This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft File: BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json) Hash identifier: JL9NuALsp70+XoUiUM0fbAMrLX1BX/i+OR3UqFXsT+M= Subject key identifier: 93:DE:F5:F8:81:B6:04:C9:73:D2:9F:DC:B4:C4:36:20:43:FC:08:0B Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6 Certificate issuer: /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6 Certificate serial: 019AF31C27F9B597518A39C06B265AABD4F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft Manifest number: 0DBA Signing time: Sat 06 Dec 2025 10:01:39 +0000 Manifest this update: Sat 06 Dec 2025 10:01:39 +0000 Manifest next update: Sun 07 Dec 2025 10:01:39 +0000 Files and hashes: 1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: KWqQD6WW5Et7RE8X2owEaxQmK7ptDjlkEEcQljcEysE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:27:f9:b5:97:51:8a:39:c0:6b:26:5a:ab:d4:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6 Validity Not Before: Dec 6 10:01:39 2025 GMT Not After : Dec 7 10:01:39 2025 GMT Subject: CN=93def5f881b604c973d29fdcb4c4362043fc080b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:36:58:b3:db:a0:f6:c7:b9:86:b4:5a:c9:36: ee:12:26:41:e0:a6:bc:41:bc:3f:74:e8:69:20:1f: 80:5c:89:d5:21:ce:54:b5:1a:ff:7d:6d:f5:5d:4f: eb:ce:b3:4b:54:5e:b5:1f:23:52:f3:b5:1c:11:6e: e7:1a:64:fe:0c:81:e1:5b:63:f1:8b:15:ee:1b:70: 2a:36:f1:69:b2:cf:81:2c:d9:c9:8a:61:34:f0:e5: 0b:94:96:b5:af:83:95:ef:03:a1:9e:7e:49:6b:cd: 4e:b9:3f:3a:57:e2:7d:98:1b:9d:d8:d0:f4:68:50: e1:63:f6:61:e5:b5:37:f2:5c:f7:91:f5:57:8b:5b: 6a:cf:84:ab:2f:f1:cc:3b:39:c0:ae:3a:af:d5:12: e8:89:57:79:ff:90:53:e9:f6:4c:24:5a:71:75:b9: 4a:51:9f:47:eb:8b:f7:0a:d2:91:da:02:53:7f:2c: 05:cd:49:51:41:9c:3e:2d:99:eb:5d:ac:10:b1:f8: ac:0b:4c:09:a8:85:e5:ef:0b:43:67:de:62:31:c5: fa:25:b8:6e:d2:b8:93:c9:95:ba:a9:9b:24:e7:74: a8:c4:9b:d8:e2:07:dd:5b:91:9b:6b:82:ff:81:0f: 75:b4:f1:db:92:3e:0e:5a:ee:74:90:d2:b0:e1:67: 91:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:DE:F5:F8:81:B6:04:C9:73:D2:9F:DC:B4:C4:36:20:43:FC:08:0B X509v3 Authority Key Identifier: keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:c5:19:b8:61:b0:70:ae:17:b2:6a:87:f9:6d:11:29:07:63: d1:a1:2a:bb:f8:0b:dd:89:f4:80:c5:fc:21:48:d1:c1:ad:12: b1:5d:51:49:46:54:aa:d7:2d:19:cd:d7:ae:cb:7f:0f:4b:00: 18:5c:36:33:7c:4b:9b:4a:c1:d6:36:9f:3e:3a:24:d6:52:80: 07:a9:23:ff:6a:38:a7:dd:fb:ae:3d:95:98:a4:69:c3:58:a4: f4:b1:35:5d:24:0d:dc:ca:ad:f2:1c:de:da:af:e2:b7:e9:83: 16:a7:16:77:d4:60:bd:23:d8:49:14:16:a2:14:b8:1c:c1:9e: 1c:3b:6f:1b:07:99:43:16:eb:67:9c:89:dc:cc:d7:d5:d1:14: 0f:3e:54:e7:62:f2:22:96:79:8b:d9:52:5b:7c:9d:f9:24:99: d8:2b:52:1c:f9:e8:2a:fb:1c:08:0c:36:2e:a2:a9:12:75:12: 89:86:42:78:ba:9e:a1:08:a1:7b:6f:1b:95:ea:d5:d0:73:ca: c7:2f:7e:4b:2e:34:17:5c:5d:5f:f9:a0:f3:d6:3d:73:d7:52: 3f:c1:03:30:ea:52:10:83:97:02:ec:59:58:99:63:4e:99:f5: 2d:d5:3e:3b:9f:28:e9:b4:e7:19:df:cb:ae:8f:f1:41:8a:a1: c7:c1:7c:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHCf5tZdRijnAayZaq9T1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz ZWQ0ZTYwHhcNMjUxMjA2MTAwMTM5WhcNMjUxMjA3MTAwMTM5WjAzMTEwLwYDVQQD Eyg5M2RlZjVmODgxYjYwNGM5NzNkMjlmZGNiNGM0MzYyMDQzZmMwODBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTZYs9ug9se5hrRayTbuEiZB4Ka8 Qbw/dOhpIB+AXInVIc5UtRr/fW31XU/rzrNLVF61HyNS87UcEW7nGmT+DIHhW2Px ixXuG3AqNvFpss+BLNnJimE08OULlJa1r4OV7wOhnn5Ja81OuT86V+J9mBud2ND0 aFDhY/Zh5bU38lz3kfVXi1tqz4SrL/HMOznArjqv1RLoiVd5/5BT6fZMJFpxdblK UZ9H64v3CtKR2gJTfywFzUlRQZw+LZnrXawQsfisC0wJqIXl7wtDZ95iMcX6Jbhu 0riTyZW6qZsk53SoxJvY4gfdW5Gba4L/gQ91tPHbkj4OWu50kNKw4WeR8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJPe9fiBtgTJc9Kf3LTENiBD/AgLMB8GA1UdIwQY MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8UZuGGw cK4XsmqH+W0RKQdj0aEqu/gL3Yn0gMX8IUjRwa0SsV1RSUZUqtctGc3Xrst/D0sA GFw2M3xLm0rB1jafPjok1lKAB6kj/2o4p937rj2VmKRpw1ik9LE1XSQN3Mqt8hze 2q/it+mDFqcWd9RgvSPYSRQWohS4HMGeHDtvGweZQxbrZ5yJ3MzX1dEUDz5U52Ly IpZ5i9lSW3yd+SSZ2CtSHPnoKvscCAw2LqKpEnUSiYZCeLqeoQihe28blerV0HPK xy9+Sy40F1xdX/mg89Y9c9dSP8EDMOpSEIOXAuxZWJljTpn1LdU+O58o6bTnGd/L ro/xQYqhx8F8AQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:18:52 2025 by rpki-client