This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft File: bJSdK9ZO4X711H-WPj1depgrEq8.mft (raw, json) Hash identifier: dgL0VBdMpGGrMQxrU1EV9u5wq7ygsWWwe0wkH1VcP84= Subject key identifier: 0D:03:18:5A:0F:6D:C4:B5:8C:53:98:60:A0:38:5F:D4:26:86:F3:BD Authority key identifier: 6C:94:9D:2B:D6:4E:E1:7E:F5:D4:7F:96:3E:3D:5D:7A:98:2B:12:AF Certificate issuer: /CN=6c949d2bd64ee17ef5d47f963e3d5d7a982b12af Certificate serial: 019B3EDAF52DA7D2B1CE647AFC0D90EA44CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft Manifest number: 0BF5 Signing time: Sun 21 Dec 2025 03:01:35 +0000 Manifest this update: Sun 21 Dec 2025 03:01:35 +0000 Manifest next update: Mon 22 Dec 2025 03:01:35 +0000 Files and hashes: 1: OyVcB1brzSxuoeEjBo4fT0W9OFc.roa (hash: sut6tQHQTuBMJAc0/1shERZEk1RWFKSSDeDy5cd5Klo=) 2: bJSdK9ZO4X711H-WPj1depgrEq8.crl (hash: h0y9B5Pctek302Yye7OpSJBNIlV88JipZ4iCBe/SeWU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.crl rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 03:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:f5:2d:a7:d2:b1:ce:64:7a:fc:0d:90:ea:44:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c949d2bd64ee17ef5d47f963e3d5d7a982b12af Validity Not Before: Dec 21 03:01:35 2025 GMT Not After : Dec 22 03:01:35 2025 GMT Subject: CN=0d03185a0f6dc4b58c539860a0385fd42686f3bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:64:ce:ae:6b:dc:3d:49:41:5b:e4:ef:29:f0: b6:f3:b9:ac:c6:35:b7:57:a7:93:c2:91:bf:a2:b2: a0:f2:e2:fb:25:1e:a6:07:c8:36:2a:42:24:da:93: c7:b4:72:2f:b6:44:45:69:63:62:37:eb:5a:8f:c8: 5f:a1:fd:c0:3b:ff:d8:ec:2b:91:a2:18:65:69:21: 75:e5:cd:d5:4f:78:7e:0a:30:73:da:d6:17:0d:a1: 05:2d:9c:15:24:21:83:cb:65:92:9a:40:2a:97:56: 94:d2:47:a4:f9:23:5e:53:e9:cc:b9:32:70:6d:47: 08:b4:e3:0d:b4:d7:af:db:4a:47:ad:a7:15:b5:a0: 6c:91:4d:49:28:5c:dc:0c:04:37:ce:c6:05:9c:b6: 9b:6e:fd:9b:83:1e:35:32:e2:6a:9e:ae:f5:70:eb: 99:31:6e:90:46:7f:f8:97:63:9c:23:78:b1:7f:10: ff:8e:03:66:94:e6:ab:4d:62:80:55:b7:96:3b:5c: 95:e0:2c:7d:0c:11:1e:77:cf:42:46:f9:53:d7:ee: 17:91:52:d2:e9:c7:52:5b:dd:80:ca:31:d4:50:c6: 26:31:e9:c5:d0:cb:08:f7:10:3a:07:06:49:c7:37: 90:ad:d5:1b:86:a9:b4:ee:37:01:4f:bd:76:29:e4: 31:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:03:18:5A:0F:6D:C4:B5:8C:53:98:60:A0:38:5F:D4:26:86:F3:BD X509v3 Authority Key Identifier: