This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft File: bSPOewwQBo-8RMAhlD4zkBPyruA.mft (raw, json) Hash identifier: Y+evvftkblCBSwDoPrhwfjwSXOHzO/6Dr7f3xuiTG9o= Subject key identifier: 62:E3:3B:74:A4:2C:05:52:AC:26:1F:B6:D8:95:EA:1D:14:D3:F8:A7 Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Certificate serial: 019B41A4F2B8DC52554E98E72EC7A862474C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft Manifest number: 178A Signing time: Sun 21 Dec 2025 16:01:27 +0000 Manifest this update: Sun 21 Dec 2025 16:01:27 +0000 Manifest next update: Mon 22 Dec 2025 16:01:27 +0000 Files and hashes: 1: LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa (hash: ScQNvXtsK5w/Wj3QzlqfHMAUcdIYUpFbtGKhSGmn1FI=) 2: bSPOewwQBo-8RMAhlD4zkBPyruA.crl (hash: JtZItw+YT/AwnXGuIiqPi/8zKIoe/k/0TyL2JK7OGFM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:f2:b8:dc:52:55:4e:98:e7:2e:c7:a8:62:47:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Validity Not Before: Dec 21 16:01:27 2025 GMT Not After : Dec 22 16:01:27 2025 GMT Subject: CN=62e33b74a42c0552ac261fb6d895ea1d14d3f8a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:a3:2d:9c:ac:ea:0b:1a:d4:b5:dc:bd:e9:df: be:f0:86:1d:9e:d1:1d:5a:7f:3d:4e:3e:49:3f:41: 3b:f5:dd:90:64:10:28:5f:bc:4d:f9:e3:76:48:4e: 11:51:b7:67:d5:e0:5f:05:1a:2e:0a:42:1e:e8:b8: 70:a7:84:fe:fd:43:48:23:62:fe:cc:d2:ad:d5:90: f0:76:6b:9d:73:de:b2:62:9b:90:22:1f:f6:cb:f7: 0c:b6:7b:ab:42:5c:28:7a:12:39:2d:61:99:ad:4e: b4:1d:02:56:f2:79:8a:aa:e7:84:b9:d7:82:c7:1d: 52:8d:72:ea:92:99:ab:09:9d:7d:88:31:90:28:f8: cd:65:6c:6b:71:ef:9a:23:9d:64:94:10:1d:81:fb: ae:95:d4:d0:a9:9e:db:02:25:65:c7:99:4f:77:b0: 57:41:15:db:0b:70:4b:ed:3e:2b:de:94:4b:6a:03: 65:38:09:b7:7e:ea:dd:a7:02:dc:f0:93:57:da:59: b4:f7:ce:1a:02:f0:49:a9:f8:c3:8a:9e:ad:c0:87: 69:e6:01:64:ca:90:5a:27:31:73:95:05:10:3b:5d: 2c:94:c1:66:c4:25:e6:0b:43:28:af:92:da:a8:35: 99:b6:e8:de:18:2d:7b:82:e8:71:0a:5b:42:8d:da: 51:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:E3:3B:74:A4:2C:05:52:AC:26:1F:B6:D8:95:EA:1D:14:D3:F8:A7 X509v3 Authority Key Identifier: keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:95:79:3d:d4:86:1c:d1:5a:69:13:ee:08:b3:c2:06:be:e7: 5d:8b:73:ea:e3:19:4a:1b:6c:21:8c:d5:bb:42:19:d4:83:78: 89:01:cb:a4:cd:3e:4f:4c:e7:e0:4c:76:7c:bc:6b:91:cd:05: 6d:af:6d:d0:17:fb:3c:d2:8e:3d:4e:84:b0:e7:23:7f:83:55: 03:3b:4e:f3:73:34:0f:ab:98:3c:db:c2:c6:60:86:47:e6:bf: 60:cb:d0:17:2f:36:1c:c3:7c:45:d7:1d:f1:a1:06:aa:47:f2: e5:b2:cc:c8:80:90:d3:e0:6c:4b:d3:0f:18:20:f5:ef:44:9b: 87:27:6a:85:c9:c3:8a:db:65:0f:bd:dc:83:4d:96:2c:f3:a7: dd:bd:c5:ae:02:c8:ef:e4:83:51:3f:70:8f:29:3b:83:55:9c: 19:8c:64:47:b9:f9:48:c1:dd:6d:d2:62:1c:ba:48:67:83:53: 57:e1:03:56:11:92:d0:50:e9:d4:ac:b7:fb:f6:a6:41:fe:c3: bf:29:f7:e9:f4:35:63:9b:35:7e:d5:1e:de:80:51:98:78:37: b1:46:d3:29:f1:34:bc:a3:6e:b4:af:d6:79:66:e4:e4:f8:02: 53:d8:92:ed:12:fd:15:7b:07:12:cd:3d:ae:7f:53:44:b8:60: 78:34:c7:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpPK43FJVTpjnLseoYkdMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjNjZTdiMGMxMDA2OGZiYzQ0YzAyMTk0M2UzMzkwMTNm MmFlZTAwHhcNMjUxMjIxMTYwMTI3WhcNMjUxMjIyMTYwMTI3WjAzMTEwLwYDVQQD Eyg2MmUzM2I3NGE0MmMwNTUyYWMyNjFmYjZkODk1ZWExZDE0ZDNmOGE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaMtnKzqCxrUtdy96d++8IYdntEd Wn89Tj5JP0E79d2QZBAoX7xN+eN2SE4RUbdn1eBfBRouCkIe6Lhwp4T+/UNII2L+ zNKt1ZDwdmudc96yYpuQIh/2y/cMtnurQlwoehI5LWGZrU60HQJW8nmKqueEudeC xx1SjXLqkpmrCZ19iDGQKPjNZWxrce+aI51klBAdgfuuldTQqZ7bAiVlx5lPd7BX QRXbC3BL7T4r3pRLagNlOAm3furdpwLc8JNX2lm0984aAvBJqfjDip6twIdp5gFk ypBaJzFzlQUQO10slMFmxCXmC0Mor5LaqDWZtujeGC17guhxCltCjdpRHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGLjO3SkLAVSrCYfttiV6h0U0/inMB8GA1UdIwQY MBaAFG0jznsMEAaPvETAIZQ+M5AT8q7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYt NDBjNWViYzZmNzM2LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYtNDBjNWViYzZmNzM2 LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpV5PdSG HNFaaRPuCLPCBr7nXYtz6uMZShtsIYzVu0IZ1IN4iQHLpM0+T0zn4Ex2fLxrkc0F ba9t0Bf7PNKOPU6EsOcjf4NVAztO83M0D6uYPNvCxmCGR+a/YMvQFy82HMN8Rdcd 8aEGqkfy5bLMyICQ0+BsS9MPGCD170SbhydqhcnDittlD73cg02WLPOn3b3FrgLI 7+SDUT9wjyk7g1WcGYxkR7n5SMHdbdJiHLpIZ4NTV+EDVhGS0FDp1Ky3+/amQf7D vyn36fQ1Y5s1ftUe3oBRmHg3sUbTKfE0vKNutK/WeWbk5PgCU9iS7RL9FXsHEs09 rn9TRLhgeDTHVQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:14:28 2025 by rpki-client