This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft File: BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json) Hash identifier: NPwLV/3uu+qPic62wPN/cTqPtfBuO2MnKpvS+yRQ5ms= Subject key identifier: BF:F2:D1:87:12:F0:4A:07:FC:4E:8B:5E:1E:62:71:23:F8:DC:D5:99 Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF Certificate issuer: /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf Certificate serial: 019AF2ADBD7D77A475F74E97C1AE697EC731 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft Manifest number: 03C6 Signing time: Sat 06 Dec 2025 08:01:03 +0000 Manifest this update: Sat 06 Dec 2025 08:01:03 +0000 Manifest next update: Sun 07 Dec 2025 08:01:03 +0000 Files and hashes: 1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: Rp5cQgc7j6Tt9pwSokT3HaxKx1ggWNVeN4que9MH0uk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:bd:7d:77:a4:75:f7:4e:97:c1:ae:69:7e:c7:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf Validity Not Before: Dec 6 08:01:03 2025 GMT Not After : Dec 7 08:01:03 2025 GMT Subject: CN=bff2d18712f04a07fc4e8b5e1e627123f8dcd599 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:49:39:2c:80:ec:cc:51:0b:bc:ea:ee:0c: d9:80:b4:70:cf:59:d5:85:47:76:fc:17:a5:16:52: 7f:03:e4:03:d4:0a:95:c2:89:55:23:5a:ee:55:26: b1:0b:b5:bf:32:a7:02:e9:68:ae:3e:48:83:1b:4f: 7b:f1:b7:e8:c7:63:01:23:c5:33:60:24:ee:42:e1: 49:6f:b8:d9:88:47:cc:2e:2e:65:84:17:0f:e0:25: 04:69:2d:99:c1:25:d0:7c:e3:85:ae:4a:4f:e3:c2: ba:d5:cc:62:62:ba:c0:b3:ad:75:38:90:e8:b4:b2: bb:40:8b:24:da:3d:fd:fd:2b:bf:4a:e3:d5:65:ef: d9:bb:aa:79:25:33:27:ae:d3:ac:71:35:0f:21:06: 48:63:07:77:c7:ce:06:b5:1c:c8:86:d4:a2:8e:d5: f7:d6:ba:91:9c:5c:a7:99:5d:e5:c0:4e:be:f0:f5: 0b:71:ab:8e:dd:bd:f0:77:ea:46:5e:38:26:a7:d9: 06:5f:ae:69:96:63:2d:2e:47:0a:b5:4d:62:59:b7: 17:8c:e5:b6:d9:06:82:49:7b:e8:5a:8a:3e:2d:4c: 79:7e:58:47:16:e2:c0:05:67:3d:43:bd:b4:16:9e: 14:a2:4f:fd:f6:07:3d:1a:dc:48:65:10:ce:6a:01: 9e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:F2:D1:87:12:F0:4A:07:FC:4E:8B:5E:1E:62:71:23:F8:DC:D5:99 X509v3 Authority Key Identifier: keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:0b:4b:3d:9f:e4:58:e4:57:b1:c9:79:21:d0:0b:f0:d6:cf: 5e:91:87:4a:03:99:de:0e:e0:6a:79:8f:ce:30:06:85:e3:c0: 71:6b:ea:98:6f:c0:93:4d:6e:1c:7f:7c:97:26:10:c1:e9:6a: 91:f0:3a:9f:cb:f5:47:fe:15:c9:8a:8e:d3:50:e3:18:70:6d: 4e:2d:58:60:2c:a8:0a:27:1d:fc:4d:02:dd:aa:66:72:77:24: 57:a8:fc:de:1d:89:41:9e:af:b0:e7:f1:c3:de:0c:30:d1:cb: 54:13:fc:15:53:77:ca:3d:14:95:ef:f5:fa:79:fe:06:0c:c6: 55:c3:ae:72:6c:11:7e:6b:6b:80:cf:a1:45:b8:02:d1:da:90: 0b:e1:71:54:f4:11:5a:53:94:bf:db:ba:24:f4:be:aa:79:26: 2e:37:21:79:6c:1a:38:31:1c:c3:82:a1:6d:f4:55:c0:4d:ba: 0c:8c:58:9a:d9:bc:bf:33:e2:0f:08:6b:0d:f4:98:c5:67:0a: 59:75:77:87:1c:95:99:ff:00:4e:d3:71:85:d9:e5:d6:85:42: df:d2:35:d0:26:96:3e:a3:05:59:04:f2:cb:d9:ff:77:48:f1: 03:96:9c:02:e8:5d:c7:29:ac:b4:89:23:d4:b7:f9:d7:ec:51: d1:f4:de:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrb19d6R1906Xwa5pfscxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0 YzdkYmYwHhcNMjUxMjA2MDgwMTAzWhcNMjUxMjA3MDgwMTAzWjAzMTEwLwYDVQQD EyhiZmYyZDE4NzEyZjA0YTA3ZmM0ZThiNWUxZTYyNzEyM2Y4ZGNkNTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNVJOSyA7MxRC7zq7gzZgLRwz1nV hUd2/BelFlJ/A+QD1AqVwolVI1ruVSaxC7W/MqcC6WiuPkiDG0978bfox2MBI8Uz YCTuQuFJb7jZiEfMLi5lhBcP4CUEaS2ZwSXQfOOFrkpP48K61cxiYrrAs611OJDo tLK7QIsk2j39/Su/SuPVZe/Zu6p5JTMnrtOscTUPIQZIYwd3x84GtRzIhtSijtX3 1rqRnFynmV3lwE6+8PULcauO3b3wd+pGXjgmp9kGX65plmMtLkcKtU1iWbcXjOW2 2QaCSXvoWoo+LUx5flhHFuLABWc9Q720Fp4Uok/99gc9GtxIZRDOagGe7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/y0YcS8EoH/E6LXh5icSP43NWZMB8GA1UdIwQY MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjAtLPZ/k WORXscl5IdAL8NbPXpGHSgOZ3g7ganmPzjAGhePAcWvqmG/Ak01uHH98lyYQwelq kfA6n8v1R/4VyYqO01DjGHBtTi1YYCyoCicd/E0C3apmcnckV6j83h2JQZ6vsOfx w94MMNHLVBP8FVN3yj0Ule/1+nn+BgzGVcOucmwRfmtrgM+hRbgC0dqQC+FxVPQR WlOUv9u6JPS+qnkmLjcheWwaODEcw4KhbfRVwE26DIxYmtm8vzPiDwhrDfSYxWcK WXV3hxyVmf8ATtNxhdnl1oVC39I10CaWPqMFWQTyy9n/d0jxA5acAuhdxymstIkj 1Lf51+xR0fTeTA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:08:30 2025 by rpki-client