This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft File: bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json) Hash identifier: 1JAEL1tXEUZh7NukVo3X6r6IBA3ewnE+UznATtVfxZI= Subject key identifier: CC:8F:67:3F:A3:6F:D5:91:0A:E7:97:73:9E:78:CA:D7:67:D6:50:FB Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D Certificate issuer: /CN=6cb76b5363383d68e555e5270a5931d8340e180d Certificate serial: 019AF12E83E91DE00BD69162D5842B05A2B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft Manifest number: 0EEE Signing time: Sat 06 Dec 2025 01:02:28 +0000 Manifest this update: Sat 06 Dec 2025 01:02:28 +0000 Manifest next update: Sun 07 Dec 2025 01:02:28 +0000 Files and hashes: 1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: 2NQGzAZyF6B3H1wqJfl3YTkOtF7n7u0w+9xwMasxnZ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:83:e9:1d:e0:0b:d6:91:62:d5:84:2b:05:a2:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d Validity Not Before: Dec 6 01:02:28 2025 GMT Not After : Dec 7 01:02:28 2025 GMT Subject: CN=cc8f673fa36fd5910ae797739e78cad767d650fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e3:f5:18:2d:8e:2b:9d:db:bd:b4:68:8b:3d: 3d:49:3b:47:23:de:9d:bf:a8:2b:a3:98:03:11:80: f7:5f:c3:6e:14:03:3e:93:8e:e6:f8:e2:6b:47:02: 03:d5:45:bf:21:b1:15:2c:04:fd:08:d9:4c:e2:d6: b9:4e:31:ed:27:6d:53:57:b7:59:c9:a3:25:d9:2a: 20:a8:c5:ba:f7:90:37:70:79:a3:54:2d:7d:d8:6b: 40:d4:83:e2:e2:80:d9:08:c5:f9:8c:23:62:a8:b3: 94:7d:ec:69:88:99:18:3a:23:c2:d9:5a:59:3a:78: ba:ee:ca:82:97:4f:67:3e:63:72:ff:ee:8a:c5:95: 7c:a3:90:ff:e7:47:3a:70:c1:3b:4b:52:e4:e0:c4: cc:0a:ac:76:f4:0d:47:8b:e4:c7:f8:95:9f:46:73: 9f:f6:24:3d:19:4a:dd:b2:16:6f:b2:b3:68:20:81: 06:74:39:ff:70:c8:fd:dd:c2:43:46:b6:ab:83:09: bb:8c:ce:0d:23:f5:2d:11:f9:2c:5b:b7:32:90:ef: 55:81:45:87:05:fe:30:2c:92:00:ac:d7:b6:bd:70: fb:1d:b5:1a:64:18:60:5e:b3:b7:ca:0e:c0:e8:32: 74:12:d9:da:2e:0a:24:32:44:fc:23:c4:4c:86:19: 7c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:8F:67:3F:A3:6F:D5:91:0A:E7:97:73:9E:78:CA:D7:67:D6:50:FB X509v3 Authority Key Identifier: keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:f1:80:36:94:90:36:9e:3e:c5:3f:3b:a5:5b:07:1f:eb:47: ca:6a:55:9c:c3:1f:79:f4:f1:35:e8:3a:16:f2:05:14:f7:24: 2e:2a:9b:32:78:0f:d8:e5:f1:a0:53:6e:21:6d:5a:39:18:dd: fd:d8:71:94:b8:42:7a:78:22:8d:0e:db:4f:25:63:7d:c1:9e: 7f:f3:72:f9:12:5f:de:22:c9:aa:41:b2:8d:29:03:c7:02:d1: 86:6c:d6:d9:a7:dc:91:db:0b:8a:c8:de:de:84:7a:f0:0e:94: 37:88:b6:dd:d1:68:9f:2a:bf:c5:35:ff:1a:d7:80:8a:f6:81: d7:35:74:98:db:00:bb:81:0b:b7:71:eb:af:9a:ee:27:39:bf: 98:92:94:a6:4b:62:82:a8:0d:dc:57:bc:c4:54:a1:f4:6c:47: 66:db:6b:e9:79:c2:a7:cf:d3:4a:ec:84:1e:b1:e9:6e:23:9b: 2a:ef:48:17:78:24:2a:88:96:88:27:03:94:b5:bd:7f:cf:46: 20:0d:47:af:5b:60:73:27:eb:8a:8a:a3:c9:0b:3d:16:6a:f1: 21:96:74:69:b3:75:15:a9:bc:0e:be:02:a7:6f:30:38:8e:22: d2:bc:07:ef:77:3f:25:03:6f:77:b0:2f:0c:9b:09:2b:88:23: 6c:12:fa:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLoPpHeAL1pFi1YQrBaK4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw ZTE4MGQwHhcNMjUxMjA2MDEwMjI4WhcNMjUxMjA3MDEwMjI4WjAzMTEwLwYDVQQD EyhjYzhmNjczZmEzNmZkNTkxMGFlNzk3NzM5ZTc4Y2FkNzY3ZDY1MGZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOP1GC2OK53bvbRoiz09STtHI96d v6gro5gDEYD3X8NuFAM+k47m+OJrRwID1UW/IbEVLAT9CNlM4ta5TjHtJ21TV7dZ yaMl2SogqMW695A3cHmjVC192GtA1IPi4oDZCMX5jCNiqLOUfexpiJkYOiPC2VpZ Oni67sqCl09nPmNy/+6KxZV8o5D/50c6cME7S1Lk4MTMCqx29A1Hi+TH+JWfRnOf 9iQ9GUrdshZvsrNoIIEGdDn/cMj93cJDRrargwm7jM4NI/UtEfksW7cykO9VgUWH Bf4wLJIArNe2vXD7HbUaZBhgXrO3yg7A6DJ0EtnaLgokMkT8I8RMhhl8iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMyPZz+jb9WRCueXc554ytdn1lD7MB8GA1UdIwQY MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlPGANpSQ Np4+xT87pVsHH+tHympVnMMfefTxNeg6FvIFFPckLiqbMngP2OXxoFNuIW1aORjd /dhxlLhCengijQ7bTyVjfcGef/Ny+RJf3iLJqkGyjSkDxwLRhmzW2afckdsLisje 3oR68A6UN4i23dFonyq/xTX/GteAivaB1zV0mNsAu4ELt3Hrr5ruJzm/mJKUpkti gqgN3Fe8xFSh9GxHZttr6XnCp8/TSuyEHrHpbiObKu9IF3gkKoiWiCcDlLW9f89G IA1Hr1tgcyfrioqjyQs9FmrxIZZ0abN1Fam8Dr4Cp28wOI4i0rwH73c/JQNvd7Av DJsJK4gjbBL6+Q== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:23 2025 by rpki-client