This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.mft File: bOrnoCiJYKda-M6A54iFQ8f3fNc.mft (raw, json) Hash identifier: ic/ns3ooYvoovzhwvd0DCspGvSsgnXrrnM17CqFoPq8= Subject key identifier: AE:E4:6D:FD:E0:78:27:85:17:8D:C3:63:CA:AB:BD:C1:F1:76:99:8A Authority key identifier: 6C:EA:E7:A0:28:89:60:A7:5A:F8:CE:80:E7:88:85:43:C7:F7:7C:D7 Certificate issuer: /CN=6ceae7a0288960a75af8ce80e7888543c7f77cd7 Certificate serial: 019B424976C54B4E9188B5E44B87B293992E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOrnoCiJYKda-M6A54iFQ8f3fNc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.mft Manifest number: 1499 Signing time: Sun 21 Dec 2025 19:01:09 +0000 Manifest this update: Sun 21 Dec 2025 19:01:09 +0000 Manifest next update: Mon 22 Dec 2025 19:01:09 +0000 Files and hashes: 1: 6Zx8tvFW-otCSIx-0XXwdAcWAvY.roa (hash: vXtudZUUi1vh+dqd99m5Me5cUdKc0jshPf9ev6mVJpw=) 2: bOrnoCiJYKda-M6A54iFQ8f3fNc.crl (hash: jvTtk0oB/FBvy2wHL68R/6HSMdB8StVNKels5EZppKI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.crl rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.mft rsync://rpki.ripe.net/repository/DEFAULT/bOrnoCiJYKda-M6A54iFQ8f3fNc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:76:c5:4b:4e:91:88:b5:e4:4b:87:b2:93:99:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ceae7a0288960a75af8ce80e7888543c7f77cd7 Validity Not Before: Dec 21 19:01:09 2025 GMT Not After : Dec 22 19:01:09 2025 GMT Subject: CN=aee46dfde0782785178dc363caabbdc1f176998a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:26:86:76:c0:f5:b9:a9:c5:05:a9:ce:80:35: 4c:36:2b:11:98:88:86:ac:a1:06:6e:73:36:65:2d: 40:24:38:57:9d:ac:bf:9b:03:66:4a:46:a4:2e:99: e1:d4:ee:bd:1e:e5:84:7a:55:90:46:c2:1d:8c:85: 31:32:96:4a:35:0c:7f:45:71:a5:f6:30:6c:87:cc: a0:a3:b8:cb:64:e7:85:06:d1:ca:0b:58:d2:b6:01: a6:4b:31:63:1e:c0:3c:f9:45:a3:39:31:d3:ea:db: 22:bf:49:2d:ac:98:be:d3:d2:f7:b3:51:2d:b2:e4: 44:a1:09:90:f6:4c:44:1b:97:bc:6f:47:dd:c7:49: d9:5e:6b:5b:61:0e:ee:2a:af:6f:6b:a8:2c:e1:c6: 48:34:5b:6d:b1:29:f0:dd:5b:76:3f:aa:64:5a:33: c9:11:23:07:31:d4:6e:1d:21:d6:eb:ae:3e:82:96: 01:63:57:5b:ea:b5:32:fc:a2:ec:6f:89:c6:c8:d6: 1f:8e:44:1d:d0:29:e9:63:70:f2:09:8c:6c:c1:bb: 70:62:49:b1:cb:50:02:6c:cb:8a:71:5a:88:49:7e: 75:cf:2b:23:d2:d2:bb:01:8f:d8:3d:99:76:42:72: c9:49:fc:c8:9b:cc:ad:ca:28:9a:22:91:86:f3:02: 4a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:E4:6D:FD:E0:78:27:85:17:8D:C3:63:CA:AB:BD:C1:F1:76:99:8A X509v3 Authority Key Identifier: