This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft File: BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft (raw, json) Hash identifier: bt0hkVK2+A8vhgCugrNC2XJqfz6x3jVwfUi8YuaIyxo= Subject key identifier: 90:AE:36:DC:D3:A4:43:62:C5:34:F2:AD:02:5B:D1:D3:AE:64:59:AD Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Certificate serial: 019B3BA2C6643238C833DEB261C252623C48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft Manifest number: 0C6C Signing time: Sat 20 Dec 2025 12:01:21 +0000 Manifest this update: Sat 20 Dec 2025 12:01:21 +0000 Manifest next update: Sun 21 Dec 2025 12:01:21 +0000 Files and hashes: 1: BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl (hash: IfGudfzL6tjkXeYvmuSk1JK951f1Hqq8utQNnQOhy4M=) 2: dShe1ipT6-Y_-edVr4eNtxtPKAo.roa (hash: 34QucPlafnV+iMZk3j4FDiUJFtGuS1f17YL6xBvVoIo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:c6:64:32:38:c8:33:de:b2:61:c2:52:62:3c:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Validity Not Before: Dec 20 12:01:21 2025 GMT Not After : Dec 21 12:01:21 2025 GMT Subject: CN=90ae36dcd3a44362c534f2ad025bd1d3ae6459ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:1f:f0:c4:38:fb:bc:a0:20:d3:f4:19:94:ca: f8:c2:bf:ab:a4:42:27:9e:07:1d:79:38:e0:7a:7c: 3e:0f:19:01:83:70:be:90:4b:65:e7:03:b9:f2:9b: be:98:85:0f:8d:b4:cc:7b:4f:6a:91:68:86:2a:78: a1:5e:10:9d:c2:ba:6a:ba:f0:df:9d:37:8c:3f:26: b0:6d:d3:17:ed:4b:32:58:48:94:54:81:99:dc:0c: 74:ae:d2:51:77:0f:97:25:9b:94:50:71:91:05:82: 28:62:76:b5:46:12:01:f7:81:9a:13:9c:f4:27:03: 83:6e:a1:3e:51:a3:f0:b7:26:d4:0e:7e:89:47:eb: e9:5e:ce:26:68:48:30:d9:74:2c:f6:99:9a:70:aa: 87:1a:30:37:1c:64:72:1a:d7:e4:8d:22:d6:a7:02: 41:30:c0:71:7b:e4:63:0b:25:e3:04:8f:df:c1:63: 09:c3:d9:73:e6:10:eb:e2:5f:d3:2e:90:b9:6a:48: 40:3a:7f:a7:a0:53:4a:89:75:40:dc:f2:8d:5d:d2: 8b:77:69:1f:28:24:9f:b4:be:54:01:9b:53:7d:12: d1:c5:8c:80:5d:2d:ff:af:13:41:30:54:50:31:82: 5d:b1:b0:b3:a7:af:15:b7:74:b2:4a:f7:2e:99:19: c2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:AE:36:DC:D3:A4:43:62:C5:34:F2:AD:02:5B:D1:D3:AE:64:59:AD X509v3 Authority Key Identifier: keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:af:21:a9:91:0f:7e:64:7c:c3:1f:4a:6d:9a:74:cd:0a:ca: c8:96:46:f3:a7:62:cb:db:01:f6:97:ba:98:f8:81:00:9e:ae: ba:d2:79:9e:46:25:9f:9e:e3:66:ca:af:3d:7b:3e:8e:81:4b: a0:f6:e1:8c:5d:cd:92:d8:4d:d0:13:de:7f:bc:da:40:9d:f7: 16:2d:0a:25:95:e5:42:3e:a6:1a:3a:d3:cf:a6:fe:a8:ca:72: 0b:21:f6:c8:94:f9:19:f2:a8:99:1c:10:9b:fe:55:dd:e3:2c: 5b:f3:10:64:db:de:c7:86:8c:9b:3b:c0:c8:43:e4:04:d5:84: e6:26:d4:f5:ff:50:34:e6:ea:84:f6:09:9a:cb:3b:0a:23:e7: 8e:18:f6:1f:09:12:47:fe:26:7e:0d:f4:c8:29:bc:74:90:cf: 69:a7:ab:db:90:22:39:7e:ad:28:ab:1a:e0:41:2a:58:18:cd: 9c:fb:98:d7:05:d2:d9:e2:f5:a8:c0:ac:38:c2:5e:46:fd:f6: 10:cc:64:c2:ae:11:a8:4c:12:f6:d3:44:a1:d5:64:36:a6:40: cb:bc:9a:0c:9b:b5:8f:df:b8:20:ea:3f:28:7d:f0:f0:ad:ed: e0:4d:e7:3f:2b:28:ec:97:ee:0a:d1:f3:7f:d7:c4:39:d6:83: 31:76:ab:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7osZkMjjIM96yYcJSYjxIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi ZmExNGEwHhcNMjUxMjIwMTIwMTIxWhcNMjUxMjIxMTIwMTIxWjAzMTEwLwYDVQQD Eyg5MGFlMzZkY2QzYTQ0MzYyYzUzNGYyYWQwMjViZDFkM2FlNjQ1OWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B/wxDj7vKAg0/QZlMr4wr+rpEIn ngcdeTjgenw+DxkBg3C+kEtl5wO58pu+mIUPjbTMe09qkWiGKnihXhCdwrpquvDf nTeMPyawbdMX7UsyWEiUVIGZ3Ax0rtJRdw+XJZuUUHGRBYIoYna1RhIB94GaE5z0 JwODbqE+UaPwtybUDn6JR+vpXs4maEgw2XQs9pmacKqHGjA3HGRyGtfkjSLWpwJB MMBxe+RjCyXjBI/fwWMJw9lz5hDr4l/TLpC5akhAOn+noFNKiXVA3PKNXdKLd2kf KCSftL5UAZtTfRLRxYyAXS3/rxNBMFRQMYJdsbCzp68Vt3SySvcumRnCFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJCuNtzTpENixTTyrQJb0dOuZFmtMB8GA1UdIwQY MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt ZThkMTkyOTYzOTVjLzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOq8hqZEP fmR8wx9KbZp0zQrKyJZG86diy9sB9pe6mPiBAJ6uutJ5nkYln57jZsqvPXs+joFL oPbhjF3NkthN0BPef7zaQJ33Fi0KJZXlQj6mGjrTz6b+qMpyCyH2yJT5GfKomRwQ m/5V3eMsW/MQZNvex4aMmzvAyEPkBNWE5ibU9f9QNObqhPYJmss7CiPnjhj2HwkS R/4mfg30yCm8dJDPaaer25AiOX6tKKsa4EEqWBjNnPuY1wXS2eL1qMCsOMJeRv32 EMxkwq4RqEwS9tNEodVkNqZAy7yaDJu1j9+4IOo/KH3w8K3t4E3nPyso7JfuCtHz f9fEOdaDMXar8A== -----END CERTIFICATE-----Generated at Sat Dec 20 13:59:27 2025 by rpki-client