This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft File: BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json) Hash identifier: V42L4FQcllayiKQWKVIkQJsjiGoPEaR0u5rSqrgyeDk= Subject key identifier: 27:D2:F6:21:E2:95:09:6B:90:E3:4E:F9:AC:65:F9:A9:B3:19:88:AB Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6 Certificate issuer: /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6 Certificate serial: 019B3C7EB967185F1B99ECA111FA01889931 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft Manifest number: 0DE0 Signing time: Sat 20 Dec 2025 16:01:36 +0000 Manifest this update: Sat 20 Dec 2025 16:01:36 +0000 Manifest next update: Sun 21 Dec 2025 16:01:36 +0000 Files and hashes: 1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: r2o0CTzGj/jgw7aUkhBF6mrs8zDFweFJ/gljSgA879Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:b9:67:18:5f:1b:99:ec:a1:11:fa:01:88:99:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6 Validity Not Before: Dec 20 16:01:36 2025 GMT Not After : Dec 21 16:01:36 2025 GMT Subject: CN=27d2f621e295096b90e34ef9ac65f9a9b31988ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a7:76:6d:eb:7f:fd:46:91:44:91:ba:88:57: a5:db:79:7f:32:1d:03:f3:52:09:dc:e2:e6:c2:8d: 90:4a:60:38:16:f9:d7:53:5c:b0:d9:f3:a1:69:17: 93:42:e2:b0:3d:10:60:d6:a5:bc:08:a5:e6:41:a1: a3:a8:cc:1d:40:a9:ef:8e:fa:28:46:bf:90:eb:61: ca:86:34:95:b1:b1:c8:25:70:f5:06:7d:b2:30:86: e5:2b:01:cd:aa:3f:24:a8:be:75:bb:db:fc:e0:61: 58:fb:cf:14:5d:3b:e0:b0:2d:3c:86:38:e1:5e:cc: 6f:48:2e:fe:68:9c:93:eb:26:96:61:2b:ee:23:01: ad:b8:46:ea:2c:2b:ee:ac:d7:c5:d3:e8:7a:b2:42: b2:db:c8:37:20:1d:4b:96:01:09:d6:d5:db:d6:9b: e9:1b:78:c4:66:36:b7:4e:83:a6:b3:2a:80:0d:48: 31:be:98:9a:b3:6e:8c:f0:f9:94:c5:21:07:3b:da: 70:a2:55:bc:9d:5e:12:52:99:07:99:a2:3e:53:a3: ed:94:05:b4:ae:93:45:32:70:d7:77:b2:2c:b2:80: 41:bf:5f:55:53:f7:01:d1:a5:06:bc:71:e0:ed:59: 8c:4b:59:42:72:4c:da:66:9e:9f:53:76:5f:67:d5: 48:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:D2:F6:21:E2:95:09:6B:90:E3:4E:F9:AC:65:F9:A9:B3:19:88:AB X509v3 Authority Key Identifier: keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:88:b2:a7:28:b5:65:de:c4:06:0d:cd:b6:a0:5c:9a:12:fb: 53:63:40:a4:23:4d:ca:d1:c8:17:dd:f8:6b:de:bb:c5:23:63: b4:f0:8d:27:94:df:5e:a7:5c:5d:70:ff:03:80:f7:1e:50:ee: 8c:5a:34:36:8d:4e:bd:63:1b:76:f0:7f:3a:05:22:9e:ee:bd: a3:d8:0c:30:75:df:eb:15:54:a0:c1:2c:ca:a7:90:73:19:0d: 98:d0:62:bb:4a:a0:fb:ac:a0:50:7c:8c:c4:d0:6a:a5:88:ea: 0d:3c:e5:cc:34:19:a6:d5:c8:36:49:84:a1:1e:06:f4:3d:69: 05:b5:2b:3b:2e:94:fd:0e:32:46:51:b4:de:f1:96:3c:4a:e0: cf:86:83:fa:5b:5f:d0:5f:df:74:9c:c2:b9:bc:99:17:f5:fc: 42:c7:b6:d6:72:2c:7f:78:03:0e:fd:65:54:64:b3:bc:04:c2: 13:a2:ff:53:08:43:5f:92:03:bf:59:f8:94:90:6e:64:a3:16: 83:ba:92:4a:1b:70:1f:a6:e7:c0:63:2e:e3:b4:dc:f6:85:3f: 47:bc:12:5e:b3:42:30:64:eb:a1:1f:3c:2f:ef:cf:18:b0:24: 8e:e1:23:06:cb:6f:37:11:6a:67:87:5a:ed:36:e6:04:a5:22: 16:85:6e:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8frlnGF8bmeyhEfoBiJkxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz ZWQ0ZTYwHhcNMjUxMjIwMTYwMTM2WhcNMjUxMjIxMTYwMTM2WjAzMTEwLwYDVQQD EygyN2QyZjYyMWUyOTUwOTZiOTBlMzRlZjlhYzY1ZjlhOWIzMTk4OGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqd2bet//UaRRJG6iFel23l/Mh0D 81IJ3OLmwo2QSmA4FvnXU1yw2fOhaReTQuKwPRBg1qW8CKXmQaGjqMwdQKnvjvoo Rr+Q62HKhjSVsbHIJXD1Bn2yMIblKwHNqj8kqL51u9v84GFY+88UXTvgsC08hjjh XsxvSC7+aJyT6yaWYSvuIwGtuEbqLCvurNfF0+h6skKy28g3IB1LlgEJ1tXb1pvp G3jEZja3ToOmsyqADUgxvpias26M8PmUxSEHO9pwolW8nV4SUpkHmaI+U6PtlAW0 rpNFMnDXd7IssoBBv19VU/cB0aUGvHHg7VmMS1lCckzaZp6fU3ZfZ9VIjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCfS9iHilQlrkONO+axl+amzGYirMB8GA1UdIwQY MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKIiypyi1 Zd7EBg3NtqBcmhL7U2NApCNNytHIF934a967xSNjtPCNJ5TfXqdcXXD/A4D3HlDu jFo0No1OvWMbdvB/OgUinu69o9gMMHXf6xVUoMEsyqeQcxkNmNBiu0qg+6ygUHyM xNBqpYjqDTzlzDQZptXINkmEoR4G9D1pBbUrOy6U/Q4yRlG03vGWPErgz4aD+ltf 0F/fdJzCubyZF/X8Qse21nIsf3gDDv1lVGSzvATCE6L/UwhDX5IDv1n4lJBuZKMW g7qSShtwH6bnwGMu47Tc9oU/R7wSXrNCMGTroR88L+/PGLAkjuEjBstvNxFqZ4da 7TbmBKUiFoVugw== -----END CERTIFICATE-----Generated at Sat Dec 20 20:29:45 2025 by rpki-client