This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft File: bfhqH1cK4xUpAiqk9h79nsK5fQU.mft (raw, json) Hash identifier: azjDZZOZjxuYOYmpdhv0lzcxdIKTi0VLFhfyTyC4WPU= Subject key identifier: CA:65:05:D0:2C:0A:5C:6D:0B:44:BD:15:E9:DE:D2:28:D8:DB:CD:D1 Authority key identifier: 6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05 Certificate issuer: /CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05 Certificate serial: 019AF31BD97532C3860B535A31B0611C9E0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft Manifest number: 15DD Signing time: Sat 06 Dec 2025 10:01:19 +0000 Manifest this update: Sat 06 Dec 2025 10:01:19 +0000 Manifest next update: Sun 07 Dec 2025 10:01:19 +0000 Files and hashes: 1: BpLbGApyHXLB4qqgJyw3nGH9lH0.roa (hash: 4AoUx/2M994KEwtEdAKInOt11G1446xmTonI1qJPrOg=) 2: bfhqH1cK4xUpAiqk9h79nsK5fQU.crl (hash: MrK+3p3XBgdBJN16YurGHTU7eOvWcBM6c0jgupnTRWk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:d9:75:32:c3:86:0b:53:5a:31:b0:61:1c:9e:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05 Validity Not Before: Dec 6 10:01:19 2025 GMT Not After : Dec 7 10:01:19 2025 GMT Subject: CN=ca6505d02c0a5c6d0b44bd15e9ded228d8dbcdd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f7:55:fc:5f:05:9d:94:4e:c7:56:18:c9:e3: 2d:8d:12:bf:97:5d:7a:18:4d:c0:05:2a:ab:1a:ea: 15:88:b8:4f:bb:95:bf:fd:96:94:eb:ff:77:98:6b: c0:86:96:57:fd:e6:fb:66:33:8e:98:48:f5:dc:ad: 5e:5e:6b:05:dd:cf:48:ee:b3:21:43:ef:1b:32:92: 47:51:c7:60:be:ac:e2:5e:17:59:b4:09:6c:c0:5a: cb:35:b0:27:72:5a:fe:36:33:9e:a6:ec:75:f6:04: f5:9d:6b:a2:0d:7c:ee:e4:28:10:a0:95:a0:4c:bb: 90:6e:4c:91:bb:f2:f0:11:06:bc:2a:3a:a1:01:1d: b6:3a:3d:a9:50:d2:84:42:42:07:43:ea:7f:11:80: 9f:75:65:9a:a6:87:b1:d6:f7:e2:c8:db:10:b2:80: df:51:b7:c2:98:6a:26:e0:33:97:5a:26:52:76:1e: eb:13:c8:72:71:3d:55:18:a6:76:6e:3f:c3:d4:e1: f3:d5:f1:4b:12:58:41:d5:82:55:88:63:19:72:9e: f6:0b:21:66:b2:dc:af:e4:7f:82:00:7e:b8:ed:6a: e2:c8:30:e8:4b:ec:b2:a7:af:19:a1:3c:b9:96:92: 44:68:f5:c0:3b:1c:42:4d:4e:fa:da:4a:44:c9:35: 17:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:65:05:D0:2C:0A:5C:6D:0B:44:BD:15:E9:DE:D2:28:D8:DB:CD:D1 X509v3 Authority Key Identifier: keyid:6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:92:3c:52:6f:9e:ea:58:bc:7d:2c:71:68:90:ea:24:04:d3: 34:22:52:fa:c5:7b:f1:e8:f1:d5:91:ee:74:bd:81:71:b1:3c: 99:7b:d5:70:5b:31:39:8d:db:f8:4a:2b:23:5e:cf:35:1e:0e: 53:90:23:d4:67:fe:4e:5b:5e:02:67:a6:ee:fa:10:eb:1d:9e: 56:4f:bb:66:18:46:f2:0a:e7:b7:a6:fa:f3:62:5e:72:12:f5: 0c:40:14:ce:c4:82:cb:43:88:1f:67:07:f1:a0:fa:dd:2a:f5: 7c:d0:36:da:f6:93:b2:36:24:4d:f4:ca:2f:b9:bf:d6:07:79: 3a:bd:c6:66:3d:7b:c1:d2:dc:00:a9:03:dd:c5:25:49:54:6f: aa:c9:1e:b5:11:20:52:cc:74:2c:c8:9d:db:7e:33:3c:1a:46: dc:f2:44:73:33:3d:5f:46:ac:ab:33:64:0e:4e:0e:67:1a:a0: 9e:be:5f:ec:15:d2:4c:8a:b8:9c:a0:a1:f5:b4:ae:1d:3f:5c: 9a:e3:7b:47:9d:32:d0:85:fa:c2:43:58:f4:e2:ad:4c:7c:4b: 8d:c8:49:0f:6c:cb:96:40:80:37:82:b1:55:b2:35:2f:b6:33: 29:2b:2e:a4:92:07:16:24:65:5e:a1:81:cc:35:b5:47:19:9c: 30:c4:e0:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG9l1MsOGC1NaMbBhHJ4MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZjg2YTFmNTcwYWUzMTUyOTAyMmFhNGY2MWVmZDllYzJi OTdkMDUwHhcNMjUxMjA2MTAwMTE5WhcNMjUxMjA3MTAwMTE5WjAzMTEwLwYDVQQD EyhjYTY1MDVkMDJjMGE1YzZkMGI0NGJkMTVlOWRlZDIyOGQ4ZGJjZGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfdV/F8FnZROx1YYyeMtjRK/l116 GE3ABSqrGuoViLhPu5W//ZaU6/93mGvAhpZX/eb7ZjOOmEj13K1eXmsF3c9I7rMh Q+8bMpJHUcdgvqziXhdZtAlswFrLNbAnclr+NjOepux19gT1nWuiDXzu5CgQoJWg TLuQbkyRu/LwEQa8KjqhAR22Oj2pUNKEQkIHQ+p/EYCfdWWapoex1vfiyNsQsoDf UbfCmGom4DOXWiZSdh7rE8hycT1VGKZ2bj/D1OHz1fFLElhB1YJViGMZcp72CyFm styv5H+CAH647WriyDDoS+yyp68ZoTy5lpJEaPXAOxxCTU762kpEyTUXHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMplBdAsClxtC0S9Fene0ijY283RMB8GA1UdIwQY MBaAFG34ah9XCuMVKQIqpPYe/Z7CuX0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEt N2FhYzJkODQ3OTU1LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEtN2FhYzJkODQ3OTU1 LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZI8Um+e 6li8fSxxaJDqJATTNCJS+sV78ejx1ZHudL2BcbE8mXvVcFsxOY3b+EorI17PNR4O U5Aj1Gf+TlteAmem7voQ6x2eVk+7ZhhG8grnt6b682JechL1DEAUzsSCy0OIH2cH 8aD63Sr1fNA22vaTsjYkTfTKL7m/1gd5Or3GZj17wdLcAKkD3cUlSVRvqsketREg Usx0LMid234zPBpG3PJEczM9X0asqzNkDk4OZxqgnr5f7BXSTIq4nKCh9bSuHT9c muN7R50y0IX6wkNY9OKtTHxLjchJD2zLlkCAN4KxVbI1L7YzKSsupJIHFiRlXqGB zDW1RxmcMMTgdA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:33:46 2025 by rpki-client