This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft File: bZYBl_5YkhTCJZ9q6olsThAH6YY.mft (raw, json) Hash identifier: 1z8adLJLikHkAse6FtaJldICsBM7pkeDQLNelRFVaMw= Subject key identifier: 4A:93:31:CB:75:4D:E9:9D:42:FB:9A:F1:6E:18:DC:6A:1C:CD:C0:6B Authority key identifier: 6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86 Certificate issuer: /CN=6d960197fe589214c2259f6aea896c4e1007e986 Certificate serial: 019B2EF9B711722FF96E10AFE0D872ADBEC7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft Manifest number: 0A1E Signing time: Thu 18 Dec 2025 01:01:15 +0000 Manifest this update: Thu 18 Dec 2025 01:01:15 +0000 Manifest next update: Fri 19 Dec 2025 01:01:15 +0000 Files and hashes: 1: bZYBl_5YkhTCJZ9q6olsThAH6YY.crl (hash: R0lWVzj/1zhbXVEbIcKSCqociRs2kaaUICwh3jHAXbU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:f9:b7:11:72:2f:f9:6e:10:af:e0:d8:72:ad:be:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d960197fe589214c2259f6aea896c4e1007e986 Validity Not Before: Dec 18 01:01:15 2025 GMT Not After : Dec 19 01:01:15 2025 GMT Subject: CN=4a9331cb754de99d42fb9af16e18dc6a1ccdc06b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:dc:dd:89:23:63:77:b2:ad:b6:76:4f:5b:ed: 73:4f:18:23:8d:fc:f8:87:b9:09:26:63:7f:96:2b: c2:fd:6e:af:84:54:b6:e9:8d:a8:b4:2b:75:6a:37: 48:cf:e5:be:f8:9e:95:e4:cc:b8:e2:de:3f:0a:00: 63:a2:e1:8b:68:5e:ef:d7:9b:b2:c6:2c:f8:08:39: 99:c8:31:60:50:fe:2b:55:2b:e0:f8:75:68:c5:87: 89:1e:8b:7e:f6:9a:45:43:2c:fe:89:87:c1:4a:16: 29:bc:7a:cf:7e:0b:96:bd:a6:1d:fb:f2:75:c2:7a: d3:2c:72:44:d2:76:1e:41:fd:66:20:14:41:14:df: 9e:2a:d8:5e:ac:b2:8e:c5:2a:72:fd:eb:0c:5f:3a: 81:b7:d7:20:38:c0:66:29:f4:43:36:19:98:38:f4: ba:8d:28:db:c0:58:f3:43:3c:59:cd:5c:63:28:33: e5:40:a7:45:96:47:aa:ef:42:fe:e0:23:3b:9a:f6: 1e:db:6c:ff:08:b8:30:2f:ed:bd:78:01:8b:4a:f5: f8:fa:53:32:c4:49:cb:ca:9d:c6:c2:7c:85:be:3b: 70:56:29:15:51:95:44:5a:2b:70:1a:9e:6c:c2:6d: e8:75:4c:e7:3a:f7:ca:06:c6:a1:d1:93:09:26:b0: 53:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:93:31:CB:75:4D:E9:9D:42:FB:9A:F1:6E:18:DC:6A:1C:CD:C0:6B X509v3 Authority Key Identifier: keyid:6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:9a:79:f1:e5:f8:a8:ed:20:3d:50:64:56:75:0c:fb:87:38: 22:cc:76:07:d8:5d:3b:7b:f8:c6:1b:b4:66:1e:f1:9b:cc:80: 14:56:3f:60:98:b5:5c:7f:f2:09:b4:7a:09:0f:7f:0b:b0:50: da:af:77:e0:df:d0:59:c8:c3:88:ea:01:86:d5:db:ad:40:32: 85:37:50:33:0a:53:7f:01:5c:96:2e:7d:b0:2e:46:60:05:0a: f0:d1:9d:ff:c8:b9:2d:ed:90:fa:0c:4e:cc:3a:aa:71:28:ed: 27:dd:22:03:37:9a:51:80:ee:ae:c0:6a:d7:14:a7:16:0e:22: 49:b0:33:74:81:a9:3e:43:ed:e0:d9:32:38:ad:37:90:98:fd: 2f:54:7e:1a:2a:1c:cd:83:0e:8f:d5:00:b3:2e:07:ab:fc:d3: bb:4a:09:27:70:e0:89:85:7d:7b:e8:f2:3a:6b:77:a9:5a:9a: 3c:b6:32:81:b4:ec:12:e2:4f:f1:29:99:f5:d6:88:a9:91:c1: f2:b2:d0:04:68:a6:1f:c2:16:b9:fe:fc:bf:ac:da:25:ea:40: 7d:65:12:1a:e8:3d:79:75:e2:09:5a:38:61:3b:03:b0:35:c6: 25:d6:bf:24:26:db:28:fb:9d:47:cb:b0:d9:19:1c:ae:a1:82: c6:53:ab:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+bcRci/5bhCv4Nhyrb7HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkOTYwMTk3ZmU1ODkyMTRjMjI1OWY2YWVhODk2YzRlMTAw N2U5ODYwHhcNMjUxMjE4MDEwMTE1WhcNMjUxMjE5MDEwMTE1WjAzMTEwLwYDVQQD Eyg0YTkzMzFjYjc1NGRlOTlkNDJmYjlhZjE2ZTE4ZGM2YTFjY2RjMDZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNzdiSNjd7KttnZPW+1zTxgjjfz4 h7kJJmN/livC/W6vhFS26Y2otCt1ajdIz+W++J6V5My44t4/CgBjouGLaF7v15uy xiz4CDmZyDFgUP4rVSvg+HVoxYeJHot+9ppFQyz+iYfBShYpvHrPfguWvaYd+/J1 wnrTLHJE0nYeQf1mIBRBFN+eKtherLKOxSpy/esMXzqBt9cgOMBmKfRDNhmYOPS6 jSjbwFjzQzxZzVxjKDPlQKdFlkeq70L+4CM7mvYe22z/CLgwL+29eAGLSvX4+lMy xEnLyp3GwnyFvjtwVikVUZVEWitwGp5swm3odUznOvfKBsah0ZMJJrBT/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEqTMct1TemdQvua8W4Y3GoczcBrMB8GA1UdIwQY MBaAFG2WAZf+WJIUwiWfauqJbE4QB+mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQt MzEzNzU0ZTY0ZTEzLzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQtMzEzNzU0ZTY0ZTEz LzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJp58eX4 qO0gPVBkVnUM+4c4Isx2B9hdO3v4xhu0Zh7xm8yAFFY/YJi1XH/yCbR6CQ9/C7BQ 2q934N/QWcjDiOoBhtXbrUAyhTdQMwpTfwFcli59sC5GYAUK8NGd/8i5Le2Q+gxO zDqqcSjtJ90iAzeaUYDursBq1xSnFg4iSbAzdIGpPkPt4NkyOK03kJj9L1R+Gioc zYMOj9UAsy4Hq/zTu0oJJ3DgiYV9e+jyOmt3qVqaPLYygbTsEuJP8SmZ9daIqZHB 8rLQBGimH8IWuf78v6zaJepAfWUSGug9eXXiCVo4YTsDsDXGJda/JCbbKPudR8uw 2RkcrqGCxlOrdA== -----END CERTIFICATE-----Generated at Thu Dec 18 11:12:33 2025 by rpki-client