This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft File: bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft (raw, json) Hash identifier: ICSW0acTOQwwG4r9B/Rpi5X3H6FVJihyuK4ktFLIGrE= Subject key identifier: C2:74:C7:AE:23:85:A5:AD:2D:7C:02:AC:61:17:44:B2:B9:4C:32:09 Authority key identifier: 6C:C3:85:3D:A7:0C:DE:A0:DB:A4:64:14:B6:B0:E6:D1:F1:71:6E:74 Certificate issuer: /CN=6cc3853da70cdea0dba46414b6b0e6d1f1716e74 Certificate serial: 019B3BA21E295C474FDB96827C2F75168399 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft Manifest number: 0443 Signing time: Sat 20 Dec 2025 12:00:38 +0000 Manifest this update: Sat 20 Dec 2025 12:00:38 +0000 Manifest next update: Sun 21 Dec 2025 12:00:38 +0000 Files and hashes: 1: MYDLO2vvDKfPNW5B_jde2eQkJYg.roa (hash: wV9kbvDo8W5gfhdwsvfFoAGi3mrp4nPR/cUxhX5vacM=) 2: bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl (hash: osO6s6aJl79fDVC7K9O5C/hRueC8b6DJgaJFaiSMxjI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:1e:29:5c:47:4f:db:96:82:7c:2f:75:16:83:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cc3853da70cdea0dba46414b6b0e6d1f1716e74 Validity Not Before: Dec 20 12:00:38 2025 GMT Not After : Dec 21 12:00:38 2025 GMT Subject: CN=c274c7ae2385a5ad2d7c02ac611744b2b94c3209 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:b6:51:2f:55:ef:66:ef:5f:b2:de:af:1d:e6: 2b:03:3f:ac:79:79:b2:a6:34:c4:83:32:79:0b:c5: 69:90:6d:a3:a7:52:82:03:3f:5c:bc:d9:eb:43:56: e8:c1:fb:29:0e:75:ab:88:fc:2d:ee:6e:dc:34:60: e8:a2:51:28:67:d8:c8:08:46:09:9e:f8:c9:ff:bd: 81:d4:8d:5d:c6:ef:1e:08:14:48:16:5b:a8:af:17: fa:67:21:57:91:a7:72:83:61:6c:b2:7e:bb:44:56: 0b:64:67:bf:f6:96:9f:57:da:32:68:7f:5e:d8:1d: ac:64:a1:cd:6d:be:2c:6d:4b:06:4c:f0:b5:f4:9a: 2e:16:51:e1:46:44:d7:21:c6:e9:62:e7:18:d3:db: ba:3d:8d:25:ce:7f:cb:11:11:86:f8:64:64:45:b5: c4:0c:33:20:ff:2f:e2:ff:fe:cb:28:6a:89:46:cf: a0:78:b1:11:2b:85:30:09:24:e1:b4:c8:2a:e9:7a: 9b:e8:f5:a1:e3:38:f4:a8:7f:b7:0b:8d:d6:bc:2b: a7:84:b9:f2:b5:81:08:c1:aa:8b:1d:88:c5:31:2a: 40:9b:f4:f6:61:1f:a2:8c:74:b9:94:df:a8:f0:03: d2:85:5f:4f:9a:69:46:2e:54:f4:4d:4d:82:b3:dd: 45:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:74:C7:AE:23:85:A5:AD:2D:7C:02:AC:61:17:44:B2:B9:4C:32:09 X509v3 Authority Key Identifier: keyid:6C:C3:85:3D:A7:0C:DE:A0:DB:A4:64:14:B6:B0:E6:D1:F1:71:6E:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMOFPacM3qDbpGQUtrDm0fFxbnQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d128de-d61d-4f03-9134-046a68ab4c8d/1/bMOFPacM3qDbpGQUtrDm0fFxbnQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:1f:72:b9:14:57:4d:44:a2:d3:5f:3e:bb:f0:ff:8d:4c:17: