This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft File: Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft (raw, json) Hash identifier: 3qEQhgb0vYO0B0doo/Yzh00EyaL4ZeMq8EhhMSq7MxA= Subject key identifier: F4:6D:5A:F7:18:58:97:69:0D:EC:86:C1:7A:96:94:D3:8F:FC:93:7A Authority key identifier: 06:CE:5B:28:46:6B:92:74:25:26:03:13:92:D9:4B:F1:A5:58:E8:44 Certificate issuer: /CN=06ce5b28466b92742526031392d94bf1a558e844 Certificate serial: 019B51BCBD7EF2724F9E977DC8A02BCDAF92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft Manifest number: 14D2 Signing time: Wed 24 Dec 2025 19:01:22 +0000 Manifest this update: Wed 24 Dec 2025 19:01:22 +0000 Manifest next update: Thu 25 Dec 2025 19:01:22 +0000 Files and hashes: 1: Bs5bKEZrknQlJgMTktlL8aVY6EQ.crl (hash: RzGc4Ht5uvAtgHipIsntIvpUbK3wxrW79/mYZEeyZ/s=) 2: ELJxyLmNkAO4LH2akysrOoq_xxw.roa (hash: B5RpIzdoHJeEU/i0KYBMhNoTeQCE20VYj0EU96xzN7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 19:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:bd:7e:f2:72:4f:9e:97:7d:c8:a0:2b:cd:af:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06ce5b28466b92742526031392d94bf1a558e844 Validity Not Before: Dec 24 19:01:22 2025 GMT Not After : Dec 25 19:01:22 2025 GMT Subject: CN=f46d5af7185897690dec86c17a9694d38ffc937a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ce:0d:4f:72:46:0d:67:47:0f:7f:43:a6:95: a1:d0:f0:78:75:a0:48:fc:b0:36:1b:ee:8e:5a:6a: 2b:d1:08:31:84:a4:9f:eb:3a:48:9d:3c:90:57:6e: 50:76:79:a3:c9:6b:ed:66:6d:7a:16:38:b7:50:1c: 9b:e3:6e:a2:9c:88:a3:f0:5c:43:18:22:5e:c5:f9: ad:d2:14:b5:41:03:6a:92:23:c2:21:0c:2e:18:9b: 06:5b:24:cc:41:b2:98:db:7e:7c:80:34:13:ef:f8: bb:43:9d:01:37:25:ee:58:00:d5:ff:da:af:42:e2: 85:2d:53:67:31:2b:6f:0d:df:ff:eb:f8:eb:34:2e: 8c:4c:5b:eb:f4:1a:6b:74:93:f9:e2:51:41:a1:6f: a3:e6:30:ed:b5:c7:e3:ce:c1:82:bd:dc:3d:c3:67: 13:a2:7e:b8:eb:5b:69:4b:4b:96:13:dc:f2:e7:5c: 02:6f:c2:71:37:e8:29:5c:6f:2d:32:13:eb:e9:10: d9:70:f5:f3:5d:f4:7d:07:b8:71:b4:49:4e:33:a1: 22:5a:86:65:3a:a5:c3:1c:44:34:be:7a:62:23:90: 29:f8:a9:b5:5c:cb:8a:bc:14:93:2e:47:90:b5:d1: 78:a7:5a:25:6e:33:c8:bd:c8:1c:d1:d6:be:5b:10: 06:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:6D:5A:F7:18:58:97:69:0D:EC:86:C1:7A:96:94:D3:8F:FC:93:7A X509v3 Authority Key Identifier: keyid:06:CE:5B:28:46:6B:92:74:25:26:03:13:92:D9:4B:F1:A5:58:E8:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bs5bKEZrknQlJgMTktlL8aVY6EQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/45cf37-afa5-4994-aedb-485b20952d93/1/Bs5bKEZrknQlJgMTktlL8aVY6EQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:3c:e0:1d:2e:32:92:d1:c8:d1:23:c9:93:45:73:09:f3:d2: