This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft File: rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft (raw, json) Hash identifier: HWZPgOYpIzbI5e1vIvS3fVVrjSmkZYXN5uHiWfdDIXw= Subject key identifier: 12:5B:1B:F4:24:A5:31:A7:13:58:72:F7:DA:F4:81:6A:81:63:FA:FE Authority key identifier: AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D Certificate issuer: /CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d Certificate serial: 019B4CCCF5348278A785F0218CDF2E9828CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft Manifest number: 1790 Signing time: Tue 23 Dec 2025 20:00:59 +0000 Manifest this update: Tue 23 Dec 2025 20:00:59 +0000 Manifest next update: Wed 24 Dec 2025 20:00:59 +0000 Files and hashes: 1: e7v6KfsQ42Ju_th6J-KjayhE0pc.roa (hash: 2QzdBlDL7vaApFGThIZoir4ZfxpYLQiDlB23vrYFa1A=) 2: rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl (hash: OQsbw8STypdpjbZ9ZXQYUeHcfn7RoEnvJpJWO5AeMHU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:cc:f5:34:82:78:a7:85:f0:21:8c:df:2e:98:28:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d Validity Not Before: Dec 23 20:00:59 2025 GMT Not After : Dec 24 20:00:59 2025 GMT Subject: CN=125b1bf424a531a7135872f7daf4816a8163fafe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:96:84:77:23:e8:30:12:f0:b7:6c:77:01:6f: cf:3e:36:14:9d:f9:59:91:67:be:a3:99:3b:66:ec: e7:4e:94:b7:03:20:1a:45:aa:82:5e:25:6a:a6:13: 81:08:a2:e5:d9:07:94:0b:21:4a:13:d7:65:1f:85: c5:54:29:df:28:47:a8:3b:37:dd:8d:d6:ba:3a:a8: 31:e7:2e:a4:e2:94:0a:61:1f:34:b4:81:24:24:f2: 91:b1:4e:96:79:e1:fd:4f:95:dd:fd:94:63:45:9d: c5:7f:a3:54:20:69:68:c7:a5:ec:57:9d:03:03:93: 4a:ad:f2:0b:6c:82:d8:c6:19:9f:9a:26:55:e5:43: df:26:12:a5:92:5b:8b:d8:25:00:0f:a4:e6:3c:e4: b2:df:b5:fc:ad:a6:3a:1a:ae:42:36:4a:11:29:1b: 24:48:bf:7a:74:d6:41:30:87:64:07:5b:99:69:f2: 90:f3:66:7e:03:2c:e5:22:45:7d:fa:82:af:0f:c3: 21:2b:55:ab:a5:f3:b6:e8:4a:96:c2:e8:08:4d:01: 25:07:15:73:41:af:6a:d4:80:fa:07:4b:e4:af:ee: 8e:7a:ce:20:0d:6b:e3:12:b5:f9:9a:8a:b9:d2:c5: f5:f8:01:81:8c:0a:ef:c9:e6:d3:b9:f6:b6:a7:1f: 63:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:5B:1B:F4:24:A5:31:A7:13:58:72:F7:DA:F4:81:6A:81:63:FA:FE X509v3 Authority Key Identifier: keyid:AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:5d:99:eb:54:9a:33:ef:08:fe:45:da:22:e1:6f:c5:43:cc: 0a:39:4a:2d:46:34:68:9f:3c:12:b5:67:98:e9:0f:a3:85:79: 18:4f:50:b3:c1:ae:fe:2f:e5:f4:95:96:2e:90:47:c3:df:f2: 06:02:b4:f5:47:31:cf:63:ea:08:1b:f1:44:97:86:85:7b:69: ae:7c:cb:57:00:41:b8:13:ef:98:07:a8:09:6c:75:9e:aa:bd: 7c:a2:cd:5f:f9:17:82:49:87:66:dc:0c:6c:85:f3:0e:64:5a: f0:55:0e:08:54:8f:10:b2:1a:1c:f3:ff:f0:61:2d:e4:76:1e: b5:21:bc:2a:7a:55:22:b7:33:35:32:45:5c:05:90:5b:57:92: 42:98:91:73:b9:54:25:5f:66:32:61:e3:f4:16:e1:ae:1c:8c: a9:4e:0c:c4:5e:47:98:da:d4:f4:d5:5e:72:52:4f:1d:74:03: a2:28:aa:ad:34:ab:66:88:06:c7:c8:de:98:6f:29:4e:34:45: bd:4a:90:e9:e0:cf:45:41:dd:51:a1:c1:ce:5e:42:49:ce:bd: 54:bb:cf:16:c7:1a:ce:9c:fc:c9:52:87:c4:5e:70:04:70:67: 13:b7:21:a4:02:59:b8:6a:1e:b0:ea:d7:97:44:c5:7d:32:9b: b0:5a:73:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMzPU0gninhfAhjN8umCjPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMWEwYjljYzVjZThiZmQ5ZWUyNmQwOWQ3ZTkxMTUxYTQy ZDM3MGQwHhcNMjUxMjIzMjAwMDU5WhcNMjUxMjI0MjAwMDU5WjAzMTEwLwYDVQQD EygxMjViMWJmNDI0YTUzMWE3MTM1ODcyZjdkYWY0ODE2YTgxNjNmYWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupaEdyPoMBLwt2x3AW/PPjYUnflZ kWe+o5k7ZuznTpS3AyAaRaqCXiVqphOBCKLl2QeUCyFKE9dlH4XFVCnfKEeoOzfd jda6Oqgx5y6k4pQKYR80tIEkJPKRsU6WeeH9T5Xd/ZRjRZ3Ff6NUIGlox6XsV50D A5NKrfILbILYxhmfmiZV5UPfJhKlkluL2CUAD6TmPOSy37X8raY6Gq5CNkoRKRsk SL96dNZBMIdkB1uZafKQ82Z+AyzlIkV9+oKvD8MhK1WrpfO26EqWwugITQElBxVz Qa9q1ID6B0vkr+6Oes4gDWvjErX5moq50sX1+AGBjArvyebTufa2px9jxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBJbG/QkpTGnE1hy99r0gWqBY/r+MB8GA1UdIwQY MBaAFKwaC5zFzov9nuJtCdfpEVGkLTcNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMt YWE3MzUzZDRkOThmLzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMtYWE3MzUzZDRkOThm LzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWl2Z61Sa M+8I/kXaIuFvxUPMCjlKLUY0aJ88ErVnmOkPo4V5GE9Qs8Gu/i/l9JWWLpBHw9/y BgK09Ucxz2PqCBvxRJeGhXtprnzLVwBBuBPvmAeoCWx1nqq9fKLNX/kXgkmHZtwM bIXzDmRa8FUOCFSPELIaHPP/8GEt5HYetSG8KnpVIrczNTJFXAWQW1eSQpiRc7lU JV9mMmHj9BbhrhyMqU4MxF5HmNrU9NVeclJPHXQDoiiqrTSrZogGx8jemG8pTjRF vUqQ6eDPRUHdUaHBzl5CSc69VLvPFscazpz8yVKHxF5wBHBnE7chpAJZuGoesOrX l0TFfTKbsFpz8Q== -----END CERTIFICATE-----Generated at Tue Dec 23 22:06:23 2025 by rpki-client