This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft File: bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft (raw, json) Hash identifier: gjSw2AabCizn8Zc6FCNEqIviLTXkWR48l+ytKdRLdkg= Subject key identifier: BD:4F:49:95:AF:52:F3:41:32:C4:75:43:B2:99:10:93:5E:09:FA:E7 Authority key identifier: 6C:51:61:4B:6B:FB:6C:61:87:83:67:69:11:BD:F3:BC:82:9F:97:D7 Certificate issuer: /CN=6c51614b6bfb6c618783676911bdf3bc829f97d7 Certificate serial: 019B6D3307C7222EF3512F9A44FDBBD0AD3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft Manifest number: 1433 Signing time: Tue 30 Dec 2025 03:00:19 +0000 Manifest this update: Tue 30 Dec 2025 03:00:19 +0000 Manifest next update: Wed 31 Dec 2025 03:00:19 +0000 Files and hashes: 1: bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl (hash: zFM9mO/q9X5Wc5Q2WXFsAi8rGX65PM5z55D3Db4nJ3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:33:07:c7:22:2e:f3:51:2f:9a:44:fd:bb:d0:ad:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c51614b6bfb6c618783676911bdf3bc829f97d7 Validity Not Before: Dec 30 03:00:19 2025 GMT Not After : Dec 31 03:00:19 2025 GMT Subject: CN=bd4f4995af52f34132c47543b29910935e09fae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:07:49:b5:ff:01:6d:7b:83:ae:d6:42:88:09: a2:04:e5:98:bd:9a:dd:c7:8d:5d:46:2c:0b:d3:3c: b7:b9:4a:5c:b2:78:1d:37:4c:16:e5:0e:98:03:72: 31:83:54:28:0b:2a:57:c6:89:4f:8a:0b:e9:ce:2f: 2a:46:b6:08:ba:d0:4a:8e:6f:18:24:6b:f7:e4:0b: 3e:8a:93:9f:76:07:16:62:88:49:bf:48:bf:0a:c2: 92:5e:fa:3f:ce:54:2a:84:57:dd:a9:87:31:0c:7a: bf:db:91:54:0c:ae:7b:83:c3:db:ca:bb:01:6d:c0: 52:ba:3a:3d:3b:d6:79:dd:42:09:42:41:2c:70:25: cf:4b:59:77:fd:78:dc:b5:fc:a1:b1:e8:87:55:38: b6:3a:0c:0d:e5:b6:23:46:ab:28:34:26:68:73:f0: 68:da:04:8a:bc:97:9f:c7:87:04:ad:1d:46:6e:d1: 90:25:51:76:1b:32:e8:af:87:10:3b:eb:f2:f1:d2: d6:f9:d4:da:a0:9d:18:a3:40:55:88:9b:04:73:fb: 9c:aa:8f:5f:b3:90:3a:6f:02:3c:29:95:73:c6:88: eb:72:a0:0f:6c:2c:c9:18:41:11:3e:91:f5:88:db: ca:a6:2d:44:17:da:84:c9:41:1f:fc:6a:5f:7d:21: 76:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:4F:49:95:AF:52:F3:41:32:C4:75:43:B2:99:10:93:5E:09:FA:E7 X509v3 Authority Key Identifier: keyid:6C:51:61:4B:6B:FB:6C:61:87:83:67:69:11:BD:F3:BC:82:9F:97:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:9a:88:85:ed:2f:03:f3:49:77:b6:b5:f5:91:06:ed:8f:65: c7:2e:55:51:a1:34:29:40:88:93:bc:32:95:94:8c:11:8f:d9: 97:b6:b9:c9:51:2f:51:1c:b5:db:70:df:53:ad:12:b5:70:22: 47:32:e6:60:b2:13:b4:b3:24:3c:a3:04:a0:48:70:30:e5:ee: 14:69:83:12:9c:fd:37:04:65:4d:0a:05:34:04:35:8e:15:2c: bc:f1:2f:10:4c:88:9e:19:6a:90:d4:12:90:2b:07:c2:3a:31: 2e:ea:86:aa:91:17:cb:53:01:5d:f8:0f:df:40:38:21:1e:f3: 88:51:7a:4c:b8:55:88:2f:dd:49:1c:72:10:ec:62:94:2c:9c: 20:d4:a3:97:ae:cf:bf:7b:39:f1:97:60:87:82:fc:e8:cd:58: 33:ab:82:14:23:77:4f:4b:21:76:06:a6:50:de:c0:b9:e7:a4: fd:51:d7:cd:07:2f:02:14:93:29:0c:f9:7a:64:c1:05:02:c7: bc:d9:d1:4d:52:59:7e:4c:ad:12:68:a9:63:40:1b:3e:5a:3c: dc:da:93:07:bb:42:17:e8:32:99:89:da:f3:1d:58:63:56:1c: fc:9f:e1:e7:9a:d1:04:6b:68:e4:77:f1:41:77:f7:e8:24:17: 92:59:10:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttMwfHIi7zUS+aRP270K0+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjNTE2MTRiNmJmYjZjNjE4NzgzNjc2OTExYmRmM2JjODI5 Zjk3ZDcwHhcNMjUxMjMwMDMwMDE5WhcNMjUxMjMxMDMwMDE5WjAzMTEwLwYDVQQD EyhiZDRmNDk5NWFmNTJmMzQxMzJjNDc1NDNiMjk5MTA5MzVlMDlmYWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AdJtf8BbXuDrtZCiAmiBOWYvZrd x41dRiwL0zy3uUpcsngdN0wW5Q6YA3Ixg1QoCypXxolPigvpzi8qRrYIutBKjm8Y JGv35As+ipOfdgcWYohJv0i/CsKSXvo/zlQqhFfdqYcxDHq/25FUDK57g8PbyrsB bcBSujo9O9Z53UIJQkEscCXPS1l3/XjctfyhseiHVTi2OgwN5bYjRqsoNCZoc/Bo 2gSKvJefx4cErR1GbtGQJVF2GzLor4cQO+vy8dLW+dTaoJ0Yo0BViJsEc/ucqo9f s5A6bwI8KZVzxojrcqAPbCzJGEERPpH1iNvKpi1EF9qEyUEf/GpffSF2HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL1PSZWvUvNBMsR1Q7KZEJNeCfrnMB8GA1UdIwQY MBaAFGxRYUtr+2xhh4NnaRG987yCn5fXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MGNlN2UtMTkyMy00OTkzLTkwMGMt N2Q1ZWIxODMxZWYxLzEvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi82MGNlN2UtMTkyMy00OTkzLTkwMGMtN2Q1ZWIxODMxZWYx LzEvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpqIhe0v A/NJd7a19ZEG7Y9lxy5VUaE0KUCIk7wylZSMEY/Zl7a5yVEvURy123DfU60StXAi RzLmYLITtLMkPKMEoEhwMOXuFGmDEpz9NwRlTQoFNAQ1jhUsvPEvEEyInhlqkNQS kCsHwjoxLuqGqpEXy1MBXfgP30A4IR7ziFF6TLhViC/dSRxyEOxilCycINSjl67P v3s58Zdgh4L86M1YM6uCFCN3T0shdgamUN7Aueek/VHXzQcvAhSTKQz5emTBBQLH vNnRTVJZfkytEmipY0AbPlo83NqTB7tCF+gymYna8x1YY1Yc/J/h55rRBGto5Hfx QXf36CQXklkQmA== -----END CERTIFICATE-----Generated at Tue Dec 30 06:20:50 2025 by rpki-client