a5:1d:42:05:78:06:58:ed:4b:94:df:30:1e:7b:3d:63:56:2d: 1c:52:07:2f:f4:b8:76:0c:52:86:7f:f7:59:bf:4a:b1:a6:9b: 6e:9c:ed:d0:29:da:4f:3a:bc:f2:97:da:a7:ee:0c:34:85:4f: 1c:f1:7e:ae:50:74:3c:40:a1:1a:f7:b1:8f:98:e1:c6:1d:d1: 1f:60:59:be:15:92:b4:80:28:9d:95:ba:5a:2b:50:64:cd:09: 97:b8:a8:27:bc:93:39:69:be:c9:6c:eb:ca:39:3d:d1:83:49: 78:10:6d:dd:99:92:62:eb:ab:42:40:ad:3f:aa:9f:7e:89:94: 95:79:e3:94:b9:43:bd:8a:b1:92:2d:b1:56:1d:01:5a:3e:83: b9:34:02:fa:81:79:ff:64:98:7b:fa:bd:80:5e:e4:53:c5:bf: 6e:fe:e4:a0:d5:2a:1d:b7:91:d2:b0:3c:55:65:03:cb:5f:83: c0:56:a4:af:fb:a9:fd:51:ca:c4:6c:75:7d:ad:37:3d:38:e0: 1b:0d:85:6f:d9:3d:84:c2:1d:c2:60:04:e1:4d:7e:c8:c3:ac: ac:53:72:3a:22:0c:f1:38:20:f0:71:07:d9:40:0e:ac:69:fc: ab:a0:26:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvL1+8nJPnpd9yKArza+SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2Y2U1YjI4NDY2YjkyNzQyNTI2MDMxMzkyZDk0YmYxYTU1 OGU4NDQwHhcNMjUxMjI0MTkwMTIyWhcNMjUxMjI1MTkwMTIyWjAzMTEwLwYDVQQD EyhmNDZkNWFmNzE4NTg5NzY5MGRlYzg2YzE3YTk2OTRkMzhmZmM5MzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s4NT3JGDWdHD39DppWh0PB4daBI /LA2G+6OWmor0QgxhKSf6zpInTyQV25QdnmjyWvtZm16Fji3UByb426inIij8FxD GCJexfmt0hS1QQNqkiPCIQwuGJsGWyTMQbKY2358gDQT7/i7Q50BNyXuWADV/9qv QuKFLVNnMStvDd//6/jrNC6MTFvr9BprdJP54lFBoW+j5jDttcfjzsGCvdw9w2cT on6461tpS0uWE9zy51wCb8JxN+gpXG8tMhPr6RDZcPXzXfR9B7hxtElOM6EiWoZl OqXDHEQ0vnpiI5Ap+Km1XMuKvBSTLkeQtdF4p1olbjPIvcgc0da+WxAGrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRtWvcYWJdpDeyGwXqWlNOP/JN6MB8GA1UdIwQY MBaAFAbOWyhGa5J0JSYDE5LZS/GlWOhEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQnM1YktFWnJrblFsSmdNVGt0bEw4YVZZNkVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80NWNmMzctYWZhNS00OTk0LWFlZGIt NDg1YjIwOTUyZDkzLzEvQnM1YktFWnJrblFsSmdNVGt0bEw4YVZZNkVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS80NWNmMzctYWZhNS00OTk0LWFlZGItNDg1YjIwOTUyZDkz LzEvQnM1YktFWnJrblFsSmdNVGt0bEw4YVZZNkVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTzgHS4y ktHI0SPJk0VzCfPSpR1CBXgGWO1LlN8wHns9Y1YtHFIHL/S4dgxShn/3Wb9Ksaab bpzt0CnaTzq88pfap+4MNIVPHPF+rlB0PEChGvexj5jhxh3RH2BZvhWStIAonZW6 WitQZM0Jl7ioJ7yTOWm+yWzryjk90YNJeBBt3ZmSYuurQkCtP6qffomUlXnjlLlD vYqxki2xVh0BWj6DuTQC+oF5/2SYe/q9gF7kU8W/bv7koNUqHbeR0rA8VWUDy1+D wFakr/up/VHKxGx1fa03PTjgGw2Fb9k9hMIdwmAE4U1+yMOsrFNyOiIM8Tgg8HEH 2UAOrGn8q6AmzQ== -----END CERTIFICATE-----Generated at Thu Dec 25 04:57:12 2025 by rpki-client