This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.mft File: BpSFf1Ib4h4SZzna13O05qGKxps.mft (raw, json) Hash identifier: nRKVhzLsajTwqo/omlCPv8aG59EAoXQ+z9fOhNYqWtA= Subject key identifier: 5D:2C:D3:51:BD:56:60:AB:F3:33:3D:05:E0:7F:2F:38:6E:E7:FD:04 Authority key identifier: 06:94:85:7F:52:1B:E2:1E:12:67:39:DA:D7:73:B4:E6:A1:8A:C6:9B Certificate issuer: /CN=0694857f521be21e126739dad773b4e6a18ac69b Certificate serial: 019B44388CA03D3DAA85C8B8E4ACE414E679 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpSFf1Ib4h4SZzna13O05qGKxps.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.mft Manifest number: 0ACC Signing time: Mon 22 Dec 2025 04:01:55 +0000 Manifest this update: Mon 22 Dec 2025 04:01:55 +0000 Manifest next update: Tue 23 Dec 2025 04:01:55 +0000 Files and hashes: 1: BpSFf1Ib4h4SZzna13O05qGKxps.crl (hash: Vc/tU8mc5MC7QH+JKgOr/HZ/pntcdG7VkEs7da8Y48A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.mft rsync://rpki.ripe.net/repository/DEFAULT/BpSFf1Ib4h4SZzna13O05qGKxps.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:8c:a0:3d:3d:aa:85:c8:b8:e4:ac:e4:14:e6:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0694857f521be21e126739dad773b4e6a18ac69b Validity Not Before: Dec 22 04:01:55 2025 GMT Not After : Dec 23 04:01:55 2025 GMT Subject: CN=5d2cd351bd5660abf3333d05e07f2f386ee7fd04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7b:22:51:c3:4b:13:c6:20:71:79:79:82:3c: 02:91:3e:b6:8e:13:32:51:72:f9:37:b0:e2:75:6a: 4f:72:43:b3:f4:d9:ee:f9:60:c6:8f:a7:49:67:19: 7f:5c:10:9a:0d:46:4a:5e:0e:21:0c:7b:ee:4a:1f: 41:e3:ff:1b:30:8f:cd:24:48:f0:d0:32:e8:b2:3b: e2:3d:1f:fd:7e:cc:1a:76:f5:66:80:24:17:81:a2: 84:b0:1e:25:7b:92:42:39:d4:c5:05:03:de:85:7b: 5a:a7:c5:03:53:64:2d:60:cc:4e:cd:82:22:3a:15: 66:96:c3:30:5b:61:a6:f6:b6:fb:da:81:1e:3a:34: 2d:00:83:66:45:a8:f2:58:b4:a5:d7:c9:96:61:47: e2:3c:25:f2:ee:57:17:6d:95:e5:de:d7:2d:f5:0d: 6d:dd:19:e3:7a:66:96:b8:29:72:25:df:bb:3d:19: 94:c3:27:3c:19:c4:cc:50:91:04:71:99:83:a4:51: ea:07:66:ba:4b:3c:76:8b:68:8e:2e:e8:fa:3e:8d: be:3f:0b:c3:0a:e9:3a:78:60:91:8c:a0:e0:08:ef: 5e:34:f9:22:b3:ea:9f:c6:8c:5b:6e:1e:41:35:8f: 42:90:45:85:7f:34:d0:83:07:ec:ce:18:d7:43:ff: 62:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:2C:D3:51:BD:56:60:AB:F3:33:3D:05:E0:7F:2F:38:6E:E7:FD:04 X509v3 Authority Key Identifier: keyid:06:94:85:7F:52:1B:E2:1E:12:67:39:DA:D7:73:B4:E6:A1:8A:C6:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpSFf1Ib4h4SZzna13O05qGKxps.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5eb14c-f03b-48e8-ae3f-88afbd4a3dd2/1/BpSFf1Ib4h4SZzna13O05qGKxps.