This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft File: bJSdK9ZO4X711H-WPj1depgrEq8.mft (raw, json) Hash identifier: +Fj24A/tA5tYnJwxAtvUxSh4IINKkf1gCh3N64EQcYo= Subject key identifier: 16:75:68:F4:32:B4:D3:55:36:30:E7:86:BE:D8:BB:AE:3C:E2:0F:B9 Authority key identifier: 6C:94:9D:2B:D6:4E:E1:7E:F5:D4:7F:96:3E:3D:5D:7A:98:2B:12:AF Certificate issuer: /CN=6c949d2bd64ee17ef5d47f963e3d5d7a982b12af Certificate serial: 019B59E3B45F477157E05FB573C029D5E0A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft Manifest number: 0C03 Signing time: Fri 26 Dec 2025 09:00:53 +0000 Manifest this update: Fri 26 Dec 2025 09:00:53 +0000 Manifest next update: Sat 27 Dec 2025 09:00:53 +0000 Files and hashes: 1: OyVcB1brzSxuoeEjBo4fT0W9OFc.roa (hash: sut6tQHQTuBMJAc0/1shERZEk1RWFKSSDeDy5cd5Klo=) 2: bJSdK9ZO4X711H-WPj1depgrEq8.crl (hash: ezJnL3k7NLyVp4IbWtA3Jyfo79ie1ZklvpQsXk+G5p8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.crl rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:b4:5f:47:71:57:e0:5f:b5:73:c0:29:d5:e0:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c949d2bd64ee17ef5d47f963e3d5d7a982b12af Validity Not Before: Dec 26 09:00:53 2025 GMT Not After : Dec 27 09:00:53 2025 GMT Subject: CN=167568f432b4d3553630e786bed8bbae3ce20fb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:39:ef:77:40:33:2b:8d:55:cb:70:da:83:8a: 7b:c2:8b:9d:39:65:00:65:2a:c1:88:3b:8a:93:0c: b1:e8:fe:7f:c9:f1:57:e2:de:19:cb:36:e3:2b:6d: 2d:44:f4:4a:22:02:39:2a:38:c2:94:85:45:2e:e6: 41:74:8f:6b:7c:00:2d:cf:0c:0a:ff:d3:b6:2a:b5: e8:11:8d:26:f5:b6:d0:ab:97:cc:8d:72:ef:5e:a9: 42:b8:36:be:f0:19:00:f5:14:03:ca:37:eb:d5:13: 2c:43:c0:ab:b9:da:46:40:a0:c6:ba:56:09:ff:e3: 25:2b:77:a8:cf:5d:e8:f2:55:bd:d5:2d:22:7d:25: bb:27:23:8b:ec:c0:92:b4:dd:0a:6a:bb:33:64:01: 6c:87:62:6c:e6:48:13:78:c0:fd:5e:5f:a6:26:c5: 4c:1c:fe:0b:0f:2f:f1:83:63:ad:3c:8b:df:96:20: 22:a4:1b:96:d7:56:93:9a:a5:3b:41:66:a8:0e:07: 5d:a5:fd:f9:3c:74:88:21:33:d0:2f:4d:7e:89:17: 92:30:d9:bd:64:8d:8e:c0:ee:ee:aa:fe:03:9d:91: 2b:ed:4d:54:07:51:d4:da:48:af:a5:31:ff:89:2b: f3:49:fa:fd:2b:0e:53:ca:da:30:d6:b3:37:c4:eb: 0d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:75:68:F4:32:B4:D3:55:36:30:E7:86:BE:D8:BB:AE:3C:E2:0F:B9 X509v3 Authority Key Identifier: keyid:6C:94:9D:2B:D6:4E:E1:7E:F5:D4:7F:96:3E:3D:5D:7A:98:2B:12:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bJSdK9ZO4X711H-WPj1depgrEq8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f8651b-c12b-42d4-afda-232f4703491f/1/bJSdK9ZO4X711H-WPj1depgrEq8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:74:29:55:fc:bb:ff:5f:75:88:72:15:14:76:08:59:1a:4c: