This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft File: bzipg89Dc6pJdJhasi1RTA9IHS4.mft (raw, json) Hash identifier: +CUnx59VTSy7YgRnVL9HqqGXA8+oKrEeX+wIRFQpQQ8= Subject key identifier: 57:3B:4A:41:7D:9B:44:71:F2:2E:3E:66:8E:55:7A:45:56:78:CE:56 Authority key identifier: 6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E Certificate issuer: /CN=6f38a983cf4373aa4974985ab22d514c0f481d2e Certificate serial: 019B4A026737C1C27E4328367986C7E0A78C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft Manifest number: 03DC Signing time: Tue 23 Dec 2025 07:00:30 +0000 Manifest this update: Tue 23 Dec 2025 07:00:30 +0000 Manifest next update: Wed 24 Dec 2025 07:00:30 +0000 Files and hashes: 1: HZb4ypfyyLknrNflDGCKDQospm0.roa (hash: DJb41fbhgLGXN4Umv3DyaNZTQa8ZY7nKkJ22hR0xLS4=) 2: bzipg89Dc6pJdJhasi1RTA9IHS4.crl (hash: 26fxNH1CsaYhF4BjlsPu3Kl4pLpxevJ5zGeJZkZxJrU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:02:67:37:c1:c2:7e:43:28:36:79:86:c7:e0:a7:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f38a983cf4373aa4974985ab22d514c0f481d2e Validity Not Before: Dec 23 07:00:30 2025 GMT Not After : Dec 24 07:00:30 2025 GMT Subject: CN=573b4a417d9b4471f22e3e668e557a455678ce56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:90:f2:c4:6a:7d:9d:c1:69:67:cf:d3:7c:eb: f2:f8:e7:68:cc:d1:81:6a:46:af:c1:9b:96:29:01: 12:fb:f1:35:a2:ad:19:02:1c:24:d3:7c:7d:97:37: 52:39:32:ea:b6:94:e5:24:d1:77:ed:35:da:06:39: 0f:35:11:5a:47:ca:7b:48:63:3a:80:db:d4:65:70: 58:7d:7a:ba:5f:b5:96:ea:0e:21:46:24:95:f7:99: c9:d7:d5:eb:14:c8:2a:8a:0e:7f:0e:a3:68:60:3f: 69:6b:3b:97:1e:17:76:4b:cc:e2:00:52:bd:c3:13: 3e:b1:84:99:8e:7d:41:46:1d:ac:eb:2c:6f:88:71: 4a:04:64:94:41:fe:64:92:4c:eb:c7:fa:92:7e:0b: 48:d9:52:dc:37:8c:e8:51:86:77:40:5d:cc:5a:fd: 99:83:90:86:61:79:45:62:5b:83:95:df:ad:68:86: c4:3c:d0:b8:74:2a:0b:47:a8:ad:91:d5:2c:e6:5c: f7:01:c7:d1:d7:57:15:f0:f7:fe:c8:6e:99:4c:32: 25:47:89:da:2a:f4:fc:47:7b:84:57:dc:9a:33:bc: 4f:69:a3:56:11:7a:52:56:6b:32:a4:6c:e9:ee:99: 8b:60:5c:23:4f:d3:1d:4d:96:ff:f5:b3:d0:39:a5: 8e:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:3B:4A:41:7D:9B:44:71:F2:2E:3E:66:8E:55:7A:45:56:78:CE:56 X509v3 Authority Key Identifier: keyid:6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:2d:b6:39:27:f5:44:88:5b:4d:9f:61:0d:70:da:55:65:4e: 85:f9:8e:39:a5:30:88:05:bd:b0:a4:1f:b5:bc:bb:fa:15:fb: 22:cb:79:2d:98:04:3e:73:db:f3:35:de:00:c1:99:b9:27:59: a4:cf:9a:d0:6b:fe:c6:3d:1c:4c:3a:ad:cb:b8:2a:88:c6:5b: 8a:e5:9a:ab:47:8f:35:35:50:5e:b4:a9:8c:e0:ff:44:40:d0: a7:ad:13:8e:4b:ad:31:fd:4c:45:fa:26:9b:c6:f6:c9:1e:a1: 4d:78:b6:32:7a:7a:50:cf:88:35:ed:01:15:47:f0:58:77:5d: e2:ce:7f:61:75:d6:76:4f:99:4f:4a:c8:da:0e:0d:ad:71:c5: 51:b8:1d:32:23:13:89:33:67:f5:34:62:96:27:72:f7:cd:54: 85:bf:47:f2:36:b6:3b:a2:b8:80:fe:a1:e8:47:27:37:73:63: 90:cc:3b:79:dc:e2:6a:76:4c:dc:6e:37:ab:39:86:71:72:7f: 84:42:1c:c9:6a:8a:5a:61:83:84:f8:eb:c5:cf:93:e6:70:c3: e4:fe:01:ac:17:1d:26:6a:c2:e4:fc:97:79:21:59:50:7e:31: 08:f9:14:04:a8:bb:96:d5:f2:9b:3c:3f:03:84:16:93:06:db: 8e:0a:f2:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKAmc3wcJ+Qyg2eYbH4KeMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzhhOTgzY2Y0MzczYWE0OTc0OTg1YWIyMmQ1MTRjMGY0 ODFkMmUwHhcNMjUxMjIzMDcwMDMwWhcNMjUxMjI0MDcwMDMwWjAzMTEwLwYDVQQD Eyg1NzNiNGE0MTdkOWI0NDcxZjIyZTNlNjY4ZTU1N2E0NTU2NzhjZTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZDyxGp9ncFpZ8/TfOvy+OdozNGB akavwZuWKQES+/E1oq0ZAhwk03x9lzdSOTLqtpTlJNF37TXaBjkPNRFaR8p7SGM6 gNvUZXBYfXq6X7WW6g4hRiSV95nJ19XrFMgqig5/DqNoYD9pazuXHhd2S8ziAFK9 wxM+sYSZjn1BRh2s6yxviHFKBGSUQf5kkkzrx/qSfgtI2VLcN4zoUYZ3QF3MWv2Z g5CGYXlFYluDld+taIbEPNC4dCoLR6itkdUs5lz3AcfR11cV8Pf+yG6ZTDIlR4na KvT8R3uEV9yaM7xPaaNWEXpSVmsypGzp7pmLYFwjT9MdTZb/9bPQOaWOVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFc7SkF9m0Rx8i4+Zo5VekVWeM5WMB8GA1UdIwQY MBaAFG84qYPPQ3OqSXSYWrItUUwPSB0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQt YWY1YTU2NzczMmVmLzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQtYWY1YTU2NzczMmVm LzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQS22OSf1 RIhbTZ9hDXDaVWVOhfmOOaUwiAW9sKQftby7+hX7Ist5LZgEPnPb8zXeAMGZuSdZ pM+a0Gv+xj0cTDqty7gqiMZbiuWaq0ePNTVQXrSpjOD/REDQp60TjkutMf1MRfom m8b2yR6hTXi2Mnp6UM+INe0BFUfwWHdd4s5/YXXWdk+ZT0rI2g4NrXHFUbgdMiMT iTNn9TRilidy981Uhb9H8ja2O6K4gP6h6EcnN3NjkMw7edzianZM3G43qzmGcXJ/ hEIcyWqKWmGDhPjrxc+T5nDD5P4BrBcdJmrC5PyXeSFZUH4xCPkUBKi7ltXymzw/ A4QWkwbbjgrylw== -----END CERTIFICATE-----Generated at Tue Dec 23 10:54:44 2025 by rpki-client