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:e3:ba:1c:3c:ec:0c:51:25:2d:7f:e9:29:59:16:31:d7:ba: 26:a7:cf:de:e9:49:41:ce:3c:bc:7a:5c:49:bb:f6:e5:47:bb: b0:4d:56:c1:ee:0c:ed:40:be:f1:89:d5:82:7e:0f:53:03:34: eb:23:b5:0b:83:70:3a:77:ca:54:7c:f8:87:86:51:5c:98:3e: 19:84:a5:3e:e6:48:03:d8:81:10:3a:0b:1c:d7:9b:c6:a1:d5: 87:0a:5f:80:ca:bc:7a:45:82:f8:34:53:a7:bf:d9:c6:38:fb: d1:3f:5d:08:fa:b8:0b:22:57:52:80:6e:89:b4:02:72:fa:2c: 46:f3:22:5b:eb:e3:14:7f:8e:fc:6a:5d:04:d3:9e:eb:52:a8: 29:bd:5b:65:df:23:43:ea:e5:50:f9:52:4b:15:84:1d:cd:e4: 85:25:dc:e2:c5:91:77:eb:e1:9c:0d:ae:be:3e:08:23:84:79: 6b:87:e6:97:35:17:dd:12:d9:47:30:58:15:14:80:63:12:3b: 8d:d8:66:26:4f:a4:0f:69:60:2b:58:69:64:44:16:fe:e9:93: 9a:b3:52:a3:cc:c8:9c:2d:9f:f3:00:7c:bc:41:6e:ff:09:16: a1:7e:a8:b1:ae:de:a2:f8:88:3a:3f:3a:b8:80:91:c8:af:52: e7:80:52:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOIygPT2qhci45KzkFOZ5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2OTQ4NTdmNTIxYmUyMWUxMjY3MzlkYWQ3NzNiNGU2YTE4 YWM2OWIwHhcNMjUxMjIyMDQwMTU1WhcNMjUxMjIzMDQwMTU1WjAzMTEwLwYDVQQD Eyg1ZDJjZDM1MWJkNTY2MGFiZjMzMzNkMDVlMDdmMmYzODZlZTdmZDA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXsiUcNLE8YgcXl5gjwCkT62jhMy UXL5N7DidWpPckOz9Nnu+WDGj6dJZxl/XBCaDUZKXg4hDHvuSh9B4/8bMI/NJEjw 0DLosjviPR/9fswadvVmgCQXgaKEsB4le5JCOdTFBQPehXtap8UDU2QtYMxOzYIi OhVmlsMwW2Gm9rb72oEeOjQtAINmRajyWLSl18mWYUfiPCXy7lcXbZXl3tct9Q1t 3RnjemaWuClyJd+7PRmUwyc8GcTMUJEEcZmDpFHqB2a6Szx2i2iOLuj6Po2+PwvD Cuk6eGCRjKDgCO9eNPkis+qfxoxbbh5BNY9CkEWFfzTQgwfszhjXQ/9irwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF0s01G9VmCr8zM9BeB/Lzhu5/0EMB8GA1UdIwQY MBaAFAaUhX9SG+IeEmc52tdztOahisabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQnBTRmYxSWI0aDRTWnpuYTEzTzA1cUdLeHBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81ZWIxNGMtZjAzYi00OGU4LWFlM2Yt ODhhZmJkNGEzZGQyLzEvQnBTRmYxSWI0aDRTWnpuYTEzTzA1cUdLeHBzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy81ZWIxNGMtZjAzYi00OGU4LWFlM2YtODhhZmJkNGEzZGQy LzEvQnBTRmYxSWI0aDRTWnpuYTEzTzA1cUdLeHBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+O6HDzs DFElLX/pKVkWMde6JqfP3ulJQc48vHpcSbv25Ue7sE1Wwe4M7UC+8YnVgn4PUwM0 6yO1C4NwOnfKVHz4h4ZRXJg+GYSlPuZIA9iBEDoLHNebxqHVhwpfgMq8ekWC+DRT p7/Zxjj70T9dCPq4CyJXUoBuibQCcvosRvMiW+vjFH+O/GpdBNOe61KoKb1bZd8j Q+rlUPlSSxWEHc3khSXc4sWRd+vhnA2uvj4II4R5a4fmlzUX3RLZRzBYFRSAYxI7 jdhmJk+kD2lgK1hpZEQW/umTmrNSo8zInC2f8wB8vEFu/wkWoX6osa7eoviIOj86 uICRyK9S54BSNA== -----END CERTIFICATE-----Generated at Mon Dec 22 07:54:18 2025 by rpki-client