keyid:6C:EA:E7:A0:28:89:60:A7:5A:F8:CE:80:E7:88:85:43:C7:F7:7C:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOrnoCiJYKda-M6A54iFQ8f3fNc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:b9:d6:45:af:e7:4f:52:ab:2f:32:06:8b:1c:77:05:de:a8: b2:78:e3:6b:48:07:b0:73:e2:8b:d6:35:e1:eb:10:5f:2e:26: 2b:79:df:36:c5:9b:78:a1:c1:a9:9a:78:ef:45:d0:a8:20:79: 94:61:cc:48:0a:8d:8e:f2:ee:95:f8:92:0b:aa:de:09:6f:a5: 2f:c8:79:6c:8b:41:22:0f:d3:8f:e5:31:12:9c:36:de:02:41: aa:00:d1:a8:75:d1:61:0b:2e:db:c7:e3:a8:10:2c:dc:3a:5b: b2:f9:07:e5:06:a5:67:d2:09:76:1a:be:19:81:84:48:62:c0: 96:08:9d:1e:11:80:2e:c7:b9:11:20:13:e4:35:27:ff:7c:8b: 85:9f:4b:c4:ad:bc:7d:df:5f:78:99:be:d6:73:b0:28:b3:c8: 29:94:71:70:ea:3b:f3:a7:ce:6f:b8:d2:b4:11:82:8d:85:76: 65:0b:dc:54:4e:3d:71:40:d7:3e:77:1a:1c:17:f9:08:db:9d: 8e:b4:6b:31:65:2d:f4:88:2d:75:97:34:96:6e:41:2a:60:2f: 64:1a:93:bc:63:4f:49:5f:e4:5f:38:52:7a:85:2c:3b:a7:95: 55:16:ea:9b:c3:04:16:57:a6:bd:75:74:39:9e:27:69:81:72: a6:81:67:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSXbFS06RiLXkS4eyk5kuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZWFlN2EwMjg4OTYwYTc1YWY4Y2U4MGU3ODg4NTQzYzdm NzdjZDcwHhcNMjUxMjIxMTkwMTA5WhcNMjUxMjIyMTkwMTA5WjAzMTEwLwYDVQQD EyhhZWU0NmRmZGUwNzgyNzg1MTc4ZGMzNjNjYWFiYmRjMWYxNzY5OThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiaGdsD1uanFBanOgDVMNisRmIiG rKEGbnM2ZS1AJDhXnay/mwNmSkakLpnh1O69HuWEelWQRsIdjIUxMpZKNQx/RXGl 9jBsh8ygo7jLZOeFBtHKC1jStgGmSzFjHsA8+UWjOTHT6tsiv0ktrJi+09L3s1Et suREoQmQ9kxEG5e8b0fdx0nZXmtbYQ7uKq9va6gs4cZINFttsSnw3Vt2P6pkWjPJ ESMHMdRuHSHW664+gpYBY1db6rUy/KLsb4nGyNYfjkQd0CnpY3DyCYxswbtwYkmx y1ACbMuKcVqISX51zysj0tK7AY/YPZl2QnLJSfzIm8ytyiiaIpGG8wJKEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK7kbf3geCeFF43DY8qrvcHxdpmKMB8GA1UdIwQY MBaAFGzq56AoiWCnWvjOgOeIhUPH93zXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk9ybm9DaUpZS2RhLU02QTU0aUZROGYzZk5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MDhmNzYtNTZlZi00MzNmLTllYWMt NGE0YTNiMDQwOGE2LzEvYk9ybm9DaUpZS2RhLU02QTU0aUZROGYzZk5jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS83MDhmNzYtNTZlZi00MzNmLTllYWMtNGE0YTNiMDQwOGE2 LzEvYk9ybm9DaUpZS2RhLU02QTU0aUZROGYzZk5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLnWRa/n T1KrLzIGixx3Bd6osnjja0gHsHPii9Y14esQXy4mK3nfNsWbeKHBqZp470XQqCB5 lGHMSAqNjvLulfiSC6reCW+lL8h5bItBIg/Tj+UxEpw23gJBqgDRqHXRYQsu28fj qBAs3DpbsvkH5QalZ9IJdhq+GYGESGLAlgidHhGALse5ESAT5DUn/3yLhZ9LxK28 fd9feJm+1nOwKLPIKZRxcOo786fOb7jStBGCjYV2ZQvcVE49cUDXPncaHBf5CNud jrRrMWUt9IgtdZc0lm5BKmAvZBqTvGNPSV/kXzhSeoUsO6eVVRbqm8MEFlemvXV0 OZ4naYFypoFnbw== -----END CERTIFICATE-----Generated at Mon Dec 22 00:47:53 2025 by rpki-client