This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft File: bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json) Hash identifier: /dIzdBzxT1ZcQnOzHIediOvbiU70QkLByZvjAkKgGpw= Subject key identifier: 48:9E:E4:D2:1E:7A:17:AA:40:8C:F8:83:A3:C1:3F:34:FF:93:34:DF Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 Certificate issuer: /CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Certificate serial: 019B3268B6B04E15B8669E841005BE34C4B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft Manifest number: 0497 Signing time: Thu 18 Dec 2025 17:01:21 +0000 Manifest this update: Thu 18 Dec 2025 17:01:21 +0000 Manifest next update: Fri 19 Dec 2025 17:01:21 +0000 Files and hashes: 1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: NFZqrlwCmtXR35kz7EqBZ86Yqi+QZQCB99LYNyKQtgE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:b6:b0:4e:15:b8:66:9e:84:10:05:be:34:c4:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0 Validity Not Before: Dec 18 17:01:21 2025 GMT Not After : Dec 19 17:01:21 2025 GMT Subject: CN=489ee4d21e7a17aa408cf883a3c13f34ff9334df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a6:13:d1:3b:9a:4d:a0:6d:81:c7:89:96:e2: d6:8c:be:cd:ff:68:03:01:d7:0e:0a:8b:d0:d5:48: 8f:61:af:7f:8b:33:a6:df:8e:78:24:cb:6c:3f:4d: e4:03:6a:f7:44:c5:c7:51:27:0d:80:5a:cf:8b:5e: 3a:d6:ea:42:89:0e:4b:92:90:a1:61:84:54:9d:37: a4:83:89:b8:8c:24:96:7a:10:26:94:e1:f9:50:de: 63:8b:3d:bf:61:df:d3:50:d6:28:1a:d2:20:da:78: 91:ce:75:a3:0c:91:36:b5:8b:ed:bd:25:ee:7b:4a: e8:f0:14:46:a0:05:70:86:cf:a7:1b:40:e1:48:62: ee:58:d4:a0:8a:af:53:11:56:2b:da:55:6e:ba:a9: 87:9c:4b:d8:17:81:bf:f9:f7:c1:f9:ee:ae:88:c9: 02:43:5a:a0:bf:1c:ba:ee:2f:6c:b9:ed:66:62:f5: 8f:dc:1e:88:0f:49:bc:bf:4c:a3:a3:08:c3:09:af: 41:45:b8:31:4c:8d:7e:f0:72:fb:ee:bd:29:c3:f5: 9e:3b:11:55:0f:f7:81:4b:55:6e:e5:51:22:76:0f: ee:db:52:1a:2c:61:f3:08:1f:e5:0b:58:cb:72:f8: d0:44:8a:29:a9:82:eb:65:f8:97:6f:63:8d:ba:d5: bb:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:9E:E4:D2:1E:7A:17:AA:40:8C:F8:83:A3:C1:3F:34:FF:93:34:DF X509v3 Authority Key Identifier: keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:d4:d3:b6:ad:57:09:f9:35:3e:b1:a9:ed:97:b3:d6:f5:7f: 98:2f:6c:d2:2d:2f:9c:0e:0f:a5:34:fe:ba:15:2e:dc:20:b5: f3:6a:28:1d:46:69:0d:72:b9:9e:c1:43:82:7b:06:df:8c:c4: 08:72:ba:d4:c8:33:03:4f:2f:5b:35:ae:bd:76:a8:22:d7:f7: a6:6a:aa:27:9a:58:97:e0:6b:d2:0f:59:f0:6b:b2:9d:0b:36: fa:73:28:06:12:c7:73:b0:82:bc:eb:f5:45:4b:c6:d9:c9:81: 9e:4e:33:bf:13:36:9a:96:f7:06:6f:9e:a8:0e:c6:64:7c:99: fe:b5:b2:cf:07:15:0b:d7:76:11:32:81:d4:cb:24:21:f6:3f: 05:7b:b5:42:be:9a:6b:1c:5a:54:74:bd:50:20:36:23:c9:ef: ac:fb:53:f2:91:3a:59:d8:ae:3e:17:7e:40:9d:a5:13:87:8e: 1d:92:35:7e:df:f8:37:4d:b7:2a:2a:45:77:7c:0e:d0:2c:b4: 37:21:9b:d1:be:d8:77:86:bc:53:c3:9c:60:c2:a7:13:c3:d8: d5:ff:09:b9:39:77:f0:a1:a5:4c:10:d8:e4:0f:7d:7d:44:88: 6d:72:8a:52:b5:8e:81:2d:50:87:82:e5:eb:cb:98:9c:13:30: be:0c:65:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaLawThW4Zp6EEAW+NMSyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk NjY4YTAwHhcNMjUxMjE4MTcwMTIxWhcNMjUxMjE5MTcwMTIxWjAzMTEwLwYDVQQD Eyg0ODllZTRkMjFlN2ExN2FhNDA4Y2Y4ODNhM2MxM2YzNGZmOTMzNGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6YT0TuaTaBtgceJluLWjL7N/2gD AdcOCovQ1UiPYa9/izOm3454JMtsP03kA2r3RMXHUScNgFrPi1461upCiQ5LkpCh YYRUnTekg4m4jCSWehAmlOH5UN5jiz2/Yd/TUNYoGtIg2niRznWjDJE2tYvtvSXu e0ro8BRGoAVwhs+nG0DhSGLuWNSgiq9TEVYr2lVuuqmHnEvYF4G/+ffB+e6uiMkC Q1qgvxy67i9sue1mYvWP3B6ID0m8v0yjowjDCa9BRbgxTI1+8HL77r0pw/WeOxFV D/eBS1Vu5VEidg/u21IaLGHzCB/lC1jLcvjQRIopqYLrZfiXb2ONutW73wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEie5NIeeheqQIz4g6PBPzT/kzTfMB8GA1UdIwQY MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhdTTtq1X Cfk1PrGp7Zez1vV/mC9s0i0vnA4PpTT+uhUu3CC182ooHUZpDXK5nsFDgnsG34zE CHK61MgzA08vWzWuvXaoItf3pmqqJ5pYl+Br0g9Z8GuynQs2+nMoBhLHc7CCvOv1 RUvG2cmBnk4zvxM2mpb3Bm+eqA7GZHyZ/rWyzwcVC9d2ETKB1MskIfY/BXu1Qr6a axxaVHS9UCA2I8nvrPtT8pE6WdiuPhd+QJ2lE4eOHZI1ft/4N023KipFd3wO0Cy0 NyGb0b7Yd4a8U8OcYMKnE8PY1f8JuTl38KGlTBDY5A99fUSIbXKKUrWOgS1Qh4Ll 68uYnBMwvgxlgQ== -----END CERTIFICATE-----Generated at Fri Dec 19 01:24:33 2025 by rpki-client