This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft File: bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json) Hash identifier: +mTLfXh7NUKRLQGCXOe84u0wLHIZMipuAktzQ2srV38= Subject key identifier: E8:69:27:AD:B9:9C:01:B2:B6:7D:1B:16:23:06:36:08:84:4A:AA:C2 Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5 Certificate issuer: /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5 Certificate serial: 019AF19AF389727BDCAB1998A26104CBD257 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 03:00:55 +0000 Manifest this update: Sat 06 Dec 2025 03:00:55 +0000 Manifest next update: Sun 07 Dec 2025 03:00:55 +0000 Files and hashes: 1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: UCl382+l8oPT1rTe+yX3QOHWhlkUD8YKkkmU9ZYEuHw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:f3:89:72:7b:dc:ab:19:98:a2:61:04:cb:d2:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5 Validity Not Before: Dec 6 03:00:55 2025 GMT Not After : Dec 7 03:00:55 2025 GMT Subject: CN=e86927adb99c01b2b67d1b1623063608844aaac2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:91:0f:d4:06:60:13:12:41:7a:46:80:6c:29: c8:92:83:47:ba:0b:34:55:b9:13:ed:65:86:51:b5: 82:d7:42:1b:ab:db:4a:61:ec:97:7c:db:0c:e0:f2: 1a:6c:e9:ae:09:5a:ca:47:5e:f9:33:8a:a0:1c:ec: 30:92:c8:8f:5a:04:88:17:d6:29:b0:b2:11:75:ff: 85:b1:64:44:f7:9e:fb:30:16:56:82:d9:c7:c2:dd: 30:1d:a6:bd:ac:9e:4f:e2:cb:af:d8:c6:98:0e:7a: 30:f3:b7:f6:28:e6:81:6a:e0:c9:3e:52:84:ff:d0: cf:f2:12:f6:e2:72:80:b6:4a:ba:a4:af:f5:1d:19: f2:f3:e6:01:20:91:7a:28:71:99:12:0f:06:70:9e: 9a:fc:ba:ae:64:59:9d:5c:75:16:21:2f:65:c7:df: f6:d8:1f:47:84:41:b7:b2:8b:d8:0b:20:88:24:b4: d2:dd:8b:65:5a:7a:d8:c1:f8:fc:de:8f:10:c2:0d: 05:dc:1e:24:ea:e5:10:13:5b:2c:02:1e:cb:cd:fc: bc:c2:85:8f:d4:e4:e8:22:a3:4a:b3:d7:f5:16:c2: 4d:10:80:2c:b8:f9:74:a9:de:bc:15:c1:51:73:b5: 65:d0:a9:60:c6:d2:c3:9d:ae:c2:0b:07:09:ba:04: 62:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:69:27:AD:B9:9C:01:B2:B6:7D:1B:16:23:06:36:08:84:4A:AA:C2 X509v3 Authority Key Identifier: keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:f3:88:15:8e:52:cd:c7:2e:af:3f:3c:7c:b4:21:b7:c6:9e: 1d:08:35:23:5f:e2:65:c7:b7:3b:fe:4c:60:15:4a:d5:bf:24: b1:e8:e7:a5:da:17:a4:c5:c3:b4:de:ab:90:44:7f:1a:ef:87: a9:c6:04:46:bf:89:ff:30:75:96:d6:df:fe:6f:4d:68:c5:8d: a0:7b:98:d2:7e:a3:11:28:32:e4:1a:18:6a:d6:6d:d7:24:d5: 0d:d6:96:55:2b:21:f0:41:4f:75:bd:7e:19:1c:02:22:eb:9d: 99:1e:89:c6:6f:b1:da:60:4c:95:5e:6e:c4:75:a8:98:1a:7f: 18:39:4d:69:c2:58:00:fe:a8:d7:4e:9a:9a:c3:fb:5a:2b:a4: d8:79:ae:c7:72:a0:e9:32:40:51:f1:4c:b1:d3:f7:0f:f8:2c: a8:99:04:0c:08:3c:40:b0:ec:35:06:08:45:62:bc:c1:9f:4f: e9:22:18:13:fe:57:21:da:cb:3c:5a:9d:5e:dc:54:68:80:b9: f4:99:9e:db:e3:61:a2:0a:69:a0:cd:c0:d2:83:a5:25:2c:14: 64:e2:37:1f:2a:67:b0:22:14:99:52:15:d9:8d:3e:ef:2f:b0: 2d:42:b0:20:8a:f6:e2:e8:ee:81:6e:ec:58:42:d5:8c:e4:31: d7:5e:70:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmvOJcnvcqxmYomEEy9JXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk NThlYzUwHhcNMjUxMjA2MDMwMDU1WhcNMjUxMjA3MDMwMDU1WjAzMTEwLwYDVQQD EyhlODY5MjdhZGI5OWMwMWIyYjY3ZDFiMTYyMzA2MzYwODg0NGFhYWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZEP1AZgExJBekaAbCnIkoNHugs0 VbkT7WWGUbWC10Ibq9tKYeyXfNsM4PIabOmuCVrKR175M4qgHOwwksiPWgSIF9Yp sLIRdf+FsWRE9577MBZWgtnHwt0wHaa9rJ5P4suv2MaYDnow87f2KOaBauDJPlKE /9DP8hL24nKAtkq6pK/1HRny8+YBIJF6KHGZEg8GcJ6a/LquZFmdXHUWIS9lx9/2 2B9HhEG3sovYCyCIJLTS3YtlWnrYwfj83o8Qwg0F3B4k6uUQE1ssAh7Lzfy8woWP 1OToIqNKs9f1FsJNEIAsuPl0qd68FcFRc7Vl0KlgxtLDna7CCwcJugRiTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOhpJ625nAGytn0bFiMGNgiESqrCMB8GA1UdIwQY MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2 LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPOIFY5S zccurz88fLQht8aeHQg1I1/iZce3O/5MYBVK1b8ksejnpdoXpMXDtN6rkER/Gu+H qcYERr+J/zB1ltbf/m9NaMWNoHuY0n6jESgy5BoYatZt1yTVDdaWVSsh8EFPdb1+ GRwCIuudmR6Jxm+x2mBMlV5uxHWomBp/GDlNacJYAP6o106amsP7Wiuk2Hmux3Kg 6TJAUfFMsdP3D/gsqJkEDAg8QLDsNQYIRWK8wZ9P6SIYE/5XIdrLPFqdXtxUaIC5 9Jme2+NhogppoM3A0oOlJSwUZOI3HypnsCIUmVIV2Y0+7y+wLUKwIIr24ujugW7s WELVjOQx115wnw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:50:33 2025 by rpki-client