This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft File: bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json) Hash identifier: 6tEIyZbTxdcdUJ/MVw0tRlantFH9N49O9O68Y0kTxgo= Subject key identifier: 7D:05:F8:66:15:00:8A:F0:B9:25:1D:7F:D2:F3:12:61:38:A3:18:EC Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94 Certificate issuer: /CN=6cb9bfe9336da055790608a77a58ccabc4968694 Certificate serial: 019AF3898D8F87E2E256C7BED97C5C537FCA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft Manifest number: 0E07 Signing time: Sat 06 Dec 2025 12:01:09 +0000 Manifest this update: Sat 06 Dec 2025 12:01:09 +0000 Manifest next update: Sun 07 Dec 2025 12:01:09 +0000 Files and hashes: 1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: bUR250SJiAxv4OXGXjQWL5NOxuAGkM7NJ8WEjXpVAl0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:8d:8f:87:e2:e2:56:c7:be:d9:7c:5c:53:7f:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694 Validity Not Before: Dec 6 12:01:09 2025 GMT Not After : Dec 7 12:01:09 2025 GMT Subject: CN=7d05f86615008af0b9251d7fd2f3126138a318ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:2e:c8:a5:80:64:25:1d:c6:cf:90:e9:55:a0: 22:62:c5:37:d0:e1:78:70:79:27:1e:28:49:c0:b6: 52:0d:1e:71:3e:17:a1:f5:a3:0f:d9:3d:d2:b0:e5: 0c:ff:ad:3b:bb:26:35:f4:16:fc:31:e7:72:f2:67: 9a:f4:53:77:64:3a:1f:7e:ee:4d:df:2c:69:83:49: 61:53:a5:81:70:a2:68:f8:88:b2:4c:5a:27:4a:8d: b6:9f:c3:87:0b:f8:21:16:6e:44:d6:fe:fb:ef:79: f4:32:47:b8:68:fc:45:09:3b:6e:8e:d6:5a:ab:83: ab:a0:90:70:71:85:45:5c:bc:5c:51:a2:ae:d8:9f: 01:48:61:8d:57:e2:db:72:28:60:1f:cf:51:4c:a6: 28:bc:b2:13:38:60:63:8d:60:3d:00:36:85:a7:80: 2e:26:8b:63:b3:9c:16:9e:2e:ef:1b:6e:90:ea:64: f8:fd:81:2e:6f:15:40:08:b8:d9:91:e6:0f:6d:2a: 5e:2f:ef:34:69:2d:e9:6c:f4:ea:d0:64:40:26:f5: e8:c2:ff:a1:83:85:9d:74:af:eb:fd:18:79:e1:d0: b0:82:6b:d6:a7:33:71:d8:ab:6a:27:a0:04:7f:f6: 01:48:a8:d6:61:e0:56:4f:be:c4:5b:d4:7c:09:fb: f4:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:05:F8:66:15:00:8A:F0:B9:25:1D:7F:D2:F3:12:61:38:A3:18:EC X509v3 Authority Key Identifier: keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:e8:8c:3e:5e:fe:6d:50:d4:13:dd:cb:7f:7a:5f:2b:c4:89: 08:ed:2a:42:c2:a7:47:91:b8:d1:4d:73:93:ac:8e:f5:91:91: 32:5a:aa:47:d2:8d:4a:fd:7f:52:a8:23:08:a7:62:2c:d3:68: a7:34:50:ee:cb:f4:4b:77:f0:68:0a:40:68:b5:e4:68:20:cc: ff:01:f1:e5:3e:b5:f1:e9:fc:7f:44:14:3e:a7:b0:bb:cb:d1: 2e:47:ee:f3:5c:39:f5:89:77:20:f0:29:25:a5:d0:1a:81:03: c1:62:6a:5d:a1:61:1c:94:e3:86:85:e1:dd:18:84:ef:ff:6a: 20:f0:f7:55:96:09:6e:85:d7:ac:fb:4f:c1:ec:05:a9:aa:a4: b5:39:2b:49:a2:b9:9c:40:54:1a:58:3e:7d:4f:f3:b0:14:e4: 8a:55:a7:59:0f:ec:05:64:86:97:ec:6b:54:ee:4d:4f:a6:57: 30:40:d4:82:7f:39:c0:5d:49:5d:33:d9:f5:97:f6:15:c3:bf: 9d:38:2a:19:62:30:8d:63:bc:d5:9d:fe:7a:6a:28:c4:4c:3e: 89:11:bb:61:77:bf:1a:b6:2c:33:05:26:1c:85:52:8c:59:6d: d7:5f:a0:9f:cd:40:9f:ec:6f:7e:54:4f:f8:1c:1e:00:6d:e5: f8:18:d5:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziY2Ph+LiVse+2XxcU3/KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5 Njg2OTQwHhcNMjUxMjA2MTIwMTA5WhcNMjUxMjA3MTIwMTA5WjAzMTEwLwYDVQQD Eyg3ZDA1Zjg2NjE1MDA4YWYwYjkyNTFkN2ZkMmYzMTI2MTM4YTMxOGVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni7IpYBkJR3Gz5DpVaAiYsU30OF4 cHknHihJwLZSDR5xPheh9aMP2T3SsOUM/607uyY19Bb8Medy8mea9FN3ZDoffu5N 3yxpg0lhU6WBcKJo+IiyTFonSo22n8OHC/ghFm5E1v7773n0Mke4aPxFCTtujtZa q4OroJBwcYVFXLxcUaKu2J8BSGGNV+LbcihgH89RTKYovLITOGBjjWA9ADaFp4Au Jotjs5wWni7vG26Q6mT4/YEubxVACLjZkeYPbSpeL+80aS3pbPTq0GRAJvXowv+h g4WddK/r/Rh54dCwgmvWpzNx2KtqJ6AEf/YBSKjWYeBWT77EW9R8Cfv0+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH0F+GYVAIrwuSUdf9LzEmE4oxjsMB8GA1UdIwQY MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhOiMPl7+ bVDUE93Lf3pfK8SJCO0qQsKnR5G40U1zk6yO9ZGRMlqqR9KNSv1/UqgjCKdiLNNo pzRQ7sv0S3fwaApAaLXkaCDM/wHx5T618en8f0QUPqewu8vRLkfu81w59Yl3IPAp JaXQGoEDwWJqXaFhHJTjhoXh3RiE7/9qIPD3VZYJboXXrPtPwewFqaqktTkrSaK5 nEBUGlg+fU/zsBTkilWnWQ/sBWSGl+xrVO5NT6ZXMEDUgn85wF1JXTPZ9Zf2FcO/ nTgqGWIwjWO81Z3+emooxEw+iRG7YXe/GrYsMwUmHIVSjFlt11+gn81An+xvflRP +BweAG3l+BjVYQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:42:37 2025 by rpki-client