This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft File: BozI9XorPCKZsfSCtn4V2d5DrTw.mft (raw, json) Hash identifier: oVHrf9N2f0w8otEmTmxy78JKokXIHnXPcBGxJHVmZZ8= Subject key identifier: A9:B1:78:92:A6:50:2F:8E:BA:41:16:DF:72:86:D7:3F:96:5B:14:10 Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c Certificate serial: 019AF12DC2BAEC70BEAD5BBA011768728247 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft Manifest number: 14D7 Signing time: Sat 06 Dec 2025 01:01:39 +0000 Manifest this update: Sat 06 Dec 2025 01:01:39 +0000 Manifest next update: Sun 07 Dec 2025 01:01:39 +0000 Files and hashes: 1: BozI9XorPCKZsfSCtn4V2d5DrTw.crl (hash: EW5qkkYL2stbvT35GOLU2KTXd+sHkZ9/49PEw3/R7is=) 2: P9IjOiRib_oTzk3RFCj75_fHPso.roa (hash: zczeX9mp/ovcEZlHCQx76naAHy+fi7XPa1xXLFJeJgA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c2:ba:ec:70:be:ad:5b:ba:01:17:68:72:82:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c Validity Not Before: Dec 6 01:01:39 2025 GMT Not After : Dec 7 01:01:39 2025 GMT Subject: CN=a9b17892a6502f8eba4116df7286d73f965b1410 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:78:a1:42:c6:0f:8f:2f:96:69:80:0c:7d:02: 76:fa:e3:d7:60:97:02:e9:37:f3:0e:94:b5:8a:1a: a3:34:95:93:4d:82:a2:7b:05:60:8a:13:b5:c4:4f: 25:72:8f:f3:7e:5e:e3:45:e7:f9:d7:4b:c2:d1:86: fe:9a:55:54:5b:bb:e6:13:3a:60:cd:91:e0:49:26: 7f:b2:62:9d:38:d8:d9:f2:44:48:a8:cb:2f:d5:90: ce:31:d3:74:6e:c4:06:dc:96:3a:39:74:be:03:cf: ba:c8:e8:4d:7d:02:a0:a8:20:07:78:e3:72:4c:3f: 66:3d:7b:bd:36:e7:aa:04:fc:98:d4:69:41:88:89: 29:50:7f:8e:2d:68:6f:2c:11:75:ce:8f:09:ca:ab: 3c:ac:a2:4a:68:e1:a2:a9:09:9c:54:65:2d:ff:5e: 11:e9:a9:08:f5:19:03:70:75:54:09:f8:3a:d9:af: ce:d8:f6:66:e0:7a:8e:53:e5:74:ef:1f:76:3f:6d: fd:d8:b0:be:86:3b:c9:c8:a5:d0:f0:f3:44:e1:ea: ea:61:46:e1:8e:29:fb:15:a8:8f:2b:3c:cc:9c:69: 4c:83:45:ce:24:7b:1c:54:71:eb:ae:94:46:2b:17: 8e:7f:05:d1:c8:13:36:3f:ae:0b:fd:6f:23:33:34: 1e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:B1:78:92:A6:50:2F:8E:BA:41:16:DF:72:86:D7:3F:96:5B:14:10 X509v3 Authority Key Identifier: keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:ca:0d:ef:7b:38:99:84:51:95:b0:0d:1c:e8:12:0f:70:b3: d8:24:84:aa:90:12:86:d7:ed:17:93:3f:03:ad:82:43:16:14: f4:e6:5d:40:a8:7e:2b:bc:cc:3d:c3:d9:e3:6a:5c:c6:4e:ff: 7c:36:9e:90:68:89:59:63:03:a3:09:bb:42:06:eb:7f:b3:fe: d7:22:ea:f3:04:ba:f2:d4:e0:c7:38:b6:cd:e4:3c:df:6a:19: 06:25:65:2d:83:14:35:e8:33:1c:1a:d9:18:b4:bc:06:d7:50: 00:28:c2:58:27:62:4b:80:99:03:e8:84:04:85:98:bf:8b:2a: f3:49:f1:0d:16:ed:e0:3d:40:ef:16:81:d5:51:a9:45:dc:48: 4d:e0:25:6c:e6:7c:7a:fe:55:74:1b:be:b4:75:17:a5:1f:53: d0:7c:e4:58:6b:cd:d0:86:a3:7e:86:4b:d9:3d:39:a4:67:6c: fb:04:69:2a:98:4f:d7:08:2c:14:c3:0b:f7:e4:b7:65:2a:94: 23:48:91:af:9d:ee:e8:38:b8:bc:6c:8c:6b:9b:88:61:27:e5: 0c:82:a4:98:d4:fd:b0:fd:ee:7f:37:b4:28:e9:43:eb:65:ca: f5:cc:46:c0:27:44:20:30:b4:5d:35:63:07:66:67:18:9c:85: 6d:ca:91:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcK67HC+rVu6ARdocoJHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0 M2FkM2MwHhcNMjUxMjA2MDEwMTM5WhcNMjUxMjA3MDEwMTM5WjAzMTEwLwYDVQQD EyhhOWIxNzg5MmE2NTAyZjhlYmE0MTE2ZGY3Mjg2ZDczZjk2NWIxNDEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHihQsYPjy+WaYAMfQJ2+uPXYJcC 6TfzDpS1ihqjNJWTTYKiewVgihO1xE8lco/zfl7jRef510vC0Yb+mlVUW7vmEzpg zZHgSSZ/smKdONjZ8kRIqMsv1ZDOMdN0bsQG3JY6OXS+A8+6yOhNfQKgqCAHeONy TD9mPXu9NueqBPyY1GlBiIkpUH+OLWhvLBF1zo8Jyqs8rKJKaOGiqQmcVGUt/14R 6akI9RkDcHVUCfg62a/O2PZm4HqOU+V07x92P2392LC+hjvJyKXQ8PNE4erqYUbh jin7FaiPKzzMnGlMg0XOJHscVHHrrpRGKxeOfwXRyBM2P64L/W8jMzQeDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKmxeJKmUC+OukEW33KG1z+WWxQQMB8GA1UdIwQY MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It MmEyODQxNmQ0NWIyLzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjcoN73s4 mYRRlbANHOgSD3Cz2CSEqpAShtftF5M/A62CQxYU9OZdQKh+K7zMPcPZ42pcxk7/ fDaekGiJWWMDowm7Qgbrf7P+1yLq8wS68tTgxzi2zeQ832oZBiVlLYMUNegzHBrZ GLS8BtdQACjCWCdiS4CZA+iEBIWYv4sq80nxDRbt4D1A7xaB1VGpRdxITeAlbOZ8 ev5VdBu+tHUXpR9T0HzkWGvN0IajfoZL2T05pGds+wRpKphP1wgsFMML9+S3ZSqU I0iRr53u6Di4vGyMa5uIYSflDIKkmNT9sP3ufze0KOlD62XK9cxGwCdEIDC0XTVj B2ZnGJyFbcqRQw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:43:54 2025 by rpki-client