This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json) Hash identifier: bGuTu8sKxz+FAKu4CMnTkXFNlRbOeGGm7mqoW268bl0= Subject key identifier: 62:A9:6C:16:70:5C:2C:F3:F6:F9:69:BD:38:A2:C9:7C:D4:1C:67:EB Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f Certificate serial: 019AF5AEE834BD523598F931501AD4203A01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft Manifest number: 16F6 Signing time: Sat 06 Dec 2025 22:01:11 +0000 Manifest this update: Sat 06 Dec 2025 22:01:11 +0000 Manifest next update: Sun 07 Dec 2025 22:01:11 +0000 Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=) 2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: yLYpPhh1sgf8Tir8hesAQP6qddBdLkYp5I0zZ0ARtdk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:e8:34:bd:52:35:98:f9:31:50:1a:d4:20:3a:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f Validity Not Before: Dec 6 22:01:11 2025 GMT Not After : Dec 7 22:01:11 2025 GMT Subject: CN=62a96c16705c2cf3f6f969bd38a2c97cd41c67eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:7d:f1:e4:ac:90:c7:ca:57:90:73:5f:e7:82: dc:a3:56:35:59:a2:26:b7:e1:67:30:cd:34:58:4e: b8:f4:ea:75:24:9c:46:73:8e:4f:d2:ee:e9:31:70: 77:b1:e9:37:a0:fb:c3:80:ef:f7:38:48:c8:85:29: da:b8:e5:2e:73:e6:e2:cd:28:2a:af:b8:3d:e3:40: 8f:1c:13:66:c9:c4:f2:ba:e5:ed:3d:5f:af:4e:84: d1:7d:cb:22:68:a8:0b:09:27:2f:da:53:08:0e:f4: 7a:82:15:67:4d:d6:97:5d:92:af:ec:34:60:96:bd: e1:98:d1:6d:29:38:5f:82:e2:41:2e:0e:47:5e:c1: 9f:7b:cc:23:b3:70:5d:f3:ea:68:14:e2:6c:64:e7: 91:7e:fa:60:61:44:92:ec:fb:93:c4:ff:e2:9f:49: b8:7b:f6:8f:2d:3d:35:1e:27:ff:b7:25:1f:e8:5d: 53:7a:f3:db:12:07:61:67:24:4d:55:01:07:ef:6e: ae:0f:c9:86:a8:64:4a:c1:2b:4f:6e:b8:d2:32:3b: ce:55:60:a0:c1:f8:a2:7b:e0:e1:aa:77:2f:13:83: 18:87:77:7f:70:27:91:0b:ee:fc:a6:5b:e9:46:9f: 25:e4:46:0d:6a:9d:a2:9c:6b:75:70:90:7a:af:12: 51:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:A9:6C:16:70:5C:2C:F3:F6:F9:69:BD:38:A2:C9:7C:D4:1C:67:EB X509v3 Authority Key Identifier: keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:bf:b7:c7:c3:ca:56:e5:03:0d:f9:bb:0c:1e:07:f1:dc:9c: ac:fd:ec:0e:f0:be:b4:92:80:dc:9e:80:f4:79:b5:3c:b2:7e: 96:3b:85:8c:c6:53:bd:ec:3e:ef:57:79:9e:49:16:3e:22:f1: b7:25:7e:3b:81:eb:75:2c:d1:5a:31:1e:89:a2:74:fb:5a:79: ef:55:d3:bd:10:d2:6d:6c:66:ae:13:3a:78:69:b8:d6:a2:06: 1e:29:29:a9:c6:a9:8b:a3:40:96:0b:68:ca:99:55:21:e9:57: ea:8a:ea:05:2a:12:39:f7:05:f0:ac:fe:fe:f3:ac:18:3b:5d: c5:16:5b:40:c4:f0:aa:d2:8c:e4:18:39:92:4e:c2:4f:92:1d: 34:a1:57:98:92:d6:3c:2b:b9:d9:d4:f6:db:6d:49:50:a7:5e: 52:34:b9:bb:11:b0:a5:35:6f:9e:04:57:cf:7b:b6:1b:02:c4: aa:c6:cb:46:d3:73:9e:c6:e3:25:d7:dc:d8:16:8e:ca:4d:1f: 51:9b:35:f2:f5:a2:82:64:25:52:b2:bf:78:fa:24:04:22:a1: a3:f0:aa:b7:6a:54:ff:73:c9:02:5f:7f:55:26:0b:1a:da:17: d9:f3:fa:68:02:57:13:f2:08:51:c8:0c:21:88:2c:48:b4:af: ef:79:18:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rug0vVI1mPkxUBrUIDoBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz ODEyNGYwHhcNMjUxMjA2MjIwMTExWhcNMjUxMjA3MjIwMTExWjAzMTEwLwYDVQQD Eyg2MmE5NmMxNjcwNWMyY2YzZjZmOTY5YmQzOGEyYzk3Y2Q0MWM2N2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX3x5KyQx8pXkHNf54Lco1Y1WaIm t+FnMM00WE649Op1JJxGc45P0u7pMXB3sek3oPvDgO/3OEjIhSnauOUuc+bizSgq r7g940CPHBNmycTyuuXtPV+vToTRfcsiaKgLCScv2lMIDvR6ghVnTdaXXZKv7DRg lr3hmNFtKThfguJBLg5HXsGfe8wjs3Bd8+poFOJsZOeRfvpgYUSS7PuTxP/in0m4 e/aPLT01Hif/tyUf6F1TevPbEgdhZyRNVQEH726uD8mGqGRKwStPbrjSMjvOVWCg wfiie+DhqncvE4MYh3d/cCeRC+78plvpRp8l5EYNap2inGt1cJB6rxJRpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGKpbBZwXCzz9vlpvTiiyXzUHGfrMB8GA1UdIwQY MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABb+3x8PK VuUDDfm7DB4H8dycrP3sDvC+tJKA3J6A9Hm1PLJ+ljuFjMZTvew+71d5nkkWPiLx tyV+O4HrdSzRWjEeiaJ0+1p571XTvRDSbWxmrhM6eGm41qIGHikpqcapi6NAlgto yplVIelX6orqBSoSOfcF8Kz+/vOsGDtdxRZbQMTwqtKM5Bg5kk7CT5IdNKFXmJLW PCu52dT2221JUKdeUjS5uxGwpTVvngRXz3u2GwLEqsbLRtNznsbjJdfc2BaOyk0f UZs18vWigmQlUrK/ePokBCKho/Cqt2pU/3PJAl9/VSYLGtoX2fP6aAJXE/IIUcgM IYgsSLSv73kYhA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:39:19 2025 by rpki-client