This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft File: bfhqH1cK4xUpAiqk9h79nsK5fQU.mft (raw, json) Hash identifier: U7UwkjTuY7eXJYh/qo8l79NQWldQlgk4Afp+V7JtNGQ= Subject key identifier: 09:31:14:03:95:E4:79:BF:6D:7E:89:48:01:DD:A6:0D:96:53:08:E6 Authority key identifier: 6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05 Certificate issuer: /CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05 Certificate serial: 019B51BC8727BC680B9DD4953EC288059109 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft Manifest number: 160E Signing time: Wed 24 Dec 2025 19:01:08 +0000 Manifest this update: Wed 24 Dec 2025 19:01:08 +0000 Manifest next update: Thu 25 Dec 2025 19:01:08 +0000 Files and hashes: 1: BpLbGApyHXLB4qqgJyw3nGH9lH0.roa (hash: 4AoUx/2M994KEwtEdAKInOt11G1446xmTonI1qJPrOg=) 2: bfhqH1cK4xUpAiqk9h79nsK5fQU.crl (hash: wHFI8qX/+v52p5DdbIMcexqsR/Rei2ByFIINxyvy+6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:87:27:bc:68:0b:9d:d4:95:3e:c2:88:05:91:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6df86a1f570ae31529022aa4f61efd9ec2b97d05 Validity Not Before: Dec 24 19:01:08 2025 GMT Not After : Dec 25 19:01:08 2025 GMT Subject: CN=0931140395e479bf6d7e894801dda60d965308e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:fc:2f:2e:c6:04:2d:50:5a:9e:a5:ad:15:80: bb:76:2d:1f:84:80:e5:dd:df:14:bc:15:f4:50:31: b7:8a:32:d9:3f:f3:d2:1a:79:4b:eb:74:d8:54:b8: 87:a7:c6:f2:d8:7d:01:cc:5e:81:87:3e:a6:46:c4: be:e3:80:b4:5a:fd:fe:24:ca:6e:05:75:44:bd:43: c5:62:c4:0a:90:3c:3c:7b:39:82:26:5d:cd:9b:cb: 40:08:be:13:06:86:32:ab:75:da:c1:f3:9f:07:0b: 78:e3:1f:dc:82:a5:07:e6:5f:91:25:18:3c:e8:6e: 36:fa:30:07:65:f1:3f:0f:da:27:4c:b0:db:41:4b: 77:a4:f8:06:68:43:ce:4f:6d:7a:b8:f4:b9:f8:65: e1:15:15:fd:d5:31:19:d7:7d:e9:c1:81:bd:ba:45: 67:cc:a1:92:34:a8:e4:5c:94:3b:21:98:a6:4b:91: 16:cf:4a:42:76:43:73:85:e1:79:50:0b:15:ca:d2: 00:d4:d9:53:5c:1e:05:8c:75:f5:b9:61:83:ce:d7: f3:f9:22:eb:31:d0:4f:e0:5a:2b:a9:3d:93:bf:b7: 99:60:f8:43:3b:23:8f:ad:cb:17:73:c1:55:77:7d: de:04:7a:66:8e:8d:1e:ee:5b:7d:86:7c:b7:2d:c2: b6:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:31:14:03:95:E4:79:BF:6D:7E:89:48:01:DD:A6:0D:96:53:08:E6 X509v3 Authority Key Identifier: keyid:6D:F8:6A:1F:57:0A:E3:15:29:02:2A:A4:F6:1E:FD:9E:C2:B9:7D:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfhqH1cK4xUpAiqk9h79nsK5fQU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/6add35-a983-4011-af8a-7aac2d847955/1/bfhqH1cK4xUpAiqk9h79nsK5fQU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:0d:3a:2a:85:40:f4:fb:f1:9a:08:5b:24:80:71:22:1a:29: 