This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft File: b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft (raw, json) Hash identifier: fOnLxHaueAi/XGTfcdNPNsFjvWSt3q9W1I9nTlK8+YI= Subject key identifier: 1E:D0:0C:02:38:A3:F5:E2:EC:4E:8A:BE:8C:95:8C:0F:79:94:3B:97 Authority key identifier: 6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1 Certificate issuer: /CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1 Certificate serial: 019AF208AA8977FF2C106518DB424B7B076B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft Manifest number: 1159 Signing time: Sat 06 Dec 2025 05:00:45 +0000 Manifest this update: Sat 06 Dec 2025 05:00:45 +0000 Manifest next update: Sun 07 Dec 2025 05:00:45 +0000 Files and hashes: 1: b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl (hash: wgpOCusnPF867lwpOFtnCrj2KSnhXO5F/kicC1C3n48=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:aa:89:77:ff:2c:10:65:18:db:42:4b:7b:07:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1 Validity Not Before: Dec 6 05:00:45 2025 GMT Not After : Dec 7 05:00:45 2025 GMT Subject: CN=1ed00c0238a3f5e2ec4e8abe8c958c0f79943b97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:b5:a8:a9:07:c7:3d:e4:95:80:93:38:b5:90: 17:38:c3:19:66:76:b5:5f:a3:ae:5c:ce:40:97:ea: 11:c2:18:99:a8:f8:f0:9d:60:bd:96:1f:8c:1e:85: 61:0d:ea:20:1f:61:f0:60:87:5e:ea:b0:29:60:c5: 4a:96:b7:17:ed:90:b7:6a:74:11:b3:49:d2:c8:0c: 74:2e:ca:cb:db:95:75:f5:7c:8f:c8:cc:99:83:53: 8e:89:fc:15:c5:4b:c1:89:f7:77:71:fe:c3:d2:1a: cd:c2:da:28:ee:3a:b9:fe:32:bf:af:72:68:5b:ca: 5f:77:ec:53:14:d0:75:b5:50:92:73:99:5b:9e:61: a3:71:ca:e9:af:33:3e:ad:a4:22:8d:42:4f:6f:f7: 5f:52:01:71:fa:07:06:e6:82:ea:2b:19:01:ca:82: 98:7c:70:70:09:c3:66:7a:4d:73:fe:e7:f6:74:78: f3:3e:ce:98:2e:8e:a1:47:f5:ad:91:28:51:da:fa: 2c:2d:eb:e6:69:25:a8:c2:74:1b:ea:53:58:03:43: 12:d5:d4:c6:3d:35:fa:c7:75:13:f9:84:46:17:3e: f6:a4:be:1c:e8:67:36:3e:96:0b:1f:79:4f:f6:b5: cc:13:d2:13:8b:2a:28:d4:3d:d9:35:6e:0f:bd:2c: bc:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:D0:0C:02:38:A3:F5:E2:EC:4E:8A:BE:8C:95:8C:0F:79:94:3B:97 X509v3 Authority Key Identifier: keyid:6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:ec:53:a6:74:d4:2c:2f:5c:4b:85:7d:b6:a5:f6:cd:ee:06: 61:a4:bb:64:c6:f7:fa:25:75:be:96:0a:d1:47:8f:78:5a:78: 5a:d6:f1:f2:c7:f9:97:2c:b9:39:38:e1:8a:4c:09:19:1c:a9: 09:ae:0c:6c:61:86:fd:e9:df:61:b0:c7:dd:6b:8a:71:ca:9f: 14:db:d0:10:cd:ea:89:74:01:e6:61:2a:c8:6b:06:5b:bd:5d: ca:85:ef:cb:39:dc:4d:73:35:b3:ed:4b:db:01:64:2c:aa:d7: c2:75:97:46:2f:13:aa:2a:22:47:b2:f2:9d:39:73:00:45:4b: 03:31:75:2a:7a:f8:d0:91:52:c9:d1:cf:76:ea:e1:82:02:21: 16:63:97:33:9c:68:3b:09:28:4b:c0:64:c4:69:ec:c2:e6:74: a2:6e:2d:b3:03:ad:fe:af:6a:07:68:b4:e9:5c:ee:be:a5:8c: a5:0d:54:20:c1:ab:20:1b:f6:23:33:4d:08:31:19:77:f8:f9: af:3e:1e:b0:68:1a:11:83:c7:c3:18:e2:1c:8e:db:8e:77:f9: da:41:d5:ad:e2:81:3a:21:64:90:60:3a:9c:77:cc:d4:d1:a0: 44:3a:5d:94:fe:0f:dd:b0:c8:1c:7e:eb:85:e6:3b:ab:d3:1a: d6:7b:0d:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCKqJd/8sEGUY20JLewdrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmNjQ4ZTNjYWI2MDliZDE0ODNjYTNlNTE5MTFjZWFhNTNm MGM2YTEwHhcNMjUxMjA2MDUwMDQ1WhcNMjUxMjA3MDUwMDQ1WjAzMTEwLwYDVQQD EygxZWQwMGMwMjM4YTNmNWUyZWM0ZThhYmU4Yzk1OGMwZjc5OTQzYjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7WoqQfHPeSVgJM4tZAXOMMZZna1 X6OuXM5Al+oRwhiZqPjwnWC9lh+MHoVhDeogH2HwYIde6rApYMVKlrcX7ZC3anQR s0nSyAx0LsrL25V19XyPyMyZg1OOifwVxUvBifd3cf7D0hrNwtoo7jq5/jK/r3Jo W8pfd+xTFNB1tVCSc5lbnmGjccrprzM+raQijUJPb/dfUgFx+gcG5oLqKxkByoKY fHBwCcNmek1z/uf2dHjzPs6YLo6hR/WtkShR2vosLevmaSWownQb6lNYA0MS1dTG PTX6x3UT+YRGFz72pL4c6Gc2PpYLH3lP9rXME9ITiyoo1D3ZNW4PvSy8jQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7QDAI4o/Xi7E6KvoyVjA95lDuXMB8GA1UdIwQY MBaAFG9kjjyrYJvRSDyj5RkRzqpT8MahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEt YTA2OWFmODU0YjA1LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEtYTA2OWFmODU0YjA1 LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD+xTpnTU LC9cS4V9tqX2ze4GYaS7ZMb3+iV1vpYK0UePeFp4Wtbx8sf5lyy5OTjhikwJGRyp Ca4MbGGG/enfYbDH3WuKccqfFNvQEM3qiXQB5mEqyGsGW71dyoXvyzncTXM1s+1L 2wFkLKrXwnWXRi8TqioiR7LynTlzAEVLAzF1Knr40JFSydHPdurhggIhFmOXM5xo OwkoS8BkxGnswuZ0om4tswOt/q9qB2i06VzuvqWMpQ1UIMGrIBv2IzNNCDEZd/j5 rz4esGgaEYPHwxjiHI7bjnf52kHVreKBOiFkkGA6nHfM1NGgRDpdlP4P3bDIHH7r heY7q9Ma1nsNWg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:40 2025 by rpki-client