This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.mft File: bcXjzvXaXn_fw2TF1aBALTpnhtw.mft (raw, json) Hash identifier: 2lPYfJh69nR2JGNBz+TiOigd3fCYwQAGjACPKXCEK6M= Subject key identifier: CD:4D:B7:15:4A:2A:F0:E8:8E:45:85:1D:9F:92:B0:13:79:FA:03:1E Authority key identifier: 6D:C5:E3:CE:F5:DA:5E:7F:DF:C3:64:C5:D5:A0:40:2D:3A:67:86:DC Certificate issuer: /CN=6dc5e3cef5da5e7fdfc364c5d5a0402d3a6786dc Certificate serial: 019AF0BF8D0238AEBF648082B9F669D2FF5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bcXjzvXaXn_fw2TF1aBALTpnhtw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.mft Manifest number: 0FFB Signing time: Fri 05 Dec 2025 23:01:16 +0000 Manifest this update: Fri 05 Dec 2025 23:01:16 +0000 Manifest next update: Sat 06 Dec 2025 23:01:16 +0000 Files and hashes: 1: DoUsi8lBp24xgpF7Cj5k0M8Xf1k.roa (hash: 8DoQ+UjZ0y3DouoJyhRBNdxsuMKM8IPBGox8SgTwz/M=) 2: bcXjzvXaXn_fw2TF1aBALTpnhtw.crl (hash: 9pj/vugXPQted7he+CWhxG0WZ6mIO8uoUSkL9AYNuSA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.crl rsync://rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.mft rsync://rpki.ripe.net/repository/DEFAULT/bcXjzvXaXn_fw2TF1aBALTpnhtw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:8d:02:38:ae:bf:64:80:82:b9:f6:69:d2:ff:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6dc5e3cef5da5e7fdfc364c5d5a0402d3a6786dc Validity Not Before: Dec 5 23:01:16 2025 GMT Not After : Dec 6 23:01:16 2025 GMT Subject: CN=cd4db7154a2af0e88e45851d9f92b01379fa031e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:67:53:dc:bc:09:5e:40:51:5d:b1:f3:93:44: f0:fd:41:52:65:a7:88:b6:65:e7:59:a6:de:97:34: 2a:16:9a:0e:10:56:2d:56:ec:7c:5c:74:84:bb:5d: 8a:8e:a6:96:0e:50:89:45:28:56:8a:3e:fe:a3:d8: b8:62:90:bc:0b:e6:6f:65:72:19:0a:b2:9b:10:9c: 30:15:56:8d:dc:d3:58:b1:8d:d2:8d:d2:4e:ea:04: 08:8b:19:59:a0:91:e7:1e:7c:b0:7f:79:76:b3:06: 1e:17:bf:a2:ad:9f:27:1a:60:c5:8b:2c:fb:01:21: 31:c7:d0:03:24:06:7f:c1:62:ca:de:15:05:3d:08: 75:45:df:5d:e7:a1:ed:80:a1:57:24:16:2a:7c:f1: 41:47:db:92:14:b8:58:d4:a6:f4:24:a5:59:3e:b2: 32:51:7c:cf:b3:fd:91:58:0a:a3:b0:a6:3a:a3:5f: 2e:01:ed:7e:bc:88:a3:96:de:69:7c:18:ce:5e:6a: 12:e4:a4:e6:6b:9b:5b:81:63:43:28:8f:f0:26:d0: a5:98:d7:b8:4f:0c:b6:c9:b9:5a:9d:de:ae:83:54: dc:b1:30:f6:f8:6d:95:e4:91:e1:3b:d4:dd:66:da: ef:92:47:99:e5:4a:31:e7:3f:eb:79:ec:c2:a8:0f: 19:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:4D:B7:15:4A:2A:F0:E8:8E:45:85:1D:9F:92:B0:13:79:FA:03:1E X509v3 Authority Key Identifier: