This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft File: bQ1uHM2JDfL16cFF7LpGiZzOs70.mft (raw, json) Hash identifier: 2AsBJjfujbETGPiZMUonJXjsmajblPWi4n5s4cCglfg= Subject key identifier: 02:DC:FC:C7:A6:F1:4D:FA:D3:A4:F0:E2:56:2F:0F:5A:87:C1:D6:39 Authority key identifier: 6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD Certificate issuer: /CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd Certificate serial: 019B5BD231EB2CB93F7065161BF02551CE92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft Manifest number: 1428 Signing time: Fri 26 Dec 2025 18:01:00 +0000 Manifest this update: Fri 26 Dec 2025 18:01:00 +0000 Manifest next update: Sat 27 Dec 2025 18:01:00 +0000 Files and hashes: 1: bQ1uHM2JDfL16cFF7LpGiZzOs70.crl (hash: ixSbn6zJq0WkUTyuKc0FKtaHOcYrvkRozueioYayp6g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 18:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:d2:31:eb:2c:b9:3f:70:65:16:1b:f0:25:51:ce:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd Validity Not Before: Dec 26 18:01:00 2025 GMT Not After : Dec 27 18:01:00 2025 GMT Subject: CN=02dcfcc7a6f14dfad3a4f0e2562f0f5a87c1d639 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:d2:1c:d0:29:0c:72:9e:aa:f3:52:26:01:b9: c3:41:11:ea:58:fe:10:2c:0e:89:34:7c:2e:c2:c8: 92:84:ad:74:95:18:3e:f7:21:a1:86:c4:f2:e0:b7: 60:8d:18:45:23:52:1d:47:69:b8:2f:11:f4:e6:d5: 13:8c:22:7b:62:a3:9b:1a:0b:6a:c0:f4:b4:a8:37: 8f:de:9d:ff:db:ee:8f:2d:3e:3e:dd:a4:48:f7:4b: 08:69:48:e3:f5:0e:ba:d1:f7:14:20:0f:47:a6:84: 5c:f7:63:94:7c:03:8c:7a:3f:50:c6:d0:b8:32:a6: 36:89:3b:fa:ab:09:3f:8e:f8:a2:73:04:60:84:04: 5a:73:30:1a:9b:4e:d9:0e:09:04:fd:4e:fe:6d:4b: e8:63:84:82:2f:5d:af:f6:9c:f2:fa:d8:60:a8:e4: 54:ac:eb:09:9c:28:b5:8b:40:c8:14:39:68:c3:e1: c1:72:7d:99:8b:11:fa:8d:1d:58:25:90:87:eb:fb: 5b:14:ef:bd:53:aa:72:48:38:c3:1b:e0:dc:7a:17: 1c:4b:57:41:32:a6:38:ce:19:7f:52:22:6c:88:9b: 4f:b7:75:85:3c:4a:b8:d1:4b:8f:7e:7a:72:5c:b1: 19:1a:b6:da:da:c8:e7:cb:74:95:2c:fe:73:65:8a: d2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DC:FC:C7:A6:F1:4D:FA:D3:A4:F0:E2:56:2F:0F:5A:87:C1:D6:39 X509v3 Authority Key Identifier: keyid:6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:00:41:0b:87:4a:91:a3:47:63:7c:bc:dd:ce:3e:4c:f3:80: 6f:6c:03:dc:35:02:38:b2:2b:18:24:7f:b4:38:f4:67:a5:e3: a2:95:b6:78:04:ec:49:93:c4:de:20:47:74:e7:6d:82:23:7a: 35:46:79:60:29:89:7a:6a:ca:48:6f:34:e1:82:7f:4e:78:2b: 72:69:d4:ba:72:1f:08:9b:41:11:bf:42:3a:60:12:f0:cd:4c: 9d:47:da:63:be:9a:a2:ac:d7:11:4e:d8:53:32:3c:d7:f3:52: 9c:b8:0f:fc:82:75:e6:f7:ae:f7:1e:47:ac:50:9d:16:f2:8c: e9:c8:98:4f:fe:6d:db:c5:f9:f0:8d:0d:ac:d3:24:9f:4f:11: 32:03:cb:01:7b:a1:9b:3b:ba:ba:ce:21:51:e8:e6:6f:7f:b7: e9:9e:7c:32:c7:90:b2:f2:23:60:89:7b:4e:d8:f5:cd:88:32: e7:4d:d9:3e:9c:de:4f:89:8e:de:d4:ec:4a:e2:6e:c9:52:5b: ae:27:93:80:fd:3e:c2:b5:ec:8d:26:63:2b:57:d2:aa:ad:dd: 34:26:9b:1a:56:1b:1c:58:69:ad:7b:be:c2:9d:c5:95:1e:19: e7:df:e8:08:76:1c:54:0b:b3:5e:29:b2:9e:7d:d6:20:03:ac: e6:4e:22:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtb0jHrLLk/cGUWG/AlUc6SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMGQ2ZTFjY2Q4OTBkZjJmNWU5YzE0NWVjYmE0Njg5OWNj ZWIzYmQwHhcNMjUxMjI2MTgwMTAwWhcNMjUxMjI3MTgwMTAwWjAzMTEwLwYDVQQD EygwMmRjZmNjN2E2ZjE0ZGZhZDNhNGYwZTI1NjJmMGY1YTg3YzFkNjM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtIc0CkMcp6q81ImAbnDQRHqWP4Q LA6JNHwuwsiShK10lRg+9yGhhsTy4LdgjRhFI1IdR2m4LxH05tUTjCJ7YqObGgtq wPS0qDeP3p3/2+6PLT4+3aRI90sIaUjj9Q660fcUIA9HpoRc92OUfAOMej9QxtC4 MqY2iTv6qwk/jviicwRghARaczAam07ZDgkE/U7+bUvoY4SCL12v9pzy+thgqORU rOsJnCi1i0DIFDlow+HBcn2ZixH6jR1YJZCH6/tbFO+9U6pySDjDG+DcehccS1dB MqY4zhl/UiJsiJtPt3WFPEq40UuPfnpyXLEZGrba2sjny3SVLP5zZYrSEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFALc/Mem8U3606Tw4lYvD1qHwdY5MB8GA1UdIwQY MBaAFG0NbhzNiQ3y9enBRey6RomczrO9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMt NjUwYjcwYmFkN2E5LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMtNjUwYjcwYmFkN2E5 LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKABBC4dK kaNHY3y83c4+TPOAb2wD3DUCOLIrGCR/tDj0Z6XjopW2eATsSZPE3iBHdOdtgiN6 NUZ5YCmJemrKSG804YJ/TngrcmnUunIfCJtBEb9COmAS8M1MnUfaY76aoqzXEU7Y UzI81/NSnLgP/IJ15veu9x5HrFCdFvKM6ciYT/5t28X58I0NrNMkn08RMgPLAXuh mzu6us4hUejmb3+36Z58MseQsvIjYIl7Ttj1zYgy503ZPpzeT4mO3tTsSuJuyVJb rieTgP0+wrXsjSZjK1fSqq3dNCabGlYbHFhprXu+wp3FlR4Z59/oCHYcVAuzXimy nn3WIAOs5k4iAw== -----END CERTIFICATE-----Generated at Sat Dec 27 03:54:34 2025 by rpki-client