This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft File: BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json) Hash identifier: yh3rwZvH39DkZvsTd1rTqhDNEOejOW7P1O0E9tRtMxU= Subject key identifier: E6:14:C0:FA:07:36:72:AA:55:70:FC:FC:57:04:A7:0A:D4:35:D4:20 Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F Certificate issuer: /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f Certificate serial: 019B6D33CC3702969523F85759F3BD026866 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft Manifest number: 0C2F Signing time: Tue 30 Dec 2025 03:01:09 +0000 Manifest this update: Tue 30 Dec 2025 03:01:09 +0000 Manifest next update: Wed 31 Dec 2025 03:01:09 +0000 Files and hashes: 1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: K5Sv6DFvvu3qJkbEVmUiXIXx991naUJNcqpPTQNurCE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 03:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:33:cc:37:02:96:95:23:f8:57:59:f3:bd:02:68:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f Validity Not Before: Dec 30 03:01:09 2025 GMT Not After : Dec 31 03:01:09 2025 GMT Subject: CN=e614c0fa073672aa5570fcfc5704a70ad435d420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:8c:47:36:81:68:a6:45:90:7e:e8:3f:0f:9a: fc:99:cc:02:7e:18:e6:6c:a9:e1:3d:fa:b6:5c:3c: 86:67:53:29:f5:05:83:02:e0:ae:1d:83:c5:ad:c0: 39:e0:83:7b:61:db:02:e9:80:18:30:d3:c1:1e:13: 13:28:46:f4:5a:c3:9d:cc:d7:c1:a1:96:af:6b:b2: 4a:d8:c8:2b:31:cc:ed:b6:c4:e4:04:04:bf:7d:5c: 52:25:a8:e1:cd:2a:14:3f:ee:e1:51:51:5c:a8:d0: 13:e9:be:fb:f3:4b:fa:40:2b:6d:7d:6f:8e:45:91: 54:f3:a0:6d:f7:16:3f:a4:11:4b:11:ad:77:a4:28: 3b:93:d1:e5:45:cc:df:65:b6:b4:f6:4e:35:51:3d: 53:62:85:1d:6f:21:19:d5:6c:7e:ed:0d:dd:4f:70: 4e:f6:b7:96:6c:dd:aa:3a:2f:35:41:23:e7:45:f9: 97:c7:91:38:b2:0d:38:cf:c5:de:8e:aa:ff:fb:91: 4c:d7:4c:31:8e:d0:b0:b2:24:18:91:f4:7d:4c:b5: 6b:0d:86:f9:13:ea:a0:c5:f7:d4:4a:4a:46:79:17: 2e:52:e7:bb:55:20:65:02:5b:c9:60:ae:fb:45:f0: 58:a8:bb:84:95:e0:1b:89:6e:0b:7e:da:3b:12:b7: d6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:14:C0:FA:07:36:72:AA:55:70:FC:FC:57:04:A7:0A:D4:35:D4:20 X509v3 Authority Key Identifier: keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:72:44:8d:0b:23:ae:a2:c4:eb:c1:ef:ca:00:dc:87:58:47: 3d:28:05:95:6e:47:0a:03:ca:6c:de:66:0a:a9:7a:44:eb:42: 7b:ad:b8:6e:88:a6:35:cc:5e:c3:9a:00:f3:90:84:86:10:20: 48:db:78:90:e2:b5:96:06:8b:84:37:80:6d:d3:93:d6:e9:d4: bc:0c:0b:88:7f:f0:3c:a7:93:6f:ce:32:ce:d9:6e:18:c0:9e: 2e:8a:e7:ec:c8:14:1f:8f:20:db:7a:8d:68:12:59:8c:b4:e6: 4c:10:6d:9e:e4:b5:de:ba:68:89:bf:de:c0:59:41:d1:8e:e4: f8:89:44:91:23:ba:ad:86:5c:08:a8:b3:24:e4:fb:b4:80:26: 66:8b:a5:a0:68:ab:cd:04:46:cd:50:49:f2:0b:80:7f:dd:c1: 50:83:f9:af:a7:ea:96:08:9e:f6:1b:13:53:52:43:45:b4:b2: 15:51:76:54:b1:28:55:c3:4c:52:e5:fe:b4:e1:0b:ce:ec:5e: 59:26:32:62:4a:1c:00:a4:98:9b:29:a1:61:8b:77:53:a0:0c: b6:41:82:5f:d1:a8:b4:35:19:bc:8e:de:d3:9e:dc:45:0c:a9: a9:f0:e9:dc:5c:da:4c:f5:dc:39:20:9d:bc:4b:90:96:42:e8: e2:17:b2:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttM8w3ApaVI/hXWfO9AmhmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk ZDc2NGYwHhcNMjUxMjMwMDMwMTA5WhcNMjUxMjMxMDMwMTA5WjAzMTEwLwYDVQQD EyhlNjE0YzBmYTA3MzY3MmFhNTU3MGZjZmM1NzA0YTcwYWQ0MzVkNDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IxHNoFopkWQfug/D5r8mcwCfhjm bKnhPfq2XDyGZ1Mp9QWDAuCuHYPFrcA54IN7YdsC6YAYMNPBHhMTKEb0WsOdzNfB oZava7JK2MgrMczttsTkBAS/fVxSJajhzSoUP+7hUVFcqNAT6b7780v6QCttfW+O RZFU86Bt9xY/pBFLEa13pCg7k9HlRczfZba09k41UT1TYoUdbyEZ1Wx+7Q3dT3BO 9reWbN2qOi81QSPnRfmXx5E4sg04z8Xejqr/+5FM10wxjtCwsiQYkfR9TLVrDYb5 E+qgxffUSkpGeRcuUue7VSBlAlvJYK77RfBYqLuEleAbiW4Lfto7ErfWKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOYUwPoHNnKqVXD8/FcEpwrUNdQgMB8GA1UdIwQY MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvXJEjQsj rqLE68HvygDch1hHPSgFlW5HCgPKbN5mCql6ROtCe624boimNcxew5oA85CEhhAg SNt4kOK1lgaLhDeAbdOT1unUvAwLiH/wPKeTb84yztluGMCeLorn7MgUH48g23qN aBJZjLTmTBBtnuS13rpoib/ewFlB0Y7k+IlEkSO6rYZcCKizJOT7tIAmZouloGir zQRGzVBJ8guAf93BUIP5r6fqlgie9hsTU1JDRbSyFVF2VLEoVcNMUuX+tOELzuxe WSYyYkocAKSYmymhYYt3U6AMtkGCX9GotDUZvI7e057cRQypqfDp3FzaTPXcOSCd vEuQlkLo4heyjg== -----END CERTIFICATE-----Generated at Tue Dec 30 12:29:25 2025 by rpki-client