keyid:6D:C5:E3:CE:F5:DA:5E:7F:DF:C3:64:C5:D5:A0:40:2D:3A:67:86:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bcXjzvXaXn_fw2TF1aBALTpnhtw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/cc77a6-2b0e-4cdd-8826-cdcc96607b9a/1/bcXjzvXaXn_fw2TF1aBALTpnhtw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:fa:b2:7f:e0:4a:e3:9a:f2:9f:1e:9f:5a:6b:1e:0a:b2:37: 74:bd:0c:16:ff:5a:75:99:ab:fc:e0:16:4a:d2:e3:88:6e:78: 69:d3:93:13:bf:f9:38:4b:9e:ab:21:22:7f:ed:55:45:c8:13: 5b:3c:0e:d3:ec:4d:52:0d:fe:ac:f3:dc:36:51:4d:4c:71:bf: 78:73:b0:e3:a0:6b:27:5d:a7:d4:72:09:97:f2:c7:70:74:e2: d5:44:75:c1:4f:f8:55:7a:90:b9:25:e0:1e:61:92:b4:f3:32: 0a:34:e6:3d:7c:27:17:76:84:d0:27:f9:48:50:ba:3e:57:6a: 34:6c:93:7f:4c:e5:89:f8:d3:a7:3b:d9:19:b7:e0:64:34:26: fb:4b:d3:dd:54:61:05:18:b9:6b:88:92:4b:cc:5d:8a:0f:d9: 0c:90:73:f3:6c:18:3c:4a:58:4d:0e:9d:35:ec:46:10:fb:0c: 8b:46:0a:1e:c7:ac:80:75:e1:87:a7:a5:96:ef:dd:c6:41:5d: 1b:f1:0b:41:68:b6:92:15:8f:da:20:60:b3:49:ff:6f:9d:eb: a4:61:c9:97:04:1b:23:3e:58:2d:4a:a4:08:5a:1e:a6:80:48: 7f:76:f6:65:6e:b6:05:b5:3d:a7:01:22:a9:54:1a:0f:17:f8: 51:81:ab:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv40COK6/ZICCufZp0v9bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkYzVlM2NlZjVkYTVlN2ZkZmMzNjRjNWQ1YTA0MDJkM2E2 Nzg2ZGMwHhcNMjUxMjA1MjMwMTE2WhcNMjUxMjA2MjMwMTE2WjAzMTEwLwYDVQQD EyhjZDRkYjcxNTRhMmFmMGU4OGU0NTg1MWQ5ZjkyYjAxMzc5ZmEwMzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22dT3LwJXkBRXbHzk0Tw/UFSZaeI tmXnWabelzQqFpoOEFYtVux8XHSEu12KjqaWDlCJRShWij7+o9i4YpC8C+ZvZXIZ CrKbEJwwFVaN3NNYsY3SjdJO6gQIixlZoJHnHnywf3l2swYeF7+irZ8nGmDFiyz7 ASExx9ADJAZ/wWLK3hUFPQh1Rd9d56HtgKFXJBYqfPFBR9uSFLhY1Kb0JKVZPrIy UXzPs/2RWAqjsKY6o18uAe1+vIijlt5pfBjOXmoS5KTma5tbgWNDKI/wJtClmNe4 Twy2ybland6ug1TcsTD2+G2V5JHhO9TdZtrvkkeZ5Uox5z/reezCqA8ZNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1NtxVKKvDojkWFHZ+SsBN5+gMeMB8GA1UdIwQY MBaAFG3F48712l5/38NkxdWgQC06Z4bcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmNYanp2WGFYbl9mdzJURjFhQkFMVHBuaHR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9jYzc3YTYtMmIwZS00Y2RkLTg4MjYt Y2RjYzk2NjA3YjlhLzEvYmNYanp2WGFYbl9mdzJURjFhQkFMVHBuaHR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9jYzc3YTYtMmIwZS00Y2RkLTg4MjYtY2RjYzk2NjA3Yjlh LzEvYmNYanp2WGFYbl9mdzJURjFhQkFMVHBuaHR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL/qyf+BK 45rynx6fWmseCrI3dL0MFv9adZmr/OAWStLjiG54adOTE7/5OEueqyEif+1VRcgT WzwO0+xNUg3+rPPcNlFNTHG/eHOw46BrJ12n1HIJl/LHcHTi1UR1wU/4VXqQuSXg HmGStPMyCjTmPXwnF3aE0Cf5SFC6PldqNGyTf0zlifjTpzvZGbfgZDQm+0vT3VRh BRi5a4iSS8xdig/ZDJBz82wYPEpYTQ6dNexGEPsMi0YKHsesgHXhh6ellu/dxkFd G/ELQWi2khWP2iBgs0n/b53rpGHJlwQbIz5YLUqkCFoepoBIf3b2ZW62BbU9pwEi qVQaDxf4UYGr1A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:45 2025 by rpki-client