This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft File: bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json) Hash identifier: FqRe0wjnkpgiNAreeK6y6/VImOuRfOo6aDc9+NdTaJQ= Subject key identifier: 88:2C:13:3D:85:72:6E:7E:C8:0C:BF:78:3D:74:40:99:54:70:2F:65 Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C Certificate issuer: /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c Certificate serial: 019B4438A6D158DA704837854577C135E844 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft Manifest number: 05AB Signing time: Mon 22 Dec 2025 04:02:01 +0000 Manifest this update: Mon 22 Dec 2025 04:02:01 +0000 Manifest next update: Tue 23 Dec 2025 04:02:01 +0000 Files and hashes: 1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: 31t+1K96J/7L+qLqOk3RjpFY6QEc95X7kVNLbGsJt60=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:a6:d1:58:da:70:48:37:85:45:77:c1:35:e8:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c Validity Not Before: Dec 22 04:02:01 2025 GMT Not After : Dec 23 04:02:01 2025 GMT Subject: CN=882c133d85726e7ec80cbf783d74409954702f65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:ef:91:36:8d:f2:03:4a:c8:5a:05:42:a6:16: 1c:9f:42:4b:b4:af:4d:ce:a9:6d:e9:39:e5:73:6c: f2:be:46:66:86:de:ae:17:98:bc:f6:80:97:87:ce: 4a:0c:0b:df:a2:bb:6b:50:bd:dc:af:24:4a:2b:78: 14:b4:9d:c8:85:bc:20:d6:75:4c:62:80:45:ff:25: 14:03:af:c9:61:5a:cf:f1:69:2a:dd:05:46:b8:93: b9:8c:c7:7b:f8:ca:0c:51:f0:22:58:0b:7c:c5:b9: 67:2c:74:47:a1:c9:c9:09:11:be:19:07:47:e8:e8: 8b:95:6d:4c:e6:a1:0b:e5:79:bf:87:7e:f7:0d:c6: dd:ca:da:e6:3b:9b:7b:73:cf:94:c8:f8:64:8c:50: 77:1a:2f:1f:a7:aa:fc:0f:ea:9d:1e:64:12:73:42: 55:5b:e6:f2:a2:4c:d4:79:85:15:c6:1b:8e:f2:12: 80:50:44:d4:74:aa:02:d0:08:1d:ff:72:c1:bf:f1: 64:23:78:f0:89:fa:75:e7:31:0f:15:80:2f:f5:08: 96:df:a7:0d:e4:5c:bf:c8:07:39:a9:8a:c6:84:fc: c0:bd:94:05:d6:dd:53:d0:3b:0e:31:7c:ea:fe:b7: 04:1c:08:76:2b:4a:cd:36:99:dd:cc:a5:8b:3d:d5: 08:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:2C:13:3D:85:72:6E:7E:C8:0C:BF:78:3D:74:40:99:54:70:2F:65 X509v3 Authority Key Identifier: keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d8:8b:4f:47:49:0a:4d:3a:e5:dc:99:a4:38:15:03:75:12:40: 0e:3f:23:15:74:06:5a:ae:0b:eb:af:9b:84:13:99:16:d2:c0: 9b:cb:7b:76:53:a7:f6:ca:35:e4:d7:e3:ef:ce:0d:16:e6:7f: ba:50:0a:de:78:16:36:8d:74:8e:7f:89:dd:3c:f6:9d:be:70: c1:46:e4:1c:89:04:90:c7:20:e6:46:bc:6b:11:60:da:c5:89: e5:45:53:6d:de:af:d8:4e:73:a5:63:7d:31:d3:bd:20:2b:33: 09:ee:fa:4a:2f:8a:d1:2e:56:e9:22:f3:44:bf:16:26:8d:50: 1e:c8:1c:7b:96:26:bc:bf:5e:34:12:f7:f8:93:90:d0:99:5f: de:91:c1:62:a9:ca:e9:f6:e2:82:75:cd:97:33:0a:40:5f:2e: 9f:5b:70:47:66:89:f2:22:99:48:d5:85:41:0d:39:56:b1:58: cf:7d:3f:c2:23:13:7d:b0:5f:dc:5c:e6:19:41:61:c1:ec:26: 50:68:2b:9c:9d:79:e8:fb:7f:9b:85:24:38:f0:dd:f8:a9:96: d5:20:06:f3:4b:36:d4:b3:fe:7d:d2:c5:b7:d4:bc:c1:12:22: b7:7a:7e:ba:4a:39:d9:8b:13:ac:cb:36:70:c3:1f:00:7f:02: ed:9a:12:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOKbRWNpwSDeFRXfBNehEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0 MmRmMWMwHhcNMjUxMjIyMDQwMjAxWhcNMjUxMjIzMDQwMjAxWjAzMTEwLwYDVQQD Eyg4ODJjMTMzZDg1NzI2ZTdlYzgwY2JmNzgzZDc0NDA5OTU0NzAyZjY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO+RNo3yA0rIWgVCphYcn0JLtK9N zqlt6Tnlc2zyvkZmht6uF5i89oCXh85KDAvfortrUL3cryRKK3gUtJ3Ihbwg1nVM YoBF/yUUA6/JYVrP8Wkq3QVGuJO5jMd7+MoMUfAiWAt8xblnLHRHocnJCRG+GQdH 6OiLlW1M5qEL5Xm/h373DcbdytrmO5t7c8+UyPhkjFB3Gi8fp6r8D+qdHmQSc0JV W+byokzUeYUVxhuO8hKAUETUdKoC0Agd/3LBv/FkI3jwifp15zEPFYAv9QiW36cN 5Fy/yAc5qYrGhPzAvZQF1t1T0DsOMXzq/rcEHAh2K0rNNpndzKWLPdUIHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIgsEz2Fcm5+yAy/eD10QJlUcC9lMB8GA1UdIwQY MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0 LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2ItPR0kK TTrl3JmkOBUDdRJADj8jFXQGWq4L66+bhBOZFtLAm8t7dlOn9so15Nfj784NFuZ/ ulAK3ngWNo10jn+J3Tz2nb5wwUbkHIkEkMcg5ka8axFg2sWJ5UVTbd6v2E5zpWN9 MdO9ICszCe76Si+K0S5W6SLzRL8WJo1QHsgce5YmvL9eNBL3+JOQ0Jlf3pHBYqnK 6fbignXNlzMKQF8un1twR2aJ8iKZSNWFQQ05VrFYz30/wiMTfbBf3FzmGUFhwewm UGgrnJ156Pt/m4UkOPDd+KmW1SAG80s21LP+fdLFt9S8wRIit3p+uko52YsTrMs2 cMMfAH8C7ZoSLQ== -----END CERTIFICATE-----Generated at Mon Dec 22 11:08:42 2025 by rpki-client