This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft File: bs1crU0zBsT3LEKvwG5c0fuv46M.mft (raw, json) Hash identifier: swFUfI6m5nr1wFo0aUEglkAshqq7H2pbI5VLFwnj1rI= Subject key identifier: AC:20:A3:AA:F8:4F:78:33:BC:C1:86:CA:5B:D6:3F:89:19:8F:11:AF Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3 Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3 Certificate serial: 019B6A69464B7A8A1E7DB41860CE161B9D0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft Manifest number: 17A4 Signing time: Mon 29 Dec 2025 14:00:42 +0000 Manifest this update: Mon 29 Dec 2025 14:00:42 +0000 Manifest next update: Tue 30 Dec 2025 14:00:42 +0000 Files and hashes: 1: IVWLNAUIsWDuNfRfR17vH-v5XfI.roa (hash: OmbLmtXQG4MyTcSNnTCa+QZsFqNmOgdwU2G3Jors4PA=) 2: bs1crU0zBsT3LEKvwG5c0fuv46M.crl (hash: q8MSb6nzAV6HvycOyUk0/vFmxoqj3N4EUqhkahS6Nxo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 14:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:69:46:4b:7a:8a:1e:7d:b4:18:60:ce:16:1b:9d:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3 Validity Not Before: Dec 29 14:00:42 2025 GMT Not After : Dec 30 14:00:42 2025 GMT Subject: CN=ac20a3aaf84f7833bcc186ca5bd63f89198f11af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a0:95:d7:6f:53:64:8a:53:ff:99:5d:1a:72: 8c:ee:99:5a:a2:9f:ab:a0:cb:d5:9a:54:82:6d:54: 35:ed:ab:cb:fc:23:3c:f0:d3:c4:39:09:ea:42:80: 77:4f:4a:df:f0:a4:76:12:a8:88:fc:bd:65:34:99: 89:6a:af:55:90:15:88:a2:f8:0a:8b:29:4b:88:0c: 4a:f3:3a:df:5c:a8:08:6d:6a:4e:e3:81:96:fd:c3: a7:2d:c0:0a:20:e7:c4:c6:73:0f:38:12:22:c5:95: 4e:f2:35:06:dc:1e:df:30:7c:a9:e7:74:21:25:ee: 3d:5e:0d:28:cf:2e:6a:06:84:4f:3d:24:d4:70:a6: 97:35:a6:09:1c:2b:2f:39:78:f7:d0:6e:60:42:a4: 88:92:98:e6:e1:8f:80:96:68:4d:b8:20:ff:e8:a9: a3:10:4e:08:40:03:a3:f1:be:f7:76:b6:49:ab:5e: 98:74:39:12:55:01:90:d4:91:70:b2:5e:67:e2:dd: 40:ac:72:3c:d2:31:f0:47:53:ea:9b:13:9f:2a:a4: f6:d2:e3:08:29:4a:92:c6:c8:8a:c0:64:a7:c0:5b: df:a0:dc:86:9d:c1:41:a6:4d:aa:5e:5e:61:60:3e: 2c:8a:69:45:27:be:5e:69:7c:1d:26:b1:41:39:be: ad:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:20:A3:AA:F8:4F:78:33:BC:C1:86:CA:5B:D6:3F:89:19:8F:11:AF X509v3 Authority Key Identifier: keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:41:1b:b9:b0:95:17:25:13:b2:7d:10:1d:e7:1a:79:21:14: 3c:b3:cd:82:f6:95:40:14:3b:83:8f:db:b6:10:27:33:d8:ad: a9:4e:c6:c9:9c:88:24:5a:e5:a6:18:09:90:5f:b0:36:87:c1: d5:00:72:6b:bb:7b:53:a2:f8:58:5a:2f:40:9f:9f:e0:fb:1e: 3d:70:64:cc:1a:e0:08:e3:29:4a:0e:b6:f4:8a:54:b2:38:b0: b9:78:df:14:83:53:e4:7f:9d:77:00:a9:c2:2c:9f:6f:0b:d9: 09:ca:02:6c:f3:51:26:6e:ad:24:17:4e:f0:5b:6a:96:fa:db: 90:8f:09:fc:9c:04:31:be:19:0e:14:39:82:f3:6a:69:7f:f0: ee:e5:41:75:ac:1c:d7:85:fc:e8:f2:99:38:e2:d0:2c:ed:b1: df:16:f7:d9:d0:23:44:f7:b5:09:01:af:e8:f9:ec:0e:9c:c5: 05:10:da:d9:c7:99:ff:e0:68:13:0b:da:1d:26:d9:34:09:a7: 49:b2:ff:46:fc:2a:e9:f4:a1:e0:ce:69:4f:a4:37:ef:6d:cf: a8:48:00:85:2e:1b:16:f1:b5:9b:12:1c:a7:05:5e:51:36:06: 50:5c:42:a6:c3:c1:88:55:32:55:31:52:f9:3a:74:e9:37:fe: 11:cc:c1:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtqaUZLeooefbQYYM4WG50NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh ZmUzYTMwHhcNMjUxMjI5MTQwMDQyWhcNMjUxMjMwMTQwMDQyWjAzMTEwLwYDVQQD EyhhYzIwYTNhYWY4NGY3ODMzYmNjMTg2Y2E1YmQ2M2Y4OTE5OGYxMWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqCV129TZIpT/5ldGnKM7plaop+r oMvVmlSCbVQ17avL/CM88NPEOQnqQoB3T0rf8KR2EqiI/L1lNJmJaq9VkBWIovgK iylLiAxK8zrfXKgIbWpO44GW/cOnLcAKIOfExnMPOBIixZVO8jUG3B7fMHyp53Qh Je49Xg0ozy5qBoRPPSTUcKaXNaYJHCsvOXj30G5gQqSIkpjm4Y+AlmhNuCD/6Kmj EE4IQAOj8b73drZJq16YdDkSVQGQ1JFwsl5n4t1ArHI80jHwR1PqmxOfKqT20uMI KUqSxsiKwGSnwFvfoNyGncFBpk2qXl5hYD4simlFJ75eaXwdJrFBOb6teQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwgo6r4T3gzvMGGylvWP4kZjxGvMB8GA1UdIwQY MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt NWZiYzIzMGFiZGMyLzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUEbubCV FyUTsn0QHecaeSEUPLPNgvaVQBQ7g4/bthAnM9itqU7GyZyIJFrlphgJkF+wNofB 1QBya7t7U6L4WFovQJ+f4PsePXBkzBrgCOMpSg629IpUsjiwuXjfFINT5H+ddwCp wiyfbwvZCcoCbPNRJm6tJBdO8FtqlvrbkI8J/JwEMb4ZDhQ5gvNqaX/w7uVBdawc 14X86PKZOOLQLO2x3xb32dAjRPe1CQGv6PnsDpzFBRDa2ceZ/+BoEwvaHSbZNAmn SbL/Rvwq6fSh4M5pT6Q3723PqEgAhS4bFvG1mxIcpwVeUTYGUFxCpsPBiFUyVTFS +Tp06Tf+EczB4w== -----END CERTIFICATE-----Generated at Mon Dec 29 16:26:35 2025 by rpki-client