keyid:6C:94:9D:2B:D6:4E:E1:7E:F5:D4:7F:96:3E:3D:5D:7A:98:2B:12:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:8d:66:62:c6:ba:19:a2:ab:07:b7:e9:36:c9:6d:23:30:c9: 61:16:08:35:53:25:c0:bd:72:ec:6d:5e:ab:ef:53:29:96:53: 29:00:70:7d:32:6b:4a:c3:d5:89:a5:48:78:c8:3d:7c:48:69: 0a:2a:80:99:77:a6:2f:b1:dd:d1:4e:6a:af:99:62:38:65:d2: a2:87:da:92:df:cf:bd:20:d2:6b:84:12:09:45:f5:d9:ab:8f: 4e:6a:5e:f4:38:ca:98:8f:b7:76:26:67:16:a3:19:31:4c:9b: 5e:70:92:86:c5:44:62:43:4f:da:5f:d9:e4:bf:44:97:e6:88: 58:56:03:ae:50:77:7b:00:96:9d:f8:29:8d:7c:39:97:96:7e: 1a:16:7d:37:4d:54:9e:dd:05:4a:f9:47:76:42:05:9b:7c:07: 99:aa:b1:02:58:32:d3:ae:8e:67:18:cb:f6:ba:c4:39:af:c2: 1d:4e:0a:a8:b6:64:b8:55:29:f4:ab:b4:aa:bb:29:29:b7:c5: f3:b1:ec:75:2a:47:8a:4e:86:8c:58:f0:1a:53:23:ef:45:ae: 19:4a:b4:a1:7b:0e:fb:0c:4c:c0:19:b1:03:eb:3b:0b:ca:b1: c0:a3:16:6e:09:81:5b:f8:f2:65:7a:79:ef:6e:2f:f3:4e:bf: bb:18:86:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2vUtp9KxzmR6/A2Q6kTLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjOTQ5ZDJiZDY0ZWUxN2VmNWQ0N2Y5NjNlM2Q1ZDdhOTgy YjEyYWYwHhcNMjUxMjIxMDMwMTM1WhcNMjUxMjIyMDMwMTM1WjAzMTEwLwYDVQQD EygwZDAzMTg1YTBmNmRjNGI1OGM1Mzk4NjBhMDM4NWZkNDI2ODZmM2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02TOrmvcPUlBW+TvKfC287msxjW3 V6eTwpG/orKg8uL7JR6mB8g2KkIk2pPHtHIvtkRFaWNiN+taj8hfof3AO//Y7CuR ohhlaSF15c3VT3h+CjBz2tYXDaEFLZwVJCGDy2WSmkAql1aU0kek+SNeU+nMuTJw bUcItOMNtNev20pHracVtaBskU1JKFzcDAQ3zsYFnLabbv2bgx41MuJqnq71cOuZ MW6QRn/4l2OcI3ixfxD/jgNmlOarTWKAVbeWO1yV4Cx9DBEed89CRvlT1+4XkVLS 6cdSW92AyjHUUMYmMenF0MsI9xA6BwZJxzeQrdUbhqm07jcBT712KeQxPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0DGFoPbcS1jFOYYKA4X9QmhvO9MB8GA1UdIwQY MBaAFGyUnSvWTuF+9dR/lj49XXqYKxKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mODY1MWItYzEyYi00MmQ0LWFmZGEt MjMyZjQ3MDM0OTFmLzEvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9mODY1MWItYzEyYi00MmQ0LWFmZGEtMjMyZjQ3MDM0OTFm LzEvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALI1mYsa6 GaKrB7fpNsltIzDJYRYINVMlwL1y7G1eq+9TKZZTKQBwfTJrSsPViaVIeMg9fEhp CiqAmXemL7Hd0U5qr5liOGXSoofakt/PvSDSa4QSCUX12auPTmpe9DjKmI+3diZn FqMZMUybXnCShsVEYkNP2l/Z5L9El+aIWFYDrlB3ewCWnfgpjXw5l5Z+GhZ9N01U nt0FSvlHdkIFm3wHmaqxAlgy066OZxjL9rrEOa/CHU4KqLZkuFUp9Ku0qrspKbfF 87HsdSpHik6GjFjwGlMj70WuGUq0oXsO+wxMwBmxA+s7C8qxwKMWbgmBW/jyZXp5 724v806/uxiGiA== -----END CERTIFICATE-----Generated at Sun Dec 21 12:04:09 2025 by rpki-client