This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft File: bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft (raw, json) Hash identifier: 5eHqqkaZ9qTpnptcw3uZBoNJA7poDS//sbQJvHAhoow= Subject key identifier: 11:80:C3:02:35:61:E7:30:87:71:87:AC:5A:B5:F3:EE:7F:40:E4:2A Authority key identifier: 6D:08:5D:17:7E:EB:0C:B9:1A:42:F4:3E:2D:4C:3C:80:8D:EC:57:08 Certificate issuer: /CN=6d085d177eeb0cb91a42f43e2d4c3c808dec5708 Certificate serial: 019B3C46E3E5EF053016CE0F44CC36F7A538 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft Manifest number: 2C Signing time: Sat 20 Dec 2025 15:00:37 +0000 Manifest this update: Sat 20 Dec 2025 15:00:37 +0000 Manifest next update: Sun 21 Dec 2025 15:00:37 +0000 Files and hashes: 1: bQhdF37rDLkaQvQ-LUw8gI3sVwg.crl (hash: mfLdlD6da8PGDsuqWaJ1fSMSJOSAavU+QR6z2MaxC4c=) 2: dWwVRALAzAqrPFMH_475HoZXSNw.roa (hash: UJ+bbnCj2UBf8wQPJOa00WAwj/A+Ao4RrFugnSe3cZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:46:e3:e5:ef:05:30:16:ce:0f:44:cc:36:f7:a5:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d085d177eeb0cb91a42f43e2d4c3c808dec5708 Validity Not Before: Dec 20 15:00:37 2025 GMT Not After : Dec 21 15:00:37 2025 GMT Subject: CN=1180c3023561e730877187ac5ab5f3ee7f40e42a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:62:7a:1b:c3:71:47:9f:83:c2:33:da:e3:3b: c1:ce:d6:95:35:a5:c6:ba:b6:d3:4c:68:f3:dc:84: 6d:7c:bf:64:67:d8:d3:e2:39:b2:a3:6f:1d:2f:e2: cc:92:c2:59:69:0c:54:70:69:90:4c:c5:76:76:87: f8:43:22:19:6e:c5:37:c6:53:cf:d3:ae:55:92:3d: 55:8b:c1:1a:5b:8d:65:d8:8e:c5:37:32:bb:66:68: 83:ef:d6:e0:87:68:71:d2:e8:bf:12:b4:27:e9:1a: f3:be:00:dd:b7:42:3a:dd:b6:3e:aa:9a:b5:55:cf: 6e:93:c9:9e:b0:db:21:ce:a0:ae:d5:27:62:02:6f: cf:85:bc:31:ab:ed:a6:3a:94:8b:4b:dd:f0:9e:78: a1:0a:75:97:e3:5e:a2:b8:2c:54:60:62:12:a8:ba: bd:91:6e:3c:bb:4f:68:f7:40:c0:d4:a2:07:e5:2a: d8:77:fc:7d:74:f6:0b:df:63:57:d8:b6:71:7b:e4: ed:dd:56:e5:b8:4a:a0:af:e6:fd:c2:29:fb:29:b7: cc:16:b1:9e:97:d3:7e:6a:5b:b3:0e:8f:27:54:1b: 29:4a:0d:22:75:3e:2e:e1:ea:4d:bf:9a:41:eb:82: 73:56:3a:2c:63:f6:8f:22:77:b4:fd:1b:c2:a1:b3: f5:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:80:C3:02:35:61:E7:30:87:71:87:AC:5A:B5:F3:EE:7F:40:E4:2A X509v3 Authority Key Identifier: keyid:6D:08:5D:17:7E:EB:0C:B9:1A:42:F4:3E:2D:4C:3C:80:8D:EC:57:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:7c:83:07:3d:f4:c5:cf:df:66:f8:78:8f:2c:2b:28:31:28: 