f0:82:0c:f9:c6:18:4c:7c:82:3c:f1:e7:6f:07:79:27:f7:06: 2d:f9:d5:a0:28:5c:f9:55:f7:58:ed:9f:62:ca:cb:06:c7:5f: 1c:cc:e8:60:22:78:c8:99:21:f6:12:a9:2a:bf:cb:00:db:54: 28:45:f4:0d:60:7e:b8:cd:0d:67:84:2a:81:cd:d5:c1:0e:4d: fd:8c:a8:0b:07:c7:35:4b:4e:f1:c1:80:77:cb:44:4b:88:e3: 12:49:61:f2:ea:dd:82:43:fd:32:4a:4e:3e:db:46:fa:70:32: 80:38:66:0e:5a:a8:92:80:21:4d:21:cb:88:a5:93:19:9c:ce: b6:92:06:1c:33:cf:3f:11:2c:47:33:41:b5:05:43:2d:44:84: 79:87:b3:de:fe:9a:ee:9d:10:ef:0c:c5:1a:60:75:05:ee:1c: d8:bd:56:e6:bf:1a:78:6f:f6:6b:90:50:c3:55:99:28:be:73: c0:92:3c:72:c3:02:0f:8f:b1:11:13:98:bd:d5:74:11:dc:2b: 4b:6e:4f:b4:69:aa:df:ab:74:d5:0b:0c:02:45:86:da:25:39: e2:01:5f:ae:af:0a:6e:67:42:ed:db:61:6c:df:0d:de:4b:da: 5a:a9:c9:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7oh4pXEdP25aCfC91FoOZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYzM4NTNkYTcwY2RlYTBkYmE0NjQxNGI2YjBlNmQxZjE3 MTZlNzQwHhcNMjUxMjIwMTIwMDM4WhcNMjUxMjIxMTIwMDM4WjAzMTEwLwYDVQQD EyhjMjc0YzdhZTIzODVhNWFkMmQ3YzAyYWM2MTE3NDRiMmI5NGMzMjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7ZRL1XvZu9fst6vHeYrAz+seXmy pjTEgzJ5C8VpkG2jp1KCAz9cvNnrQ1bowfspDnWriPwt7m7cNGDoolEoZ9jICEYJ nvjJ/72B1I1dxu8eCBRIFluorxf6ZyFXkadyg2Fssn67RFYLZGe/9pafV9oyaH9e 2B2sZKHNbb4sbUsGTPC19JouFlHhRkTXIcbpYucY09u6PY0lzn/LERGG+GRkRbXE DDMg/y/i//7LKGqJRs+geLERK4UwCSThtMgq6Xqb6PWh4zj0qH+3C43WvCunhLny tYEIwaqLHYjFMSpAm/T2YR+ijHS5lN+o8APShV9PmmlGLlT0TU2Cs91F5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMJ0x64jhaWtLXwCrGEXRLK5TDIJMB8GA1UdIwQY MBaAFGzDhT2nDN6g26RkFLaw5tHxcW50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kMTI4ZGUtZDYxZC00ZjAzLTkxMzQt MDQ2YTY4YWI0YzhkLzEvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC9kMTI4ZGUtZDYxZC00ZjAzLTkxMzQtMDQ2YTY4YWI0Yzhk LzEvYk1PRlBhY00zcURicEdRVXRyRG0wZkZ4Ym5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGB9yuRRX TUSi018+u/D/jUwX8IIM+cYYTHyCPPHnbwd5J/cGLfnVoChc+VX3WO2fYsrLBsdf HMzoYCJ4yJkh9hKpKr/LANtUKEX0DWB+uM0NZ4Qqgc3VwQ5N/YyoCwfHNUtO8cGA d8tES4jjEklh8urdgkP9MkpOPttG+nAygDhmDlqokoAhTSHLiKWTGZzOtpIGHDPP PxEsRzNBtQVDLUSEeYez3v6a7p0Q7wzFGmB1Be4c2L1W5r8aeG/2a5BQw1WZKL5z wJI8csMCD4+xEROYvdV0EdwrS25PtGmq36t01QsMAkWG2iU54gFfrq8KbmdC7dth bN8N3kvaWqnJAA== -----END CERTIFICATE-----Generated at Sat Dec 20 18:37:34 2025 by rpki-client