This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft File: BMWTwzo9oilIzOIyis8F2YoB8aU.mft (raw, json) Hash identifier: HrTCnUU+NE+bIi/BDIeS9ut8puUL6MZG55xAagk4gvE= Subject key identifier: C0:AE:39:4D:E1:89:61:92:E3:02:CD:CE:28:5E:C5:A9:0B:21:EA:DC Authority key identifier: 04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 Certificate issuer: /CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Certificate serial: 019B424A998A885466EE99A93C6E56147B05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft Manifest number: 08BC Signing time: Sun 21 Dec 2025 19:02:23 +0000 Manifest this update: Sun 21 Dec 2025 19:02:23 +0000 Manifest next update: Mon 22 Dec 2025 19:02:23 +0000 Files and hashes: 1: BMWTwzo9oilIzOIyis8F2YoB8aU.crl (hash: m4e7Em6ZchMFLdVAfrXmLz1IMtEhvDXLMX5aa73E+ZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:99:8a:88:54:66:ee:99:a9:3c:6e:56:14:7b:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Validity Not Before: Dec 21 19:02:23 2025 GMT Not After : Dec 22 19:02:23 2025 GMT Subject: CN=c0ae394de1896192e302cdce285ec5a90b21eadc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d3:b9:a5:c2:39:aa:d5:20:64:2f:fb:d2:1d: 6b:16:fa:c9:7b:1a:f2:15:23:bf:d2:03:04:be:ab: 70:8a:dc:70:c1:df:f5:4a:92:c1:16:2a:38:47:16: c4:cf:0c:fa:26:6f:c4:02:2b:36:72:41:58:44:d0: 28:79:75:70:cf:6f:76:d6:50:68:b7:ae:16:00:8e: 6d:00:45:c7:21:59:99:c5:09:82:d9:ea:7b:44:6d: 9e:eb:00:fe:17:91:93:00:4b:d0:ea:50:8c:47:37: c6:71:a5:9a:dc:b2:37:c4:fd:e0:b8:74:e8:53:2e: 37:69:df:47:0e:db:92:8f:86:60:66:6d:9e:c7:06: 0c:c3:c0:3d:bb:df:96:d2:56:c1:56:35:eb:73:e0: 60:ae:5c:ab:3d:6b:43:57:bf:e1:2f:e4:70:e6:eb: 63:8a:0e:1d:70:10:0c:dc:4b:3e:35:92:e0:89:b7: 5c:6d:df:da:87:5f:21:95:0f:17:cc:35:26:42:b0: 84:df:71:29:ff:43:7e:a1:22:08:f7:f9:07:a8:0f: c1:19:9d:2b:71:92:b3:3f:02:71:24:3a:f3:71:d1: 64:94:8c:a8:2f:76:0c:8f:b0:2f:1d:5d:67:a3:6a: 6d:f9:5e:35:4f:e0:10:fd:e5:9a:fc:d1:be:ed:ca: 71:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:AE:39:4D:E1:89:61:92:E3:02:CD:CE:28:5E:C5:A9:0B:21:EA:DC X509v3 Authority Key Identifier: keyid:04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:ce:eb:63:85:44:35:e6:c1:3e:7a:b8:64:a8:19:db:b6:9b: 87:49:b9:88:cf:55:e9:2e:00:ef:e3:92:e9:f5:52:4f:67:2d: 51:5d:2e:ea:4d:23:e7:e2:9e:73:fb:3d:43:f5:58:d2:99:51: f5:c3:2a:fb:39:50:49:6d:d8:39:3e:11:87:f4:f2:b2:8b:d1: 7d:4c:07:af:03:15:05:b4:4f:9c:6b:25:b1:1e:82:4a:bc:7b: cf:64:c0:b9:ca:e2:ab:20:45:43:78:b1:ca:d0:0c:99:c4:28: 1d:ac:aa:de:76:5a:ac:91:1e:f3:81:79:55:a6:a0:13:b4:da: fe:7a:c4:ef:93:45:e6:66:79:33:92:9a:c7:37:8a:c2:a7:3d: 63:fb:b5:06:98:4f:45:3c:c1:16:f3:d0:c5:6a:d3:f6:49:b2: 42:a6:24:16:b6:ee:31:83:0c:1d:40:23:8e:b1:c9:5a:b1:96: b5:db:b8:e5:39:57:06:da:d2:96:ea:c3:2b:cd:b9:d3:dd:11: df:f2:c4:18:6c:5d:99:4c:06:31:5b:1f:50:5f:c0:d2:bc:9a: 6d:92:40:c1:9d:a7:1f:e9:2d:5d:68:84:a9:43:a5:2f:32:0c: ab:ba:af:88:4a:23:87:32:08:69:42:7f:dc:56:22:e7:93:9b: 27:1d:06:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSpmKiFRm7pmpPG5WFHsFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YzU5M2MzM2EzZGEyMjk0OGNjZTIzMjhhY2YwNWQ5OGEw MWYxYTUwHhcNMjUxMjIxMTkwMjIzWhcNMjUxMjIyMTkwMjIzWjAzMTEwLwYDVQQD EyhjMGFlMzk0ZGUxODk2MTkyZTMwMmNkY2UyODVlYzVhOTBiMjFlYWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9O5pcI5qtUgZC/70h1rFvrJexry FSO/0gMEvqtwitxwwd/1SpLBFio4RxbEzwz6Jm/EAis2ckFYRNAoeXVwz2921lBo t64WAI5tAEXHIVmZxQmC2ep7RG2e6wD+F5GTAEvQ6lCMRzfGcaWa3LI3xP3guHTo Uy43ad9HDtuSj4ZgZm2exwYMw8A9u9+W0lbBVjXrc+BgrlyrPWtDV7/hL+Rw5utj ig4dcBAM3Es+NZLgibdcbd/ah18hlQ8XzDUmQrCE33Ep/0N+oSII9/kHqA/BGZ0r cZKzPwJxJDrzcdFklIyoL3YMj7AvHV1no2pt+V41T+AQ/eWa/NG+7cpxAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMCuOU3hiWGS4wLNzihexakLIercMB8GA1UdIwQY MBaAFATFk8M6PaIpSMziMorPBdmKAfGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEt NTBhNzM1YjI5NzYwLzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEtNTBhNzM1YjI5NzYw LzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmM7rY4VE NebBPnq4ZKgZ27abh0m5iM9V6S4A7+OS6fVST2ctUV0u6k0j5+Kec/s9Q/VY0plR 9cMq+zlQSW3YOT4Rh/TysovRfUwHrwMVBbRPnGslsR6CSrx7z2TAucriqyBFQ3ix ytAMmcQoHayq3nZarJEe84F5VaagE7Ta/nrE75NF5mZ5M5KaxzeKwqc9Y/u1BphP RTzBFvPQxWrT9kmyQqYkFrbuMYMMHUAjjrHJWrGWtdu45TlXBtrSlurDK825090R 3/LEGGxdmUwGMVsfUF/A0ryabZJAwZ2nH+ktXWiEqUOlLzIMq7qviEojhzIIaUJ/ 3FYi55ObJx0Gqg== -----END CERTIFICATE-----Generated at Sun Dec 21 23:23:23 2025 by rpki-client