This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft File: BmVsWtlzg3LVTAN-OX81vpqpJNs.mft (raw, json) Hash identifier: 35atXaBG9MbVE0YoziitcqtR9KF30pDt+wvHI+Suc2w= Subject key identifier: 5D:83:5E:42:06:DC:FD:8D:5F:E4:8C:54:1B:D1:6E:8B:D9:04:7D:67 Authority key identifier: 06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB Certificate issuer: /CN=06656c5ad9738372d54c037e397f35be9aa924db Certificate serial: 019B36E9D905D2FE93B66B59139B8915B087 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft Manifest number: 0353 Signing time: Fri 19 Dec 2025 14:00:53 +0000 Manifest this update: Fri 19 Dec 2025 14:00:53 +0000 Manifest next update: Sat 20 Dec 2025 14:00:53 +0000 Files and hashes: 1: BOJlFcCNxlleMHUbR9TjmHCDeZc.roa (hash: ujITDNQNM0fpryFmlYjLZ0Q/wbil/+me/IAh88EFBg8=) 2: BmVsWtlzg3LVTAN-OX81vpqpJNs.crl (hash: +1KKcbuDocKFUsp59hb4XdomLJbZG4FH+9GoH1FjiKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 14:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:e9:d9:05:d2:fe:93:b6:6b:59:13:9b:89:15:b0:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06656c5ad9738372d54c037e397f35be9aa924db Validity Not Before: Dec 19 14:00:53 2025 GMT Not After : Dec 20 14:00:53 2025 GMT Subject: CN=5d835e4206dcfd8d5fe48c541bd16e8bd9047d67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f8:2d:f5:e9:1e:2a:2b:93:c2:15:78:7c:51: 38:1a:7f:8f:0f:e2:a3:fc:b2:d1:ff:7f:5e:8b:53: 71:1d:52:61:6b:e2:9d:46:c5:58:f5:a0:19:87:b5: a8:dc:53:0e:e2:70:a2:a2:50:20:a7:ed:83:21:82: b6:8b:26:90:86:21:c8:a1:d2:de:fd:10:04:07:71: 88:e2:fe:ff:07:43:86:8b:ee:50:1a:d7:5d:46:59: 27:1d:fa:db:b5:b5:ad:6a:e6:79:1f:ba:87:63:a9: 38:f0:4b:57:07:58:2d:5d:71:31:47:5e:53:89:b9: ef:4e:93:37:f4:b4:73:f7:5a:47:1c:06:be:3a:36: 73:66:a4:d8:2a:8b:07:c3:af:ed:8b:99:df:f8:21: 16:58:67:65:e1:4a:7e:4c:c0:8d:d8:74:4b:7e:4f: f4:1d:ea:cf:46:36:b2:77:0f:4a:51:4a:26:01:a0: a4:14:1c:57:52:1f:a6:2f:3a:49:5a:4e:9b:20:2f: 52:3f:2c:b0:9f:41:ec:60:f2:ce:9c:5d:dc:a2:15: ec:aa:13:3a:9e:f9:b7:13:6c:88:0a:37:c1:24:b7: 54:a1:b3:01:4b:24:ea:27:bd:77:87:34:47:6b:79: 3d:c7:02:1e:c6:32:78:aa:16:bf:27:72:9f:fb:7e: e5:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:83:5E:42:06:DC:FD:8D:5F:E4:8C:54:1B:D1:6E:8B:D9:04:7D:67 X509v3 Authority Key Identifier: keyid:06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:f5:64:a2:83:6e:ea:0d:97:de:af:9c:c9:4c:fd:ad:74:e6: 65:6d:4f:02:7b:6a:a2:b1:4d:ce:6e:6a:76:86:c2:65:0a:8c: 4e:95:00:fe:bf:27:1c:39:2b:9f:42:02:a7:ec:1a:89:51:2b: 85:34:04:af:f6:1a:09:25:cf:73:85:ad:57:f3:29:ae:71:54: ec:d2:0f:d1:10:03:ca:2a:dc:6d:66:2a:70:9f:8f:f3:d4:9f: 9a:90:1a:e8:97:98:8d:06:61:c2:30:8e:0f:d0:de:a7:1c:d3: 82:c5:40:f1:5f:b0:5a:87:d2:43:54:b3:bf:19:42:ad:fe:1d: ee:35:de:1e:45:3f:6d:50:1d:ef:62:44:58:94:36:13:b6:f6: 4f:c9:84:68:5c:ee:67:9f:e2:7e:50:e0:96:47:38:8d:64:a7: bd:5c:1d:a0:f3:e7:43:f4:08:c6:a9:0d:4f:86:ea:34:f9:8f: 71:df:47:2c:ca:0d:93:ef:4e:80:38:73:d0:c6:b9:1f:d5:b8: a5:fc:3b:c4:1b:0e:0b:2b:c7:4d:72:cd:19:61:d4:76:51:6a: 92:17:74:37:ad:59:ac:4b:f9:d9:7e:2b:30:0e:90:97:fd:b4: 08:9f:15:61:3f:94:89:1c:9a:4a:7d:ab:b4:45:54:9f:b5:97: 40:be:1e:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs26dkF0v6TtmtZE5uJFbCHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NjU2YzVhZDk3MzgzNzJkNTRjMDM3ZTM5N2YzNWJlOWFh OTI0ZGIwHhcNMjUxMjE5MTQwMDUzWhcNMjUxMjIwMTQwMDUzWjAzMTEwLwYDVQQD Eyg1ZDgzNWU0MjA2ZGNmZDhkNWZlNDhjNTQxYmQxNmU4YmQ5MDQ3ZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/gt9ekeKiuTwhV4fFE4Gn+PD+Kj /LLR/39ei1NxHVJha+KdRsVY9aAZh7Wo3FMO4nCiolAgp+2DIYK2iyaQhiHIodLe /RAEB3GI4v7/B0OGi+5QGtddRlknHfrbtbWtauZ5H7qHY6k48EtXB1gtXXExR15T ibnvTpM39LRz91pHHAa+OjZzZqTYKosHw6/ti5nf+CEWWGdl4Up+TMCN2HRLfk/0 HerPRjaydw9KUUomAaCkFBxXUh+mLzpJWk6bIC9SPyywn0HsYPLOnF3cohXsqhM6 nvm3E2yICjfBJLdUobMBSyTqJ713hzRHa3k9xwIexjJ4qha/J3Kf+37lBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF2DXkIG3P2NX+SMVBvRbovZBH1nMB8GA1UdIwQY MBaAFAZlbFrZc4Ny1UwDfjl/Nb6aqSTbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMt OGIwNzYyNTZmMzlkLzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMtOGIwNzYyNTZmMzlk LzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfVkooNu 6g2X3q+cyUz9rXTmZW1PAntqorFNzm5qdobCZQqMTpUA/r8nHDkrn0ICp+waiVEr hTQEr/YaCSXPc4WtV/MprnFU7NIP0RADyircbWYqcJ+P89SfmpAa6JeYjQZhwjCO D9DepxzTgsVA8V+wWofSQ1SzvxlCrf4d7jXeHkU/bVAd72JEWJQ2E7b2T8mEaFzu Z5/iflDglkc4jWSnvVwdoPPnQ/QIxqkNT4bqNPmPcd9HLMoNk+9OgDhz0Ma5H9W4 pfw7xBsOCyvHTXLNGWHUdlFqkhd0N61ZrEv52X4rMA6Ql/20CJ8VYT+UiRyaSn2r tEVUn7WXQL4eGQ== -----END CERTIFICATE-----Generated at Fri Dec 19 21:55:43 2025 by rpki-client