This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft File: bhWkM20vXhvWBzfelXlomSp0cOk.mft (raw, json) Hash identifier: H2PuYqjbnDjdiyQECi5xQMx4uXTuSLQp+uxu2iVT9Ng= Subject key identifier: 41:11:23:86:63:A7:2A:1A:CD:45:97:D1:18:23:6D:DB:A2:B6:98:0A Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9 Certificate issuer: /CN=6e15a4336d2f5e1bd60737de957968992a7470e9 Certificate serial: 019AF465A9960B58930CCC658FA896CEAAB4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 16:01:34 +0000 Manifest this update: Sat 06 Dec 2025 16:01:34 +0000 Manifest next update: Sun 07 Dec 2025 16:01:34 +0000 Files and hashes: 1: bhWkM20vXhvWBzfelXlomSp0cOk.crl (hash: VpMF/1Yok2h3o6MaA3dcmLDMETc5W218UyRHS16/vOg=) 2: zgsEDv3otZRAtHyWvGAv7rzQjXg.roa (hash: ZyzEtsDUzNfUy6YLDq0VYYYmMcE0twVe+0tLjGTigwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 16:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:a9:96:0b:58:93:0c:cc:65:8f:a8:96:ce:aa:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9 Validity Not Before: Dec 6 16:01:34 2025 GMT Not After : Dec 7 16:01:34 2025 GMT Subject: CN=4111238663a72a1acd4597d118236ddba2b6980a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:63:c4:b7:81:da:b1:65:07:d1:96:51:41:1d: ca:29:d8:9c:f0:a3:91:27:f4:8d:5f:a5:90:f0:e3: 10:e4:06:56:ab:b0:ae:dc:45:7e:42:f3:cb:b4:f7: c8:62:27:02:ba:b8:42:2d:c8:e9:a1:d1:d9:06:54: 72:a5:cf:4f:37:c1:ca:c5:c5:32:85:a8:e4:8c:ab: e8:fc:9b:79:e7:09:f7:70:0a:0c:98:69:81:8f:b9: 3c:23:ce:4c:c3:da:aa:a4:ae:d6:e2:c6:06:5c:1e: 5b:cc:d5:5e:a1:2b:ed:89:f7:91:47:10:4f:33:1e: 65:cc:76:25:f1:8f:fb:6f:7a:5a:55:a6:f2:67:98: d7:a2:d3:6d:b2:86:41:a2:af:9a:3d:eb:cc:a8:09: 00:9a:ca:3f:d6:86:52:d9:ab:ca:ba:c1:ec:dd:04: 77:f4:cb:13:c6:46:82:3e:aa:0c:03:21:2a:b7:57: e9:d9:b0:62:c5:1f:f2:24:6b:51:ff:a1:04:4a:a5: ad:e2:a4:29:5e:63:4b:1c:58:57:12:82:6d:80:3b: 07:fb:d9:5f:e9:10:7a:46:bc:a9:bd:8a:4b:f5:06: 47:3c:03:2c:85:6b:23:0a:9f:8a:90:1d:db:f9:83: df:10:5b:b8:c5:99:0c:c5:b3:58:4e:53:e9:f1:f3: e7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:11:23:86:63:A7:2A:1A:CD:45:97:D1:18:23:6D:DB:A2:B6:98:0A X509v3 Authority Key Identifier: keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:fb:fa:06:ad:88:e1:79:1a:72:c4:fa:b1:e7:0c:5b:b3:aa: d8:85:68:53:46:32:7e:c0:27:38:08:79:8c:d5:6d:e7:cd:c7: 22:15:9b:06:ec:f1:7c:27:18:c4:06:7f:17:4c:2a:f4:dd:92: 05:ef:b9:a7:52:82:dc:9e:95:20:82:5f:b2:cb:8c:80:b5:b1: be:fe:a1:af:49:2b:0a:d3:fc:ce:48:89:16:d8:8b:25:ea:5c: 08:ef:33:98:1f:c0:fb:b5:8e:c9:8f:f7:2c:fe:89:2b:91:23: 84:0b:c1:be:36:b6:0d:5a:0c:e8:2e:2a:f9:c9:80:63:2d:3b: a8:a9:34:39:21:c0:d1:42:6e:b6:80:52:bd:3e:f1:b8:6b:64: 74:9b:8f:e2:46:d3:eb:60:0c:46:ad:6b:a1:d3:9e:3e:1f:75: d3:a8:7f:12:d9:cc:bd:3a:7e:c5:2b:a6:4b:1c:62:44:38:74: 28:db:9e:a8:c1:53:e1:6a:2c:6b:e6:97:1c:38:d4:1f:5f:4f: 01:d7:e7:c6:e2:77:92:ac:10:9a:89:f1:28:b7:5d:07:a9:46: a3:73:c6:1e:60:5e:6c:cf:ad:b9:71:09:99:c9:9f:d2:c7:ba: 72:87:0e:da:b7:2b:7c:2c:2f:18:67:89:01:55:a6:6d:1d:79: dd:78:10:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZamWC1iTDMxlj6iWzqq0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3 NDcwZTkwHhcNMjUxMjA2MTYwMTM0WhcNMjUxMjA3MTYwMTM0WjAzMTEwLwYDVQQD Eyg0MTExMjM4NjYzYTcyYTFhY2Q0NTk3ZDExODIzNmRkYmEyYjY5ODBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmPEt4HasWUH0ZZRQR3KKdic8KOR J/SNX6WQ8OMQ5AZWq7Cu3EV+QvPLtPfIYicCurhCLcjpodHZBlRypc9PN8HKxcUy hajkjKvo/Jt55wn3cAoMmGmBj7k8I85Mw9qqpK7W4sYGXB5bzNVeoSvtifeRRxBP Mx5lzHYl8Y/7b3paVabyZ5jXotNtsoZBoq+aPevMqAkAmso/1oZS2avKusHs3QR3 9MsTxkaCPqoMAyEqt1fp2bBixR/yJGtR/6EESqWt4qQpXmNLHFhXEoJtgDsH+9lf 6RB6RrypvYpL9QZHPAMshWsjCp+KkB3b+YPfEFu4xZkMxbNYTlPp8fPn+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEERI4ZjpyoazUWX0RgjbduitpgKMB8GA1UdIwQY MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt OGQ1MjQ2YTIwMjQ1LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1 LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPv6Bq2I 4XkacsT6secMW7Oq2IVoU0YyfsAnOAh5jNVt583HIhWbBuzxfCcYxAZ/F0wq9N2S Be+5p1KC3J6VIIJfssuMgLWxvv6hr0krCtP8zkiJFtiLJepcCO8zmB/A+7WOyY/3 LP6JK5EjhAvBvja2DVoM6C4q+cmAYy07qKk0OSHA0UJutoBSvT7xuGtkdJuP4kbT 62AMRq1rodOePh9106h/EtnMvTp+xSumSxxiRDh0KNueqMFT4Wosa+aXHDjUH19P AdfnxuJ3kqwQmonxKLddB6lGo3PGHmBebM+tuXEJmcmf0se6cocO2rcrfCwvGGeJ AVWmbR153XgQXA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:54:52 2025 by rpki-client