This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json) Hash identifier: TEaziTqYG+0pHSnMqATgV3qB0E/m2Y/vT1Qny7Dk4V8= Subject key identifier: B4:A3:CD:E3:53:51:3F:8F:51:30:F4:85:BD:9E:29:7E:FD:EA:0C:A2 Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990 Certificate serial: 019AF23F64936DA2497D94D9956B27FF3A06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft Manifest number: 161E Signing time: Sat 06 Dec 2025 06:00:31 +0000 Manifest this update: Sat 06 Dec 2025 06:00:31 +0000 Manifest next update: Sun 07 Dec 2025 06:00:31 +0000 Files and hashes: 1: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: Wt+RCwK0emDQy62wcJwvbM4ERw5S5EJd2XXSyAxvLYU=) 2: RyM0TaDcy3MATcF4kZgnomIhcSc.roa (hash: u1hwu96g0Ti3Leptf/8mOz/le6P/VB383vy/UE8/YqQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:64:93:6d:a2:49:7d:94:d9:95:6b:27:ff:3a:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=059f516802c261309a61048772e6eafd5867a990 Validity Not Before: Dec 6 06:00:31 2025 GMT Not After : Dec 7 06:00:31 2025 GMT Subject: CN=b4a3cde353513f8f5130f485bd9e297efdea0ca2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:86:57:db:89:dd:c5:72:e6:84:7e:a1:0b:3e: 46:a6:29:4e:16:bf:4a:9d:db:2c:22:91:c6:f7:e7: 49:5b:21:48:1b:f8:33:f7:b3:43:41:40:9c:a6:b5: 3d:3e:3c:23:d8:56:1c:e2:8d:6a:c8:77:a7:19:db: cb:ed:00:71:c2:77:d7:f2:8a:fc:8e:29:9f:5e:6f: bf:bd:4e:e1:58:2d:28:bf:0b:d8:d8:a7:d9:ee:76: c1:8b:b0:dc:08:45:98:9d:3e:81:52:71:0f:a5:e0: c0:73:ae:b3:81:56:99:f3:46:f4:e4:5f:db:98:cc: 55:b4:38:32:7e:37:ae:e5:1b:04:6f:64:cf:2b:1e: 58:5e:8b:7a:3e:a4:50:4c:31:de:a4:e1:0c:db:3d: 56:ed:58:9d:f4:e6:07:95:e2:8d:29:2f:84:3f:7f: 8f:a9:48:82:35:e9:16:59:34:e7:12:cd:b5:5b:a1: 48:c8:d8:ec:4a:c8:d6:16:23:b1:ae:d3:e4:ea:2e: 5d:7a:da:92:61:58:91:f0:9c:b9:85:8f:e6:84:29: 7b:c6:3a:91:fc:b1:e0:3c:35:fb:a6:55:60:ef:28: 81:8c:09:08:10:58:dc:25:e8:b2:d4:af:37:9b:f0: 42:a6:c2:79:e6:d8:a9:b5:31:51:5e:d2:c3:42:e0: 62:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:A3:CD:E3:53:51:3F:8F:51:30:F4:85:BD:9E:29:7E:FD:EA:0C:A2 X509v3 Authority Key Identifier: keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:12:19:e0:6f:3e:40:7f:6b:8c:4d:ee:af:4d:f0:08:bd:69: f0:90:d6:1f:a9:48:f7:f3:01:70:15:7c:f4:0f:f4:35:48:fa: a8:ed:73:bd:52:1c:2c:86:6e:15:ac:d8:c9:db:35:6c:23:43: 22:57:f9:7d:65:46:30:b3:61:98:a3:52:d8:89:43:8e:bc:c5: 58:af:5d:3c:7a:b6:f6:3c:08:ca:56:43:14:49:b1:52:12:be: 10:db:fe:4f:c0:37:a4:72:91:59:fa:fc:60:04:9c:03:f4:84: 14:cc:49:a7:f9:3a:51:72:b7:76:b7:43:7d:b1:e9:2e:af:41: c8:1c:10:db:c4:cd:a7:fb:6c:f1:bb:1b:7d:f0:7b:ec:59:b1: 9e:7c:20:65:68:33:c3:68:4c:d2:bb:9d:e5:68:2a:db:fb:03: 3b:df:a5:da:ff:74:ae:44:f0:c9:99:e4:d1:06:0a:33:37:78: 09:1a:2e:ec:c5:84:f9:02:6a:73:4d:f4:3b:31:61:0a:0d:01: 2f:dd:b7:9b:97:aa:02:bc:d2:84:7b:56:00:91:89:ac:ae:9e: 64:6f:fd:5d:39:1f:00:77:7f:a8:72:91:ab:65:38:05:95:71: 38:c6:34:eb:f2:dd:2d:65:26:87:f3:29:51:cb:67:27:8d:bb: d0:82:ca:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2STbaJJfZTZlWsn/zoGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2 N2E5OTAwHhcNMjUxMjA2MDYwMDMxWhcNMjUxMjA3MDYwMDMxWjAzMTEwLwYDVQQD EyhiNGEzY2RlMzUzNTEzZjhmNTEzMGY0ODViZDllMjk3ZWZkZWEwY2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoZX24ndxXLmhH6hCz5GpilOFr9K ndssIpHG9+dJWyFIG/gz97NDQUCcprU9Pjwj2FYc4o1qyHenGdvL7QBxwnfX8or8 jimfXm+/vU7hWC0ovwvY2KfZ7nbBi7DcCEWYnT6BUnEPpeDAc66zgVaZ80b05F/b mMxVtDgyfjeu5RsEb2TPKx5YXot6PqRQTDHepOEM2z1W7Vid9OYHleKNKS+EP3+P qUiCNekWWTTnEs21W6FIyNjsSsjWFiOxrtPk6i5detqSYViR8Jy5hY/mhCl7xjqR /LHgPDX7plVg7yiBjAkIEFjcJeiy1K83m/BCpsJ55tiptTFRXtLDQuBiywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSjzeNTUT+PUTD0hb2eKX796gyiMB8GA1UdIwQY MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhIZ4G8+ QH9rjE3ur03wCL1p8JDWH6lI9/MBcBV89A/0NUj6qO1zvVIcLIZuFazYyds1bCND Ilf5fWVGMLNhmKNS2IlDjrzFWK9dPHq29jwIylZDFEmxUhK+ENv+T8A3pHKRWfr8 YAScA/SEFMxJp/k6UXK3drdDfbHpLq9ByBwQ28TNp/ts8bsbffB77FmxnnwgZWgz w2hM0rud5Wgq2/sDO9+l2v90rkTwyZnk0QYKMzd4CRou7MWE+QJqc030OzFhCg0B L923m5eqArzShHtWAJGJrK6eZG/9XTkfAHd/qHKRq2U4BZVxOMY06/LdLWUmh/Mp UctnJ4270ILKKA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:23:19 2025 by rpki-client