e7:a7:27:aa:95:06:b4:f9:34:62:56:47:d4:73:70:18:18:a7: 06:62:be:c5:dd:a6:a0:01:78:a9:37:84:c5:79:3e:20:e8:f3: 23:2e:41:48:71:a7:ee:3d:df:d6:51:c9:a9:dd:e8:f6:65:79: 0b:49:a1:13:17:83:46:6d:cd:25:19:ff:c3:03:43:7a:c4:54: 89:f2:a2:45:bf:7a:e1:50:e5:45:c5:88:d1:32:e1:7f:f6:36: 26:47:36:22:ab:1f:03:f6:a3:26:31:d0:80:6f:b7:3c:93:4d: 77:88:08:82:a2:e6:92:7c:c6:5d:76:49:bc:21:b4:5b:9f:8e: e3:9a:7b:79:85:34:30:1c:4b:14:af:47:4e:a2:05:ff:de:b3: 39:39:e4:32:81:68:1d:b5:8d:25:43:a1:99:33:46:53:f1:0e: 93:96:02:9b:43:35:7c:10:e5:21:ee:f5:b0:8a:10:49:ca:f3: 37:5f:9d:a0:0e:d8:cc:5b:37:6e:92:46:46:65:0f:be:a4:e2: 53:41:28:10:20:4d:7a:f8:ae:b6:a1:5d:c2:a7:b4:f7:ec:4b: 4f:cf:32:2c:fe:67:45:2c:ff:7e:e7:b1:63:c3:83:97:46:cc: 9a:b5:66:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ47RfR3FX4F+1c8Ap1eClMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjOTQ5ZDJiZDY0ZWUxN2VmNWQ0N2Y5NjNlM2Q1ZDdhOTgy YjEyYWYwHhcNMjUxMjI2MDkwMDUzWhcNMjUxMjI3MDkwMDUzWjAzMTEwLwYDVQQD EygxNjc1NjhmNDMyYjRkMzU1MzYzMGU3ODZiZWQ4YmJhZTNjZTIwZmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTnvd0AzK41Vy3Dag4p7woudOWUA ZSrBiDuKkwyx6P5/yfFX4t4ZyzbjK20tRPRKIgI5KjjClIVFLuZBdI9rfAAtzwwK /9O2KrXoEY0m9bbQq5fMjXLvXqlCuDa+8BkA9RQDyjfr1RMsQ8CrudpGQKDGulYJ /+MlK3eoz13o8lW91S0ifSW7JyOL7MCStN0KarszZAFsh2Js5kgTeMD9Xl+mJsVM HP4LDy/xg2OtPIvfliAipBuW11aTmqU7QWaoDgddpf35PHSIITPQL01+iReSMNm9 ZI2OwO7uqv4DnZEr7U1UB1HU2kivpTH/iSvzSfr9Kw5Tytow1rM3xOsNgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBZ1aPQytNNVNjDnhr7Yu6484g+5MB8GA1UdIwQY MBaAFGyUnSvWTuF+9dR/lj49XXqYKxKvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mODY1MWItYzEyYi00MmQ0LWFmZGEt MjMyZjQ3MDM0OTFmLzEvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9mODY1MWItYzEyYi00MmQ0LWFmZGEtMjMyZjQ3MDM0OTFm LzEvYkpTZEs5Wk80WDcxMUgtV1BqMWRlcGdyRXE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXQpVfy7 /191iHIVFHYIWRpM56cnqpUGtPk0YlZH1HNwGBinBmK+xd2moAF4qTeExXk+IOjz Iy5BSHGn7j3f1lHJqd3o9mV5C0mhExeDRm3NJRn/wwNDesRUifKiRb964VDlRcWI 0TLhf/Y2Jkc2IqsfA/ajJjHQgG+3PJNNd4gIgqLmknzGXXZJvCG0W5+O45p7eYU0 MBxLFK9HTqIF/96zOTnkMoFoHbWNJUOhmTNGU/EOk5YCm0M1fBDlIe71sIoQScrz N1+doA7YzFs3bpJGRmUPvqTiU0EoECBNeviutqFdwqe09+xLT88yLP5nRSz/fuex Y8ODl0bMmrVmkQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:05 2025 by rpki-client