This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json) Hash identifier: r7HU5Ys4LxLnnYOtYmMltq0EBo3LuK1IhmndZ3R7MxE= Subject key identifier: 49:C0:D0:91:C6:32:3E:22:1D:BD:BA:98:4A:01:A6:F5:ED:18:92:52 Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Certificate serial: 019AF3F7BB07A0815D42741F8BFF09B12C8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft Manifest number: 07A2 Signing time: Sat 06 Dec 2025 14:01:30 +0000 Manifest this update: Sat 06 Dec 2025 14:01:30 +0000 Manifest next update: Sun 07 Dec 2025 14:01:30 +0000 Files and hashes: 1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: d6P+ZRuvnUcCxCPtg9HA0E/Lv6+bTT461E6GI5tRNwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:bb:07:a0:81:5d:42:74:1f:8b:ff:09:b1:2c:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Validity Not Before: Dec 6 14:01:30 2025 GMT Not After : Dec 7 14:01:30 2025 GMT Subject: CN=49c0d091c6323e221dbdba984a01a6f5ed189252 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f0:74:c6:2a:e3:33:5b:4b:11:58:30:0b:2e: db:be:ab:91:8d:f9:71:ac:aa:30:1a:98:eb:34:c0: c9:2e:3b:81:de:31:35:c4:40:3f:29:7e:a9:5c:60: 23:4d:71:05:03:dd:f1:50:36:a4:e9:03:ed:bd:48: 26:78:50:2a:e2:05:b1:ae:98:c8:f0:ca:c3:cd:d7: 28:b9:f3:3f:de:21:11:b5:bb:36:69:7d:ce:8e:0c: 2f:47:45:1e:68:33:81:6b:17:6d:c8:1f:99:dc:f1: 85:9e:2b:fd:9c:0c:7e:27:fd:34:f9:bc:f6:c1:b8: 35:56:c0:0b:6e:2e:8c:2a:4e:3d:84:ef:8d:c9:13: 5c:2a:d0:34:69:12:af:d1:7b:f8:76:d6:83:62:40: 80:59:3e:a9:a8:c8:2f:82:03:82:11:d2:f3:6b:5d: 91:aa:35:c4:70:ef:85:8e:00:e4:9b:8b:c2:ad:e2: 16:2d:91:3e:db:ca:f1:c0:04:72:fc:34:73:fa:b5: da:cf:5a:02:7f:a6:e9:76:fd:71:19:07:fa:66:c8: 8b:7a:53:2b:1b:3b:c5:14:aa:47:6a:63:19:99:dc: af:50:7e:66:7d:d0:54:cb:ad:42:02:65:66:4d:9b: 85:dd:70:6c:0d:2e:1f:80:70:e6:fa:4a:b0:61:a3: 38:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:C0:D0:91:C6:32:3E:22:1D:BD:BA:98:4A:01:A6:F5:ED:18:92:52 X509v3 Authority Key Identifier: keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:5c:37:61:6d:a3:19:73:1f:1d:7c:15:a7:33:46:ed:e3:75: 96:95:5e:e9:6c:11:86:4a:6b:6f:cb:12:76:7a:9c:4f:bc:4d: a4:63:b2:3c:75:5a:32:32:fb:c9:2e:e1:a6:dc:a9:6a:e2:9d: 73:7f:be:bd:58:9a:14:0d:90:05:6a:a5:d0:cb:31:98:f2:6d: c8:3e:e5:5c:80:38:4a:99:5c:fb:47:a4:9f:0b:0b:82:e5:54: 71:3f:74:09:26:69:35:b4:91:6e:44:58:00:50:63:a0:4d:ef: ca:a6:17:7a:6a:b4:aa:40:77:6f:0d:c4:d7:ed:58:49:2b:f9: a5:a5:ab:72:50:ea:46:41:a8:7f:d7:36:26:a2:9b:79:5a:33: 02:be:e7:41:fa:77:3c:ad:08:18:82:aa:98:dc:a2:fc:f5:1a: f6:cf:fa:ca:2c:74:9a:96:b1:8b:bb:67:b8:22:69:98:38:c1: 2f:cb:35:b1:83:8c:07:dc:81:49:18:50:9c:62:1c:23:96:81: 0d:66:c5:77:4e:ba:3f:ba:1e:d4:73:e8:83:c8:c6:8d:e3:79: a6:2f:d3:88:f2:40:3b:dc:1c:0e:1c:11:1f:32:96:f1:c8:d1: 10:8a:07:9c:05:39:f4:6a:83:e2:bf:0e:67:d6:00:f4:0f:f5: d2:3e:33:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz97sHoIFdQnQfi/8JsSyOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5 MDUxOGYwHhcNMjUxMjA2MTQwMTMwWhcNMjUxMjA3MTQwMTMwWjAzMTEwLwYDVQQD Eyg0OWMwZDA5MWM2MzIzZTIyMWRiZGJhOTg0YTAxYTZmNWVkMTg5MjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvB0xirjM1tLEVgwCy7bvquRjflx rKowGpjrNMDJLjuB3jE1xEA/KX6pXGAjTXEFA93xUDak6QPtvUgmeFAq4gWxrpjI 8MrDzdcoufM/3iERtbs2aX3OjgwvR0UeaDOBaxdtyB+Z3PGFniv9nAx+J/00+bz2 wbg1VsALbi6MKk49hO+NyRNcKtA0aRKv0Xv4dtaDYkCAWT6pqMgvggOCEdLza12R qjXEcO+FjgDkm4vCreIWLZE+28rxwARy/DRz+rXaz1oCf6bpdv1xGQf6ZsiLelMr GzvFFKpHamMZmdyvUH5mfdBUy61CAmVmTZuF3XBsDS4fgHDm+kqwYaM4kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEnA0JHGMj4iHb26mEoBpvXtGJJSMB8GA1UdIwQY MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF1w3YW2j GXMfHXwVpzNG7eN1lpVe6WwRhkprb8sSdnqcT7xNpGOyPHVaMjL7yS7hptypauKd c3++vViaFA2QBWql0MsxmPJtyD7lXIA4Splc+0eknwsLguVUcT90CSZpNbSRbkRY AFBjoE3vyqYXemq0qkB3bw3E1+1YSSv5paWrclDqRkGof9c2JqKbeVozAr7nQfp3 PK0IGIKqmNyi/PUa9s/6yix0mpaxi7tnuCJpmDjBL8s1sYOMB9yBSRhQnGIcI5aB DWbFd066P7oe1HPog8jGjeN5pi/TiPJAO9wcDhwRHzKW8cjREIoHnAU59GqD4r8O Z9YA9A/10j4zrg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:15:04 2025 by rpki-client