This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft File: BozI9XorPCKZsfSCtn4V2d5DrTw.mft (raw, json) Hash identifier: UtOtUYwOsnpXGRTHugKgElXL556u/YuiqC6PpA6WZz0= Subject key identifier: 86:6E:B9:07:E0:A5:F6:9A:CA:FE:93:0C:65:29:54:08:1D:2E:02:CC Authority key identifier: 06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C Certificate issuer: /CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c Certificate serial: 019B631F39E08CCD234198A8AF7540163716 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft Manifest number: 1512 Signing time: Sun 28 Dec 2025 04:02:29 +0000 Manifest this update: Sun 28 Dec 2025 04:02:29 +0000 Manifest next update: Mon 29 Dec 2025 04:02:29 +0000 Files and hashes: 1: BozI9XorPCKZsfSCtn4V2d5DrTw.crl (hash: s0tfFyQArHLotj4v5uZ5ycWLbJrBDvpSNtEZeNbS9qA=) 2: P9IjOiRib_oTzk3RFCj75_fHPso.roa (hash: zczeX9mp/ovcEZlHCQx76naAHy+fi7XPa1xXLFJeJgA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1f:39:e0:8c:cd:23:41:98:a8:af:75:40:16:37:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=068cc8f57a2b3c2299b1f482b67e15d9de43ad3c Validity Not Before: Dec 28 04:02:29 2025 GMT Not After : Dec 29 04:02:29 2025 GMT Subject: CN=866eb907e0a5f69acafe930c652954081d2e02cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:fd:fa:db:a9:ef:62:d4:44:11:b0:de:9d:7d: a7:4f:57:0c:00:63:af:bb:5e:4d:10:27:03:76:7b: df:0f:ea:17:4a:63:be:68:27:aa:ae:d1:15:51:9e: f6:b6:78:b7:98:01:db:69:3c:0f:2e:91:45:f7:86: e7:91:9f:c1:96:1d:1d:2d:61:b8:af:ec:e6:60:53: 30:2e:56:74:8c:ad:b9:d0:51:b9:61:83:b6:f7:d6: 5f:0b:44:15:87:bd:77:b2:ce:9f:d8:a3:6e:57:32: 97:18:04:5d:c6:1d:d3:79:1e:8d:1b:f6:e3:b4:30: da:98:80:e4:93:bd:94:61:13:f2:e1:4b:36:1f:eb: 75:b3:46:69:97:f5:bc:13:93:4c:cc:d4:15:ff:d6: 97:ee:a9:55:72:19:b6:fb:1b:07:aa:1e:b9:2f:fa: 43:cc:89:8e:cc:94:8d:4e:77:f9:cd:4f:46:d1:61: 71:3e:4e:94:3d:05:e1:f9:7e:4c:c3:77:9a:77:67: e0:5c:90:01:c4:3e:bc:b7:9a:42:60:3f:ce:ee:06: cd:2c:3a:ca:bb:19:50:d9:0f:4c:ae:85:4d:12:45: 26:d8:12:91:2c:5c:3e:11:67:99:79:b7:4b:25:bf: 3e:6c:f5:33:f4:8b:dd:47:44:24:9b:da:d6:70:14: 81:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:6E:B9:07:E0:A5:F6:9A:CA:FE:93:0C:65:29:54:08:1D:2E:02:CC X509v3 Authority Key Identifier: keyid:06:8C:C8:F5:7A:2B:3C:22:99:B1:F4:82:B6:7E:15:D9:DE:43:AD:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BozI9XorPCKZsfSCtn4V2d5DrTw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dbde8c-a0fc-44d7-993b-2a28416d45b2/1/BozI9XorPCKZsfSCtn4V2d5DrTw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:ec:14:74:ef:d0:15:47:98:eb:1e:65:bd:83:6c:6d:f5:c8: 