This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json) Hash identifier: FlfqqzNVHZsvGIHBlipItXHosIIFkOpxc+vKQNo242I= Subject key identifier: F3:F1:06:C3:33:6D:46:2E:4D:A2:9F:09:4B:5B:17:DA:F4:D9:73:AC Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Certificate serial: 019B601D019FADBAF6BC47C8B3D8E6AFB81B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft Manifest number: 07DA Signing time: Sat 27 Dec 2025 14:01:12 +0000 Manifest this update: Sat 27 Dec 2025 14:01:12 +0000 Manifest next update: Sun 28 Dec 2025 14:01:12 +0000 Files and hashes: 1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: HY2RkwBKVdPyRRXi9WK61nj6ElFkluISHcI9NiJbmKI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 08:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:60:1d:01:9f:ad:ba:f6:bc:47:c8:b3:d8:e6:af:b8:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Validity Not Before: Dec 27 14:01:12 2025 GMT Not After : Dec 28 14:01:12 2025 GMT Subject: CN=f3f106c3336d462e4da29f094b5b17daf4d973ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:35:11:3e:af:25:cb:69:2e:e3:62:4c:10:78: 5c:8d:87:ee:17:02:93:c0:39:d7:88:a1:dc:97:b3: 24:81:5e:71:d8:ec:ec:2e:34:04:3d:6a:ee:a1:d3: 9a:ba:b6:87:8b:f0:01:60:ba:ca:42:90:bd:fe:b8: 61:a3:12:37:d3:7f:3e:83:3b:4a:86:e9:83:b9:08: ef:a0:7d:b5:7e:42:1b:47:4d:44:da:92:02:89:bd: 6f:f8:a4:25:3c:79:36:f1:b9:7b:8f:12:8d:64:4f: 98:68:ef:46:d1:75:da:da:80:12:5c:21:37:76:9c: b8:c0:6c:d7:8a:6e:a9:0d:89:af:8a:be:f8:2b:ba: 57:b2:a6:de:1e:91:a6:1d:24:66:9b:b7:cd:e2:79: 07:0c:20:c1:d6:19:6b:77:65:bb:3a:07:8c:62:8b: 11:e7:ce:d8:51:d3:97:e0:70:b7:39:7b:05:2f:71: 15:75:9a:d2:8f:9f:05:f4:2a:8b:8e:9e:4e:3d:16: a1:cd:e5:f0:c8:8b:cd:9a:5c:3e:21:c0:65:36:cb: 61:10:ad:ba:29:da:c9:d7:b1:9e:3d:5d:fc:e9:61: a1:c1:04:89:04:7c:97:7b:b9:3e:3c:ae:ff:25:09: a6:17:85:1c:ac:63:27:d0:15:81:78:5e:ae:ad:6d: 37:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:F1:06:C3:33:6D:46:2E:4D:A2:9F:09:4B:5B:17:DA:F4:D9:73:AC X509v3 Authority Key Identifier: keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:03:09:75:ef:16:a6:08:8c:4f:45:70:75:68:b6:9e:ac:a1: ed:cf:73:1d:cf:31:ad:7f:0f:79:26:8d:f5:ea:be:bd:dc:e9: 1e:3d:e9:83:87:8b:b1:80:63:e1:fa:e6:e2:24:c4:d9:e4:cd: 8a:32:e2:e6:7d:17:90:ee:e9:32:72:45:92:7f:e7:d9:8c:24: 3a:1a:85:57:16:3a:96:21:90:55:32:d3:5b:41:0d:1b:1f:ba: c2:a5:60:1a:e1:ed:6a:ea:3c:25:fa:92:ef:c1:70:d3:ac:11: 84:01:ac:8c:b7:87:98:43:4e:86:47:c4:cd:91:03:cd:39:98: 31:eb:ca:9b:23:e6:da:1c:7f:84:d9:a9:b7:e4:5f:bd:99:c7: 62:c9:ec:9f:fd:b3:11:37:a2:98:f3:25:53:80:b2:3b:1b:8e: 99:14:42:6e:a9:43:fe:02:f7:c3:24:6d:89:29:a8:07:77:ed: f7:df:11:14:c6:25:72:26:1b:02:4c:a7:8e:cc:fb:bb:88:f8: 80:ed:08:6f:ec:39:e4:bc:8a:60:37:12:31:f7:a9:64:8c:ff: 97:59:f4:f5:62:29:89:ba:6e:1a:a4:bb:a7:2d:12:69:d4:0d: c1:cd:58:30:30:d8:e5:28:5b:a5:c3:bd:13:41:80:32:64:60: c6:2a:38:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtgHQGfrbr2vEfIs9jmr7gbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5 MDUxOGYwHhcNMjUxMjI3MTQwMTEyWhcNMjUxMjI4MTQwMTEyWjAzMTEwLwYDVQQD EyhmM2YxMDZjMzMzNmQ0NjJlNGRhMjlmMDk0YjViMTdkYWY0ZDk3M2FjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzURPq8ly2ku42JMEHhcjYfuFwKT wDnXiKHcl7MkgV5x2OzsLjQEPWruodOauraHi/ABYLrKQpC9/rhhoxI3038+gztK humDuQjvoH21fkIbR01E2pICib1v+KQlPHk28bl7jxKNZE+YaO9G0XXa2oASXCE3 dpy4wGzXim6pDYmvir74K7pXsqbeHpGmHSRmm7fN4nkHDCDB1hlrd2W7OgeMYosR 587YUdOX4HC3OXsFL3EVdZrSj58F9CqLjp5OPRahzeXwyIvNmlw+IcBlNsthEK26 KdrJ17GePV386WGhwQSJBHyXe7k+PK7/JQmmF4UcrGMn0BWBeF6urW03VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPPxBsMzbUYuTaKfCUtbF9r02XOsMB8GA1UdIwQY MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwMJde8W pgiMT0VwdWi2nqyh7c9zHc8xrX8PeSaN9eq+vdzpHj3pg4eLsYBj4frm4iTE2eTN ijLi5n0XkO7pMnJFkn/n2YwkOhqFVxY6liGQVTLTW0ENGx+6wqVgGuHtauo8JfqS 78Fw06wRhAGsjLeHmENOhkfEzZEDzTmYMevKmyPm2hx/hNmpt+RfvZnHYsnsn/2z ETeimPMlU4CyOxuOmRRCbqlD/gL3wyRtiSmoB3ft998RFMYlciYbAkynjsz7u4j4 gO0Ib+w55LyKYDcSMfepZIz/l1n09WIpibpuGqS7py0SadQNwc1YMDDY5ShbpcO9 E0GAMmRgxio4wA== -----END CERTIFICATE-----Generated at Sat Dec 27 15:41:26 2025 by rpki-client