This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json) Hash identifier: tAp67USkZTNj35KPbUJXeeC8RXEzsGuc8eVjdsZF1xA= Subject key identifier: A1:4E:83:C0:F3:88:3E:36:9A:4F:9C:87:A7:4F:DA:CB:FC:70:FE:74 Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Certificate serial: 019AF31D6AEEBC10B581DA756496D409D289 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 10:03:02 +0000 Manifest this update: Sat 06 Dec 2025 10:03:02 +0000 Manifest next update: Sun 07 Dec 2025 10:03:02 +0000 Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: eOT0RxTG4L/S77DEgazo9FhXBd9o3vaV96C9mWSEaBc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:03:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:6a:ee:bc:10:b5:81:da:75:64:96:d4:09:d2:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Validity Not Before: Dec 6 10:03:02 2025 GMT Not After : Dec 7 10:03:02 2025 GMT Subject: CN=a14e83c0f3883e369a4f9c87a74fdacbfc70fe74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:71:51:74:15:2c:e3:e7:e7:98:08:95:23:b2: a4:0b:40:bb:cf:ef:50:95:3d:0b:ed:30:6e:0f:18: e6:65:43:0a:b1:c2:0b:f5:90:33:17:15:59:7d:ac: 3e:81:2c:7f:dd:1c:4e:13:2a:9c:5a:d5:2e:cb:36: e5:d6:a2:46:e7:d7:0a:3b:dd:3a:e8:d3:19:ce:4f: 2b:31:3c:fa:8b:fc:d6:65:6c:43:89:59:34:ef:ed: c9:2a:2e:00:42:e3:6c:29:74:7b:ce:ca:ee:bf:21: 4a:f1:00:41:36:49:1a:ef:98:0e:b2:86:1f:02:28: 4c:e7:f7:22:43:45:e3:c4:5e:83:09:87:a1:83:5a: 87:4a:c2:43:22:18:e0:90:24:9d:00:9f:3f:74:42: b3:87:e2:79:81:8a:ed:f8:f8:d3:5c:12:2d:6d:34: 37:98:08:f0:3f:8d:47:4d:43:d1:2b:45:3b:18:14: 1b:6b:bb:f5:9d:26:cf:a1:99:a2:15:40:65:bf:ce: 14:6c:2b:3b:3d:e3:af:2a:00:fb:f2:4f:63:ef:be: 05:07:2d:76:2c:92:79:d1:40:4c:a4:74:a0:be:e1: 08:33:c8:3d:d1:cc:cc:ce:6c:8c:e9:7b:78:1b:fc: 33:5f:13:30:31:d0:44:68:e5:4f:02:72:d6:12:41: 54:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:4E:83:C0:F3:88:3E:36:9A:4F:9C:87:A7:4F:DA:CB:FC:70:FE:74 X509v3 Authority Key Identifier: keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:3d:ee:49:73:86:c1:3a:0d:3c:96:0f:eb:4e:27:c2:97:21: a0:db:98:a6:bc:69:e2:a5:4c:96:e3:93:c7:cd:ff:26:5f:a6: 6f:3a:8f:71:0f:02:c4:41:db:dd:a5:bc:6b:86:23:84:b2:38: b4:2a:ee:4e:b8:3b:be:d1:4c:bb:b3:29:77:5b:3f:7d:21:23: c7:19:f8:d3:0d:16:64:fd:36:4a:63:e4:e5:26:f2:c4:b9:cf: 34:ae:4c:43:aa:4e:53:d6:37:01:d1:2b:3f:b9:bc:3d:6a:5b: c0:fc:01:5b:60:d1:e1:14:50:7f:b0:1d:13:26:bb:8f:06:94: ca:3d:47:45:7c:d8:29:cb:f5:a0:f4:aa:e5:9b:59:32:b4:eb: cf:36:59:51:e6:bf:0c:88:79:58:c5:48:4b:98:ad:db:a9:80: df:07:24:58:ba:66:2a:ab:6e:5f:6e:d4:7a:0a:02:13:ba:2e: 82:58:c0:5d:13:8d:d3:e0:c4:25:40:50:6c:ed:a9:1a:47:82: 0c:84:6a:55:c0:cb:1a:2f:10:77:51:3f:69:36:e3:4e:46:90: 40:34:0c:55:df:ff:31:1d:6a:7a:c3:c4:27:43:74:2e:13:67: b1:bf:03:df:c1:da:e6:6a:f5:b2:08:9f:21:a8:77:df:b8:f9: 25:03:b4:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHWruvBC1gdp1ZJbUCdKJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5 YmQzNjAwHhcNMjUxMjA2MTAwMzAyWhcNMjUxMjA3MTAwMzAyWjAzMTEwLwYDVQQD EyhhMTRlODNjMGYzODgzZTM2OWE0ZjljODdhNzRmZGFjYmZjNzBmZTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnFRdBUs4+fnmAiVI7KkC0C7z+9Q lT0L7TBuDxjmZUMKscIL9ZAzFxVZfaw+gSx/3RxOEyqcWtUuyzbl1qJG59cKO906 6NMZzk8rMTz6i/zWZWxDiVk07+3JKi4AQuNsKXR7zsruvyFK8QBBNkka75gOsoYf AihM5/ciQ0XjxF6DCYehg1qHSsJDIhjgkCSdAJ8/dEKzh+J5gYrt+PjTXBItbTQ3 mAjwP41HTUPRK0U7GBQba7v1nSbPoZmiFUBlv84UbCs7PeOvKgD78k9j774FBy12 LJJ50UBMpHSgvuEIM8g90czMzmyM6Xt4G/wzXxMwMdBEaOVPAnLWEkFU/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKFOg8DziD42mk+ch6dP2sv8cP50MB8GA1UdIwQY MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALD3uSXOG wToNPJYP604nwpchoNuYprxp4qVMluOTx83/Jl+mbzqPcQ8CxEHb3aW8a4YjhLI4 tCruTrg7vtFMu7Mpd1s/fSEjxxn40w0WZP02SmPk5SbyxLnPNK5MQ6pOU9Y3AdEr P7m8PWpbwPwBW2DR4RRQf7AdEya7jwaUyj1HRXzYKcv1oPSq5ZtZMrTrzzZZUea/ DIh5WMVIS5it26mA3wckWLpmKqtuX27UegoCE7ougljAXRON0+DEJUBQbO2pGkeC DIRqVcDLGi8Qd1E/aTbjTkaQQDQMVd//MR1qesPEJ0N0LhNnsb8D38Ha5mr1sgif Iah337j5JQO0KA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:42:03 2025 by rpki-client