93:da:36:dc:0a:0f:dc:f2:24:06:f6:06:6c:ad:23:49:ed:c5: bc:8a:f9:39:c6:10:bf:fe:f1:de:fb:8a:b6:a1:9e:07:3c:4f: 94:5a:1c:c6:d5:b9:91:1d:fb:c9:bb:07:c2:0d:b2:da:94:2e: bb:16:d7:50:f5:f9:ad:16:8b:07:48:f9:75:86:49:0d:1d:02: 11:3e:c0:83:a0:8c:76:e3:1a:51:e9:22:50:44:11:b8:a0:20: 3b:61:ce:ed:da:17:4d:ab:89:59:3e:14:23:4a:3d:f5:18:41: 13:7a:0f:90:6a:4f:69:9b:4b:14:1d:42:55:35:bb:87:4b:c8: 69:b1:29:0f:d1:ce:04:b1:ef:a0:63:0e:dc:ed:30:50:b2:3b: 36:ee:8e:68:e0:d6:1a:92:f3:31:3f:ff:09:86:a0:a1:53:31: e5:ad:a3:33:aa:37:dd:51:5a:64:99:7d:d0:2b:f2:c8:c6:d6: 00:30:c6:e1:5b:df:f9:00:28:7d:ea:db:24:35:6a:2f:c0:6b: 34:d5:24:53:db:95:ad:59:8d:ab:be:69:11:39:65:26:05:75: df:9b:ad:0a:fc:31:31:08:c4:20:41:e8:27:53:fa:7e:6b:05: fa:b9:b8:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8RuPl7wUwFs4PRMw296U4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDg1ZDE3N2VlYjBjYjkxYTQyZjQzZTJkNGMzYzgwOGRl YzU3MDgwHhcNMjUxMjIwMTUwMDM3WhcNMjUxMjIxMTUwMDM3WjAzMTEwLwYDVQQD EygxMTgwYzMwMjM1NjFlNzMwODc3MTg3YWM1YWI1ZjNlZTdmNDBlNDJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGJ6G8NxR5+DwjPa4zvBztaVNaXG urbTTGjz3IRtfL9kZ9jT4jmyo28dL+LMksJZaQxUcGmQTMV2dof4QyIZbsU3xlPP 065Vkj1Vi8EaW41l2I7FNzK7ZmiD79bgh2hx0ui/ErQn6RrzvgDdt0I63bY+qpq1 Vc9uk8mesNshzqCu1SdiAm/Phbwxq+2mOpSLS93wnnihCnWX416iuCxUYGISqLq9 kW48u09o90DA1KIH5SrYd/x9dPYL32NX2LZxe+Tt3VbluEqgr+b9win7KbfMFrGe l9N+aluzDo8nVBspSg0idT4u4epNv5pB64JzVjosY/aPIne0/RvCobP1QwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBGAwwI1Yecwh3GHrFq18+5/QOQqMB8GA1UdIwQY MBaAFG0IXRd+6wy5GkL0Pi1MPICN7FcIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFoZEYzN3JETGthUXZRLUxVdzhnSTNzVndnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNTM4OTItNzNiZS00MTJlLTk1NTkt OTdkNDkzNDhjYzAxLzEvYlFoZEYzN3JETGthUXZRLUxVdzhnSTNzVndnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8wNTM4OTItNzNiZS00MTJlLTk1NTktOTdkNDkzNDhjYzAx LzEvYlFoZEYzN3JETGthUXZRLUxVdzhnSTNzVndnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnyDBz30 xc/fZvh4jywrKDEok9o23AoP3PIkBvYGbK0jSe3FvIr5OcYQv/7x3vuKtqGeBzxP lFocxtW5kR37ybsHwg2y2pQuuxbXUPX5rRaLB0j5dYZJDR0CET7Ag6CMduMaUeki UEQRuKAgO2HO7doXTauJWT4UI0o99RhBE3oPkGpPaZtLFB1CVTW7h0vIabEpD9HO BLHvoGMO3O0wULI7Nu6OaODWGpLzMT//CYagoVMx5a2jM6o33VFaZJl90CvyyMbW ADDG4Vvf+QAoferbJDVqL8BrNNUkU9uVrVmNq75pETllJgV135utCvwxMQjEIEHo J1P6fmsF+rm4GA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:43:37 2025 by rpki-client