47:2e:f7:b5:98:e8:43:74:df:fc:93:99:dc:fd:00:68:67:b4: 7d:5d:a8:f7:f0:a8:43:58:c2:ec:63:6d:1b:57:31:ba:c2:95: 47:11:be:3e:73:df:9c:d0:ca:6b:51:1b:ab:f6:01:ec:85:69: 0c:8d:8c:82:1f:db:76:db:24:42:b9:18:d1:92:56:19:ab:c8: 6a:53:2f:1b:bb:78:81:73:33:0f:96:8b:12:aa:b1:e3:9d:58: 02:b1:5f:30:d3:2a:38:ed:d8:55:02:5c:37:4c:25:ef:d7:47: d2:63:db:3a:4a:5a:69:5b:25:cf:e0:2a:a7:b1:b6:72:7b:0b: a6:6e:6c:4f:48:dc:a8:be:c5:c5:86:6d:82:cb:a5:62:4a:62: cf:b2:f1:a8:3e:e4:7a:ab:3a:a4:67:94:c3:dc:10:8c:00:a6: 8e:dc:6a:b8:b2:c0:4b:03:7c:3a:f1:f8:7b:2b:de:d4:de:ec: bb:cc:53:2d:93:6b:89:58:d7:67:e2:78:19:48:8e:76:16:2f: 42:e1:14:38:f8:06:82:22:17:65:1e:c0:17:95:08:8f:f7:b1: 3d:a7:ef:fc:f1:4f:5f:e2:39:fc:a8:99:dd:74:67:2d:fa:73: e3:ad:b9:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHzngjM0jQZior3VAFjcWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2OGNjOGY1N2EyYjNjMjI5OWIxZjQ4MmI2N2UxNWQ5ZGU0 M2FkM2MwHhcNMjUxMjI4MDQwMjI5WhcNMjUxMjI5MDQwMjI5WjAzMTEwLwYDVQQD Eyg4NjZlYjkwN2UwYTVmNjlhY2FmZTkzMGM2NTI5NTQwODFkMmUwMmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/3626nvYtREEbDenX2nT1cMAGOv u15NECcDdnvfD+oXSmO+aCeqrtEVUZ72tni3mAHbaTwPLpFF94bnkZ/Blh0dLWG4 r+zmYFMwLlZ0jK250FG5YYO299ZfC0QVh713ss6f2KNuVzKXGARdxh3TeR6NG/bj tDDamIDkk72UYRPy4Us2H+t1s0Zpl/W8E5NMzNQV/9aX7qlVchm2+xsHqh65L/pD zImOzJSNTnf5zU9G0WFxPk6UPQXh+X5Mw3ead2fgXJABxD68t5pCYD/O7gbNLDrK uxlQ2Q9MroVNEkUm2BKRLFw+EWeZebdLJb8+bPUz9IvdR0Qkm9rWcBSBuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIZuuQfgpfaayv6TDGUpVAgdLgLMMB8GA1UdIwQY MBaAFAaMyPV6KzwimbH0grZ+FdneQ608MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2It MmEyODQxNmQ0NWIyLzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9kYmRlOGMtYTBmYy00NGQ3LTk5M2ItMmEyODQxNmQ0NWIy LzEvQm96STlYb3JQQ0tac2ZTQ3RuNFYyZDVEclR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOwUdO/Q FUeY6x5lvYNsbfXIRy73tZjoQ3Tf/JOZ3P0AaGe0fV2o9/CoQ1jC7GNtG1cxusKV RxG+PnPfnNDKa1Ebq/YB7IVpDI2Mgh/bdtskQrkY0ZJWGavIalMvG7t4gXMzD5aL Eqqx451YArFfMNMqOO3YVQJcN0wl79dH0mPbOkpaaVslz+Aqp7G2cnsLpm5sT0jc qL7FxYZtgsulYkpiz7LxqD7keqs6pGeUw9wQjACmjtxquLLASwN8OvH4eyve1N7s u8xTLZNriVjXZ+J4GUiOdhYvQuEUOPgGgiIXZR7AF5UIj/exPafv/PFPX+I5/KiZ 3XRnLfpz46252A== -----END CERTIFICATE-----Generated at Sun Dec 28 11:07:38 2025 by rpki-client