This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json) Hash identifier: c4+X6wj3z4hJjx8VTd7XeMGCSlndhwWziaJBv9/asc8= Subject key identifier: 83:8F:19:EA:B8:72:D4:C6:0E:37:82:BF:B2:6E:ED:81:E2:AE:69:A4 Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Certificate serial: 019B405C5C4B1918E2FDE99282F70F18FCF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft Manifest number: 1788 Signing time: Sun 21 Dec 2025 10:02:33 +0000 Manifest this update: Sun 21 Dec 2025 10:02:33 +0000 Manifest next update: Mon 22 Dec 2025 10:02:33 +0000 Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: s1rn+UkI/xIVa0edDdmzDVvYnLMnEm5gMQb8crfmtvw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:02:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:5c:4b:19:18:e2:fd:e9:92:82:f7:0f:18:fc:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Validity Not Before: Dec 21 10:02:33 2025 GMT Not After : Dec 22 10:02:33 2025 GMT Subject: CN=838f19eab872d4c60e3782bfb26eed81e2ae69a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:59:0e:7f:6f:16:dc:46:36:2e:23:ca:97:76: 5c:2a:89:45:c8:73:65:b1:58:83:c8:68:60:a9:5c: 9f:7a:dd:3a:a4:4c:7d:db:48:09:65:bd:f8:9d:1f: c6:d0:6f:39:8b:c6:16:36:5f:6d:6a:2c:93:04:33: 0d:03:20:9f:11:34:57:46:bd:a8:34:3f:57:ff:e1: a4:a7:ca:65:e6:19:6e:0d:27:77:46:18:a8:f9:25: 65:05:22:fb:77:cb:ea:75:a7:93:fd:1b:a6:ea:66: f8:64:c7:16:32:64:9f:8f:06:b5:8d:1a:6a:58:c6: 92:f4:1f:9a:bd:80:99:3d:5d:78:cf:ee:6d:46:b7: 54:5f:70:06:04:88:d2:35:b9:a6:38:e7:0a:9a:da: 26:b7:9e:73:c3:e3:7d:e5:98:fd:0f:2c:db:5f:fa: 09:50:6c:3a:33:2e:e2:24:25:1f:b0:76:b8:2c:b0: 03:6d:10:7d:50:8a:6f:2b:46:16:59:b6:e2:a5:25: f3:5f:12:3b:e9:cd:54:4b:5c:cd:81:d8:c4:23:ae: 63:14:09:3f:f6:ab:98:17:3b:b0:56:88:93:58:ff: 05:19:a6:2a:88:a2:3f:a4:ae:b2:cf:56:43:eb:a6: 69:d8:17:fa:91:5f:b9:11:3b:3a:07:2d:cc:c3:8c: ac:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:8F:19:EA:B8:72:D4:C6:0E:37:82:BF:B2:6E:ED:81:E2:AE:69:A4 X509v3 Authority Key Identifier: keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:b7:73:77:49:0a:37:a0:b5:df:ce:46:f1:21:c4:a7:fc:c5: de:ba:11:1b:54:9b:83:44:4f:2d:97:d5:a2:64:f8:3c:f3:a1: 71:e3:38:1d:54:df:28:e1:9d:6f:1d:d2:f2:a5:d6:0f:50:e2: 3f:6f:3c:49:04:be:b0:b8:19:a9:84:63:08:fa:28:6e:8d:53: fb:8a:79:62:39:f5:0f:5d:70:ca:4d:00:41:32:47:99:c7:c8: e8:e2:b0:bb:3b:e7:33:59:14:42:04:70:73:2e:54:34:77:7e: 74:d7:20:f6:0b:c8:3c:f0:dc:66:3e:eb:e5:2a:ef:96:1f:a7: 40:4b:ac:73:19:2d:52:2f:46:ee:4d:1c:3f:d1:73:94:1d:cc: 62:eb:98:31:8f:27:c0:3f:d1:78:fa:ec:ce:fe:05:8f:de:e7: d9:ad:05:5d:fe:be:52:e2:1d:21:d6:da:d6:e1:bb:64:d1:69: ce:99:40:84:9e:62:c1:7b:68:f6:a1:86:8e:c9:e9:83:47:4d: f7:96:97:28:5e:fc:c8:32:1f:6f:6c:98:72:7b:97:36:f9:1b: 44:9d:86:78:7c:70:53:56:db:b5:40:af:f7:91:7c:0c:ad:82: bd:a2:cb:a2:a1:e1:e5:fd:9f:64:07:29:c3:64:1e:d7:c6:98: e9:d7:1a:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXFxLGRji/emSgvcPGPz0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5 YmQzNjAwHhcNMjUxMjIxMTAwMjMzWhcNMjUxMjIyMTAwMjMzWjAzMTEwLwYDVQQD Eyg4MzhmMTllYWI4NzJkNGM2MGUzNzgyYmZiMjZlZWQ4MWUyYWU2OWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FkOf28W3EY2LiPKl3ZcKolFyHNl sViDyGhgqVyfet06pEx920gJZb34nR/G0G85i8YWNl9taiyTBDMNAyCfETRXRr2o ND9X/+Gkp8pl5hluDSd3Rhio+SVlBSL7d8vqdaeT/Rum6mb4ZMcWMmSfjwa1jRpq WMaS9B+avYCZPV14z+5tRrdUX3AGBIjSNbmmOOcKmtomt55zw+N95Zj9DyzbX/oJ UGw6My7iJCUfsHa4LLADbRB9UIpvK0YWWbbipSXzXxI76c1US1zNgdjEI65jFAk/ 9quYFzuwVoiTWP8FGaYqiKI/pK6yz1ZD66Zp2Bf6kV+5ETs6By3Mw4ysnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIOPGeq4ctTGDjeCv7Ju7YHirmmkMB8GA1UdIwQY MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrdzd0kK N6C1385G8SHEp/zF3roRG1Sbg0RPLZfVomT4PPOhceM4HVTfKOGdbx3S8qXWD1Di P288SQS+sLgZqYRjCPoobo1T+4p5Yjn1D11wyk0AQTJHmcfI6OKwuzvnM1kUQgRw cy5UNHd+dNcg9gvIPPDcZj7r5Srvlh+nQEuscxktUi9G7k0cP9FzlB3MYuuYMY8n wD/RePrszv4Fj97n2a0FXf6+UuIdIdba1uG7ZNFpzplAhJ5iwXto9qGGjsnpg0dN 95aXKF78yDIfb2yYcnuXNvkbRJ2GeHxwU1bbtUCv95F8DK2CvaLLoqHh5f2fZAcp w2Qe18aY6dcaEA== -----END CERTIFICATE-----Generated at Sun Dec 21 15:43:05 2025 by rpki-client