1a:45:4e:fc:90:e7:50:5b:8c:cf:65:74:69:5f:f8:12:4a:9a: 76:4e:06:b9:01:65:3f:4e:0b:fd:1f:be:c9:f5:8e:ff:10:f2: bf:68:0a:fa:f8:6c:0f:f1:91:fb:e2:da:bf:16:d6:e3:d8:31: 88:1d:ff:bd:9c:16:bb:f9:be:67:c1:a6:f0:e8:72:a0:26:8b: 16:27:d0:0e:39:5b:1a:21:9c:c7:93:8b:90:5a:06:35:2b:f0: 51:b8:fe:40:b0:d8:7f:1a:4a:b3:8f:ba:9a:38:ed:da:9c:39: 87:bf:fc:81:0c:ae:69:5e:56:9e:1d:f2:cd:23:59:c5:8a:2d: 34:e8:fd:3a:19:87:c0:69:4e:93:b4:f6:22:96:f0:1e:4d:93: 8c:2e:89:5a:90:7d:63:9a:90:fc:e3:69:15:d2:43:39:bb:0c: 61:00:f5:2e:c0:dc:5c:c5:ee:66:25:e4:e3:86:5e:3f:e0:a0: b7:ee:cb:2e:27:59:4b:dd:72:b4:45:bc:39:c8:37:cd:d4:03: 9d:a2:d5:62:e1:4a:7b:39:fb:b0:f2:68:65:dd:82:e1:9a:71: 22:f2:28:c8:4f:5c:fc:52:66:eb:66:fb:30:bd:bf:0a:a4:ad: eb:cc:47:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvIcnvGgLndSVPsKIBZEJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZjg2YTFmNTcwYWUzMTUyOTAyMmFhNGY2MWVmZDllYzJi OTdkMDUwHhcNMjUxMjI0MTkwMTA4WhcNMjUxMjI1MTkwMTA4WjAzMTEwLwYDVQQD EygwOTMxMTQwMzk1ZTQ3OWJmNmQ3ZTg5NDgwMWRkYTYwZDk2NTMwOGU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPwvLsYELVBanqWtFYC7di0fhIDl 3d8UvBX0UDG3ijLZP/PSGnlL63TYVLiHp8by2H0BzF6Bhz6mRsS+44C0Wv3+JMpu BXVEvUPFYsQKkDw8ezmCJl3Nm8tACL4TBoYyq3XawfOfBwt44x/cgqUH5l+RJRg8 6G42+jAHZfE/D9onTLDbQUt3pPgGaEPOT216uPS5+GXhFRX91TEZ133pwYG9ukVn zKGSNKjkXJQ7IZimS5EWz0pCdkNzheF5UAsVytIA1NlTXB4FjHX1uWGDztfz+SLr MdBP4ForqT2Tv7eZYPhDOyOPrcsXc8FVd33eBHpmjo0e7lt9hny3LcK2bQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAkxFAOV5Hm/bX6JSAHdpg2WUwjmMB8GA1UdIwQY MBaAFG34ah9XCuMVKQIqpPYe/Z7CuX0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEt N2FhYzJkODQ3OTU1LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS82YWRkMzUtYTk4My00MDExLWFmOGEtN2FhYzJkODQ3OTU1 LzEvYmZocUgxY0s0eFVwQWlxazloNzluc0s1ZlFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiw06KoVA 9PvxmghbJIBxIhopGkVO/JDnUFuMz2V0aV/4Ekqadk4GuQFlP04L/R++yfWO/xDy v2gK+vhsD/GR++LavxbW49gxiB3/vZwWu/m+Z8Gm8OhyoCaLFifQDjlbGiGcx5OL kFoGNSvwUbj+QLDYfxpKs4+6mjjt2pw5h7/8gQyuaV5Wnh3yzSNZxYotNOj9OhmH wGlOk7T2IpbwHk2TjC6JWpB9Y5qQ/ONpFdJDObsMYQD1LsDcXMXuZiXk44ZeP+Cg t+7LLidZS91ytEW8Ocg3zdQDnaLVYuFKezn7sPJoZd2C4ZpxIvIoyE9c/FJm62b7 ML2/CqSt68xHxA== -----END CERTIFICATE-----Generated at Wed Dec 24 21:35:38 2025 by rpki-client