This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft File: vfSGpExRBdeBNXKUVhzMPROk1nE.mft (raw, json) Hash identifier: WFut89Ds/ZKnOGV2DbitWaxMcDvWTh7L02VgCsZkFCI= Subject key identifier: 6D:2F:12:EA:4D:16:49:F7:BC:7D:0F:CD:56:9A:01:9D:DB:DF:67:18 Authority key identifier: BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71 Certificate issuer: /CN=bdf486a44c5105d781357294561ccc3d13a4d671 Certificate serial: 019AF57755AFC8065C3D1A6695AD56EC8D4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft Manifest number: 09D3 Signing time: Sat 06 Dec 2025 21:00:29 +0000 Manifest this update: Sat 06 Dec 2025 21:00:29 +0000 Manifest next update: Sun 07 Dec 2025 21:00:29 +0000 Files and hashes: 1: vfSGpExRBdeBNXKUVhzMPROk1nE.crl (hash: c3Zb9F7GFZRdY6/iEtcsbflcD4LMpe52PBUV9zQ7po8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:55:af:c8:06:5c:3d:1a:66:95:ad:56:ec:8d:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdf486a44c5105d781357294561ccc3d13a4d671 Validity Not Before: Dec 6 21:00:29 2025 GMT Not After : Dec 7 21:00:29 2025 GMT Subject: CN=6d2f12ea4d1649f7bc7d0fcd569a019ddbdf6718 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:97:4e:4e:d7:d2:65:a2:5c:a0:99:6f:2c:0d: 00:6b:65:80:a4:15:3d:0b:f8:92:61:26:23:45:54: 5c:d9:26:2f:ba:39:0e:78:ae:9b:5f:3d:c3:1e:5d: 60:62:d7:a1:e4:3f:de:73:f9:7a:75:7e:b8:3d:59: 2a:1d:15:ec:20:73:6c:e4:5c:1b:cd:86:13:e5:6a: ac:ff:47:3b:df:08:be:e7:ae:b0:16:dc:d3:a5:03: 03:51:87:b0:b1:a3:a8:13:75:60:49:2c:ff:7f:08: ee:6b:6b:9a:a1:28:7a:3b:ff:79:1a:65:1c:fe:36: d1:09:3c:fc:ff:31:bd:a0:f2:5c:a5:5a:c4:ba:23: 1e:9a:16:c0:54:29:13:2d:8b:11:ac:30:9f:e3:e6: 6c:25:a7:4c:b8:0d:a6:ea:60:b9:b9:ac:3d:40:26: 73:3f:78:bc:4a:80:60:70:8a:18:53:01:52:cd:5b: 65:1d:36:14:0d:be:5a:41:a8:36:28:9c:02:25:63: d5:9f:19:fb:1c:89:d7:68:7b:76:43:81:a9:41:0c: 23:83:49:d2:91:d3:89:ef:b6:59:5e:78:46:9e:24: 96:b9:5a:68:a4:81:35:7d:35:2c:f4:c7:38:0d:ad: 8b:8c:be:06:df:69:98:04:7c:74:41:93:8d:2a:86: 82:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:2F:12:EA:4D:16:49:F7:BC:7D:0F:CD:56:9A:01:9D:DB:DF:67:18 X509v3 Authority Key Identifier: keyid:BD:F4:86:A4:4C:51:05:D7:81:35:72:94:56:1C:CC:3D:13:A4:D6:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfSGpExRBdeBNXKUVhzMPROk1nE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/b8b278-f9bd-40e1-803a-f691f64758ac/1/vfSGpExRBdeBNXKUVhzMPROk1nE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:00:a5:74:be:7e:fe:8b:f1:94:44:af:e0:e6:49:c3:2e:95: