This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft File: BkizODOZAP9_O1myRtJNJofGNnw.mft (raw, json) Hash identifier: IJb0maZ3HG5juaA1/XkkW0hXuW9s0xvRbX/gUE3UR8Y= Subject key identifier: C3:DE:01:1A:1F:9B:F9:50:4B:37:34:95:F7:A5:D1:47:24:70:6A:00 Authority key identifier: 06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C Certificate issuer: /CN=0648b338339900ff7f3b59b246d24d2687c6367c Certificate serial: 019AF12E20DDDCB28DF7EFEE0C6B4B197850 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft Manifest number: 02E0 Signing time: Sat 06 Dec 2025 01:02:03 +0000 Manifest this update: Sat 06 Dec 2025 01:02:03 +0000 Manifest next update: Sun 07 Dec 2025 01:02:03 +0000 Files and hashes: 1: BkizODOZAP9_O1myRtJNJofGNnw.crl (hash: SkXT9XajfO9g2GejCg2pgiFVhQTXAqppE05FQx0YW8w=) 2: pO5jZKPZtKc7LFh2B3gUF2ssV3Y.roa (hash: rDX32rjjFQPeFJLlsJ7HQ9El7VqEOXBlwYtku8n7ZJg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:20:dd:dc:b2:8d:f7:ef:ee:0c:6b:4b:19:78:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0648b338339900ff7f3b59b246d24d2687c6367c Validity Not Before: Dec 6 01:02:03 2025 GMT Not After : Dec 7 01:02:03 2025 GMT Subject: CN=c3de011a1f9bf9504b373495f7a5d14724706a00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:43:c1:db:ed:1d:3a:a3:ea:45:3e:e8:f7:d1: 16:54:e4:b7:ae:b1:1f:b2:d6:00:9c:5a:41:52:41: 82:38:c2:d4:66:3a:57:9a:0d:a5:26:ed:63:0e:c6: 6d:c6:7c:53:99:09:f2:21:00:a5:50:11:f2:74:03: e4:41:6f:f6:5c:5f:41:ac:d4:f2:68:5d:51:ee:be: 9e:3b:ff:1d:ac:e5:14:db:7c:9b:4a:c6:81:3b:ce: c9:59:d0:d2:94:ff:7e:78:ee:b8:91:8e:ee:17:6e: 3c:f6:7e:5d:1e:5a:8d:62:dd:6f:f8:bd:60:dd:80: d3:e0:3f:34:0a:f3:78:35:73:cf:f9:d7:16:db:30: 08:41:3a:64:41:17:8d:c6:10:0c:9e:93:a4:fe:00: ef:14:9b:02:05:f1:cd:bc:85:b0:4b:f4:90:49:00: 12:84:60:e4:b7:6a:c9:de:49:81:a6:6e:0c:d1:bc: 01:12:92:d9:27:66:19:cf:95:47:78:c9:a8:37:9e: 6c:04:0a:9e:74:dc:e6:1f:3a:8e:06:af:4f:02:9c: 49:bf:b8:84:43:91:51:b1:58:d9:91:63:62:89:91: 80:fd:03:ae:70:2d:ac:5e:a4:9c:cd:01:a2:8e:b7: db:da:e7:92:b8:5f:5d:78:82:8a:33:f7:7c:15:31: f4:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:DE:01:1A:1F:9B:F9:50:4B:37:34:95:F7:A5:D1:47:24:70:6A:00 X509v3 Authority Key Identifier: keyid:06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:5a:27:50:5d:fb:26:21:d8:90:df:f3:b8:0e:c1:93:83:c7: f9:a2:08:77:ad:5c:05:38:56:30:9f:a8:29:9e:29:c5:a4:b5: 68:53:da:8e:90:47:86:8e:54:e2:4f:ff:13:eb:53:12:2d:5a: 92:f1:0b:5b:08:55:42:a1:8d:cb:92:c3:38:f0:91:c2:ab:e3: a2:6b:15:b2:fd:60:81:4d:2d:4c:7b:69:71:da:8e:b5:0b:59: eb:ca:85:a5:31:e1:f5:93:50:ab:31:3b:4a:8f:fd:bf:bf:0f: 5c:10:36:28:1d:bb:e3:ac:b0:55:06:43:33:2c:75:e4:97:a5: 33:10:9a:f7:ce:ff:82:d9:73:92:8a:0c:02:f6:95:3a:2a:c7: 96:8c:67:a1:81:9f:f5:39:2c:34:eb:5d:f8:98:73:09:aa:b5: 18:d4:20:09:eb:6e:c9:91:fc:60:d1:7f:e8:ec:f8:69:d8:27: 29:15:fc:67:49:8f:3b:bc:33:5d:af:91:14:89:f2:ad:f1:42: b9:37:3e:4d:0c:d2:4e:d3:6f:52:6c:3c:2c:b6:c0:0b:98:99: 7c:57:93:98:93:78:40:5b:7b:8f:fa:7b:e3:a2:31:6d:e3:32: 6a:59:d2:c5:88:6d:d8:9d:59:50:b4:9b:c6:5a:3b:81:71:e2: 68:37:7b:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLiDd3LKN9+/uDGtLGXhQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NDhiMzM4MzM5OTAwZmY3ZjNiNTliMjQ2ZDI0ZDI2ODdj NjM2N2MwHhcNMjUxMjA2MDEwMjAzWhcNMjUxMjA3MDEwMjAzWjAzMTEwLwYDVQQD EyhjM2RlMDExYTFmOWJmOTUwNGIzNzM0OTVmN2E1ZDE0NzI0NzA2YTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0PB2+0dOqPqRT7o99EWVOS3rrEf stYAnFpBUkGCOMLUZjpXmg2lJu1jDsZtxnxTmQnyIQClUBHydAPkQW/2XF9BrNTy aF1R7r6eO/8drOUU23ybSsaBO87JWdDSlP9+eO64kY7uF2489n5dHlqNYt1v+L1g 3YDT4D80CvN4NXPP+dcW2zAIQTpkQReNxhAMnpOk/gDvFJsCBfHNvIWwS/SQSQAS hGDkt2rJ3kmBpm4M0bwBEpLZJ2YZz5VHeMmoN55sBAqedNzmHzqOBq9PApxJv7iE Q5FRsVjZkWNiiZGA/QOucC2sXqSczQGijrfb2ueSuF9deIKKM/d8FTH0FwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPeARofm/lQSzc0lfel0UckcGoAMB8GA1UdIwQY MBaAFAZIszgzmQD/fztZskbSTSaHxjZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQt MGQ5MThlZWRjMjZmLzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQtMGQ5MThlZWRjMjZm LzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVonUF37 JiHYkN/zuA7Bk4PH+aIId61cBThWMJ+oKZ4pxaS1aFPajpBHho5U4k//E+tTEi1a kvELWwhVQqGNy5LDOPCRwqvjomsVsv1ggU0tTHtpcdqOtQtZ68qFpTHh9ZNQqzE7 So/9v78PXBA2KB2746ywVQZDMyx15JelMxCa987/gtlzkooMAvaVOirHloxnoYGf 9TksNOtd+JhzCaq1GNQgCetuyZH8YNF/6Oz4adgnKRX8Z0mPO7wzXa+RFInyrfFC uTc+TQzSTtNvUmw8LLbAC5iZfFeTmJN4QFt7j/p746IxbeMyalnSxYht2J1ZULSb xlo7gXHiaDd7Kw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:52:40 2025 by rpki-client