zn/tt yVv+fafvrFDmr704FL7yfPPktI2s7cL0iLvwmkGP+AaT/az3WDT2MBnf4wy2bzVq Aj8WHIWOkv+fdpsDKjgqRDa6l2g0l2vzebv61ERQTPZPAb9fu7/+lT+WnYO8JGn/ +zyJ7ByqlaMHG45B8xSHieOslGCK8pWy2z5TkPzOvct5laht/sJ7+7xRxlCDGpp/ 20kiBe0hzS54g261EzMKXvzyaF5iExs74cNI2CqEDur+ZudtWMk/UHa5UvRwJ94h pAPfZ86u2+xH7dkADmpm91HJv0+Kwqi+8WPW6gHpPfbaZF4rqmyGEN2IinMo8c1T Tv9xkGOG2MttIw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:43:28 2025 by rpki-client