fe:ca:c9:91:b6:f6:94:f3:32:56:b7:8b:e8:ed:15:4f:13:85: 19:16:98:e3:ae:6e:99:94:c3:5d:ce:c8:ae:f1:41:22:eb:c2: e6:d9:92:12:3f:22:1b:c5:10:0a:5e:40:02:c0:ce:59:c9:04: 9f:50:ad:ad:e1:c6:bd:3d:a7:a9:b5:3c:49:70:88:cb:3c:7f: 60:3c:3a:4a:7e:1c:ad:30:85:f2:0b:5f:98:25:6d:af:38:29: f9:63:68:3a:57:a9:14:9b:ca:f6:80:95:b8:a8:a3:7c:13:f3: de:d6:b1:27:46:21:e6:70:e0:40:58:f1:f9:00:f2:bd:20:c5: 6b:0a:42:05:67:f7:47:ec:3f:c9:c1:c0:9c:0d:7c:d3:0f:24: 49:7f:d1:dc:ad:cc:82:39:e8:8c:fa:bc:ab:ca:98:cf:e2:e2: 3c:76:c8:4f:1e:81:6d:2a:6b:3f:72:cd:3c:cc:9e:f7:6c:b7: 4d:98:ab:1c:f8:38:1a:44:78:4d:50:4a:f9:9b:6f:cf:a5:f3: 13:40:1f:50:4f:e5:ad:57:d2:bf:d3:c0:5f:fc:e6:10:8b:18: 9a:a3:7d:c2:83:27:90:a7:ba:cd:fb:ea:65:da:2d:d5:40:07: e3:42:c2:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d1WvyAZcPRpmla1W7I1PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZjQ4NmE0NGM1MTA1ZDc4MTM1NzI5NDU2MWNjYzNkMTNh NGQ2NzEwHhcNMjUxMjA2MjEwMDI5WhcNMjUxMjA3MjEwMDI5WjAzMTEwLwYDVQQD Eyg2ZDJmMTJlYTRkMTY0OWY3YmM3ZDBmY2Q1NjlhMDE5ZGRiZGY2NzE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZdOTtfSZaJcoJlvLA0Aa2WApBU9 C/iSYSYjRVRc2SYvujkOeK6bXz3DHl1gYteh5D/ec/l6dX64PVkqHRXsIHNs5Fwb zYYT5Wqs/0c73wi+566wFtzTpQMDUYewsaOoE3VgSSz/fwjua2uaoSh6O/95GmUc /jbRCTz8/zG9oPJcpVrEuiMemhbAVCkTLYsRrDCf4+ZsJadMuA2m6mC5uaw9QCZz P3i8SoBgcIoYUwFSzVtlHTYUDb5aQag2KJwCJWPVnxn7HInXaHt2Q4GpQQwjg0nS kdOJ77ZZXnhGniSWuVpopIE1fTUs9Mc4Da2LjL4G32mYBHx0QZONKoaCEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG0vEupNFkn3vH0PzVaaAZ3b32cYMB8GA1UdIwQY MBaAFL30hqRMUQXXgTVylFYczD0TpNZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2Et ZjY5MWY2NDc1OGFjLzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9iOGIyNzgtZjliZC00MGUxLTgwM2EtZjY5MWY2NDc1OGFj LzEvdmZTR3BFeFJCZGVCTlhLVVZoek1QUk9rMW5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjgCldL5+ /ovxlESv4OZJwy6V/srJkbb2lPMyVreL6O0VTxOFGRaY465umZTDXc7IrvFBIuvC 5tmSEj8iG8UQCl5AAsDOWckEn1CtreHGvT2nqbU8SXCIyzx/YDw6Sn4crTCF8gtf mCVtrzgp+WNoOlepFJvK9oCVuKijfBPz3taxJ0Yh5nDgQFjx+QDyvSDFawpCBWf3 R+w/ycHAnA180w8kSX/R3K3MgjnojPq8q8qYz+LiPHbITx6BbSprP3LNPMye92y3 TZirHPg4GkR4TVBK+Ztvz6XzE0AfUE/lrVfSv9PAX/zmEIsYmqN9woMnkKe6zfvq Zdot1UAH40LCSw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:11:04 2025 by rpki-client