This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft File: BKnP8kmB1yY9G31jd59dZz3ivbw.mft (raw, json) Hash identifier: HeYaNH6y8xj+r/6Pw61W9oY9YUkdir10cA0BtlQrlHA= Subject key identifier: F6:74:9E:3E:B1:3A:BD:92:36:34:91:2C:D4:DA:71:24:BF:B7:4C:B6 Authority key identifier: 04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC Certificate issuer: /CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc Certificate serial: 019B4C5EE3AFE6365BBAD34EABEA8C719B47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft Manifest number: 1793 Signing time: Tue 23 Dec 2025 18:00:45 +0000 Manifest this update: Tue 23 Dec 2025 18:00:45 +0000 Manifest next update: Wed 24 Dec 2025 18:00:45 +0000 Files and hashes: 1: BKnP8kmB1yY9G31jd59dZz3ivbw.crl (hash: 3Q88n35Z0r79sztvqHC0/HNqBt3c9BT2H6Y2MSyh1aA=) 2: zx1XMXhbE28ZMTwu9AxINedJc60.roa (hash: 4bo9B0lLSnpXpzHGQAUAoXEmUUE4IbZbuOepJknUA+w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:5e:e3:af:e6:36:5b:ba:d3:4e:ab:ea:8c:71:9b:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc Validity Not Before: Dec 23 18:00:45 2025 GMT Not After : Dec 24 18:00:45 2025 GMT Subject: CN=f6749e3eb13abd923634912cd4da7124bfb74cb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5b:d0:0d:ba:cc:6b:f7:6c:e1:2c:03:28:35: bb:70:39:2a:1c:c6:5d:8c:f7:c6:f5:fe:d2:be:2a: de:12:40:4a:9e:82:f2:b6:2d:19:54:cf:77:d5:e8: 4c:07:44:1a:5f:ed:53:eb:8b:07:5a:cf:31:aa:34: 68:66:f9:73:b6:d1:6d:07:77:34:29:98:e3:53:4f: 57:ca:b1:f4:92:59:56:cd:40:b7:02:bf:95:63:94: d9:93:33:4c:ba:c3:04:de:82:d7:e3:59:2c:b3:8a: 46:e0:77:d7:42:00:7d:c3:02:5e:46:e7:cc:9b:1e: 4f:70:e9:a8:e4:3c:11:62:3a:45:83:5f:d2:d5:5c: fc:13:cc:c6:81:c9:f4:4f:2a:58:ba:36:99:79:6a: b4:83:51:b3:05:5c:fb:83:49:1a:05:dd:c7:14:8c: f6:42:d0:3b:56:8c:bf:f3:79:1d:3b:f7:42:f2:55: 90:77:8c:a1:12:f9:87:59:6b:5b:e5:50:f0:0c:3d: 44:5f:cc:58:37:a2:6e:d2:0a:11:4b:6a:55:fa:a5: 31:70:ea:75:1b:0b:f1:82:95:33:4b:9d:e6:99:88: 0b:32:37:49:7c:12:02:0b:72:ca:15:65:6c:96:9e: 51:31:d7:aa:78:cd:13:c0:36:a2:3d:2e:3b:ab:ea: 36:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:74:9E:3E:B1:3A:BD:92:36:34:91:2C:D4:DA:71:24:BF:B7:4C:B6 X509v3 Authority Key Identifier: keyid:04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:f6:10:6b:77:43:6d:31:3c:1f:c2:9a:2e:9f:d9:da:78:43: 36:14:53:aa:53:d3:07:31:c9:63:34:1b:a7:60:ef:da:6b:6a: 06:15:15:c4:96:c9:2b:e7:0d:dd:7f:b5:f7:99:2f:7d:12:15: e8:9d:53:e8:ca:50:0c:24:39:97:02:41:34:38:96:b4:a1:d4: 59:b5:5c:f2:b2:02:ad:1c:5c:02:b9:ab:93:3f:7f:97:7e:59: 94:b2:1f:ad:ca:a9:2f:fd:f2:e6:83:90:16:99:b5:64:c5:2c: 5a:cd:f5:e7:86:92:ff:b9:0f:a0:a4:b8:56:11:db:ea:8a:8d: 36:ce:0c:48:00:ab:4c:15:5e:79:60:9e:b1:fd:8a:6d:a0:8a: 0e:21:91:1e:11:00:c6:8c:69:33:e1:f1:24:25:68:90:ee:f1: 56:1f:62:5f:3b:8c:1d:ab:38:10:e2:4b:7a:20:99:c1:64:ab: 59:76:67:34:af:93:0a:8e:8d:77:79:fe:f2:ad:3f:ed:d6:91: ad:3a:3e:9e:6a:4b:9c:6c:c4:97:7c:ab:6b:5f:e5:d6:73:b6: d1:d0:a3:41:9a:3c:a2:90:d5:3d:38:08:d4:c0:c2:88:5c:7e: 4a:af:ad:6d:22:31:86:eb:4c:1b:c8:26:d0:48:1a:e0:4c:2a: 8e:98:3e:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMXuOv5jZbutNOq+qMcZtHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YTljZmYyNDk4MWQ3MjYzZDFiN2Q2Mzc3OWY1ZDY3M2Rl MmJkYmMwHhcNMjUxMjIzMTgwMDQ1WhcNMjUxMjI0MTgwMDQ1WjAzMTEwLwYDVQQD EyhmNjc0OWUzZWIxM2FiZDkyMzYzNDkxMmNkNGRhNzEyNGJmYjc0Y2I2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlvQDbrMa/ds4SwDKDW7cDkqHMZd jPfG9f7SvireEkBKnoLyti0ZVM931ehMB0QaX+1T64sHWs8xqjRoZvlzttFtB3c0 KZjjU09XyrH0kllWzUC3Ar+VY5TZkzNMusME3oLX41kss4pG4HfXQgB9wwJeRufM mx5PcOmo5DwRYjpFg1/S1Vz8E8zGgcn0TypYujaZeWq0g1GzBVz7g0kaBd3HFIz2 QtA7Voy/83kdO/dC8lWQd4yhEvmHWWtb5VDwDD1EX8xYN6Ju0goRS2pV+qUxcOp1 GwvxgpUzS53mmYgLMjdJfBICC3LKFWVslp5RMdeqeM0TwDaiPS47q+o21wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZ0nj6xOr2SNjSRLNTacSS/t0y2MB8GA1UdIwQY MBaAFASpz/JJgdcmPRt9Y3efXWc94r28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQt Y2QwZDllNTc0MmNiLzEvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQtY2QwZDllNTc0MmNi LzEvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/YQa3dD bTE8H8KaLp/Z2nhDNhRTqlPTBzHJYzQbp2Dv2mtqBhUVxJbJK+cN3X+195kvfRIV 6J1T6MpQDCQ5lwJBNDiWtKHUWbVc8rICrRxcArmrkz9/l35ZlLIfrcqpL/3y5oOQ Fpm1ZMUsWs3154aS/7kPoKS4VhHb6oqNNs4MSACrTBVeeWCesf2KbaCKDiGRHhEA xoxpM+HxJCVokO7xVh9iXzuMHas4EOJLeiCZwWSrWXZnNK+TCo6Nd3n+8q0/7daR rTo+nmpLnGzEl3yra1/l1nO20dCjQZo8opDVPTgI1MDCiFx+Sq+tbSIxhutMG8gm 0Ega4Ewqjpg+Xw== -----END CERTIFICATE-----Generated at Wed Dec 24 00:12:15 2025 by rpki-client