This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft File: BkizODOZAP9_O1myRtJNJofGNnw.mft (raw, json) Hash identifier: xJ+U8AH8QRevwxK7ApRqTDnqxkarcj3PhQP0FPH1KrU= Subject key identifier: E2:21:2B:D6:49:5C:A3:6C:1B:2F:BA:46:17:B0:BB:C5:D4:D0:6B:FA Authority key identifier: 06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C Certificate issuer: /CN=0648b338339900ff7f3b59b246d24d2687c6367c Certificate serial: 019B34C5C225273B6C93CA01675DB5AC56B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft Manifest number: 0303 Signing time: Fri 19 Dec 2025 04:02:13 +0000 Manifest this update: Fri 19 Dec 2025 04:02:13 +0000 Manifest next update: Sat 20 Dec 2025 04:02:13 +0000 Files and hashes: 1: BkizODOZAP9_O1myRtJNJofGNnw.crl (hash: elLKfde44Wi7Zqr/a01/9N7bjVTqp2rOZh1tw9lsR7A=) 2: pO5jZKPZtKc7LFh2B3gUF2ssV3Y.roa (hash: rDX32rjjFQPeFJLlsJ7HQ9El7VqEOXBlwYtku8n7ZJg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:c2:25:27:3b:6c:93:ca:01:67:5d:b5:ac:56:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0648b338339900ff7f3b59b246d24d2687c6367c Validity Not Before: Dec 19 04:02:13 2025 GMT Not After : Dec 20 04:02:13 2025 GMT Subject: CN=e2212bd6495ca36c1b2fba4617b0bbc5d4d06bfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fb:4f:5d:c8:2a:51:c1:2e:78:38:7a:21:4c: d8:65:d2:ca:a8:14:f0:b0:c0:27:3a:6d:29:ae:f8: f7:63:b7:f2:db:94:57:6b:f9:00:ec:35:dc:62:ec: 53:12:26:13:af:60:f9:64:26:32:e9:19:2a:9e:0b: 06:15:d8:dd:b7:b8:96:49:a5:36:d3:56:ac:19:38: 85:0b:aa:a0:3f:a0:e6:ad:a9:2a:52:e7:ae:55:16: 11:c4:75:76:27:d2:f1:f5:99:36:ae:6a:8a:a8:c3: fc:06:07:7f:a0:1f:c1:af:52:23:d0:c4:3a:f1:1c: 09:6d:fc:92:87:06:aa:f3:c0:82:4e:dc:18:fc:1b: c4:c6:94:90:3e:e8:2d:03:7b:ea:88:f0:41:80:76: 9b:29:e4:77:3c:f8:cb:22:e1:64:b9:51:a6:8b:a3: 55:62:88:45:d1:ab:0b:c8:6b:14:56:4e:1d:9f:3c: 47:62:7e:c9:5d:df:9f:72:9b:20:a8:62:73:3b:2d: b9:96:28:62:8e:89:be:1d:d3:cd:c8:ab:2c:93:4b: 8b:89:20:2b:4e:19:f7:e6:dc:01:51:08:04:9c:85: a4:7e:c4:e4:1b:83:7f:6e:e6:40:e8:0d:e4:00:b2: 57:25:4e:51:0b:29:34:eb:b6:d1:a1:26:14:01:76: 36:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:21:2B:D6:49:5C:A3:6C:1B:2F:BA:46:17:B0:BB:C5:D4:D0:6B:FA X509v3 Authority Key Identifier: keyid:06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:5c:25:0f:f7:b7:02:76:ef:e3:8e:e0:83:e5:25:ce:3c:47: 2e:2c:69:2c:59:3e:dc:f5:74:5b:9a:87:3b:79:07:a1:df:a6: e5:54:52:da:8c:96:b7:30:fe:cd:d6:12:c6:a0:d6:6c:c2:66: 3a:75:68:25:59:a3:6d:38:de:10:c8:02:f2:d2:f0:4c:be:ee: 1e:a7:89:61:25:eb:25:c6:04:d8:61:01:84:41:11:ee:9a:84: 56:f2:60:bc:a2:74:82:77:82:ce:f3:c7:1d:6a:ca:5c:f7:1e: fd:1a:39:d9:0a:16:bf:aa:7f:e7:56:bd:e9:7d:51:d3:df:44: cb:ac:a1:3b:a6:30:fe:9b:f7:d9:ac:ce:17:1f:49:97:42:8f: 13:f8:5a:7b:8a:b4:c9:39:01:9b:b4:77:b9:64:e4:d3:4e:fa: 44:66:58:44:9c:53:c0:01:b8:dd:d2:d6:f8:99:df:b3:e9:e6: 50:85:d3:96:fc:a8:d5:61:58:a4:f4:42:f4:8e:6e:ae:80:06: 4c:c4:5e:e1:7c:f0:76:80:91:a8:88:dc:79:5a:47:03:66:23: c6:49:cf:74:18:82:43:33:f2:e4:cc:c1:5d:5e:1e:48:f6:68: 16:4b:14:68:03:e7:4f:60:8d:31:46:94:9b:7c:d1:56:b2:ff: 97:2a:26:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xcIlJztsk8oBZ121rFayMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NDhiMzM4MzM5OTAwZmY3ZjNiNTliMjQ2ZDI0ZDI2ODdj NjM2N2MwHhcNMjUxMjE5MDQwMjEzWhcNMjUxMjIwMDQwMjEzWjAzMTEwLwYDVQQD EyhlMjIxMmJkNjQ5NWNhMzZjMWIyZmJhNDYxN2IwYmJjNWQ0ZDA2YmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/tPXcgqUcEueDh6IUzYZdLKqBTw sMAnOm0prvj3Y7fy25RXa/kA7DXcYuxTEiYTr2D5ZCYy6RkqngsGFdjdt7iWSaU2 01asGTiFC6qgP6DmrakqUueuVRYRxHV2J9Lx9Zk2rmqKqMP8Bgd/oB/Br1Ij0MQ6 8RwJbfyShwaq88CCTtwY/BvExpSQPugtA3vqiPBBgHabKeR3PPjLIuFkuVGmi6NV YohF0asLyGsUVk4dnzxHYn7JXd+fcpsgqGJzOy25lihijom+HdPNyKssk0uLiSAr Thn35twBUQgEnIWkfsTkG4N/buZA6A3kALJXJU5RCyk067bRoSYUAXY2lwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOIhK9ZJXKNsGy+6Rhewu8XU0Gv6MB8GA1UdIwQY MBaAFAZIszgzmQD/fztZskbSTSaHxjZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQt MGQ5MThlZWRjMjZmLzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQtMGQ5MThlZWRjMjZm LzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMVwlD/e3 Anbv447gg+UlzjxHLixpLFk+3PV0W5qHO3kHod+m5VRS2oyWtzD+zdYSxqDWbMJm OnVoJVmjbTjeEMgC8tLwTL7uHqeJYSXrJcYE2GEBhEER7pqEVvJgvKJ0gneCzvPH HWrKXPce/Ro52QoWv6p/51a96X1R099Ey6yhO6Yw/pv32azOFx9Jl0KPE/hae4q0 yTkBm7R3uWTk0076RGZYRJxTwAG43dLW+Jnfs+nmUIXTlvyo1WFYpPRC9I5uroAG TMRe4XzwdoCRqIjceVpHA2YjxknPdBiCQzPy5MzBXV4eSPZoFksUaAPnT2CNMUaU m3zRVrL/lyom9A== -----END CERTIFICATE-----Generated at Fri Dec 19 05:40:20 2025 by rpki-client