This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft File: bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft (raw, json) Hash identifier: BbeenXdu5kdJBw62FM6FJ+qzyA+vjbVUeDBGzYMhpc0= Subject key identifier: 1E:E3:47:87:5D:22:EC:8D:34:DF:15:9F:5E:66:55:E1:A6:31:74:8D Authority key identifier: 6E:44:28:F7:F1:7B:19:C1:50:68:CA:B9:39:D3:77:94:0E:8D:4C:70 Certificate issuer: /CN=6e4428f7f17b19c15068cab939d377940e8d4c70 Certificate serial: 019B5A521226AA4763C7579FEF2EA6B8B285 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft Manifest number: 0548 Signing time: Fri 26 Dec 2025 11:01:26 +0000 Manifest this update: Fri 26 Dec 2025 11:01:26 +0000 Manifest next update: Sat 27 Dec 2025 11:01:26 +0000 Files and hashes: 1: bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl (hash: oJg0qB/A4EzkeHjOiHxLEvv46+NNH5pW8+KwJsRP++k=) 2: r5LfqFNzBSvkVNYj6vVDPex2eII.roa (hash: zD3Y+yhvhdTCP2LNWWBpR2SBF00RvRC4BFmgCTYqEsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:12:26:aa:47:63:c7:57:9f:ef:2e:a6:b8:b2:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e4428f7f17b19c15068cab939d377940e8d4c70 Validity Not Before: Dec 26 11:01:26 2025 GMT Not After : Dec 27 11:01:26 2025 GMT Subject: CN=1ee347875d22ec8d34df159f5e6655e1a631748d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b0:05:b3:8c:87:0f:84:26:1b:96:ba:35:24: 9b:28:c4:73:6b:01:60:26:83:2d:6f:ca:55:cf:c0: c0:e0:52:be:71:e0:09:a3:da:6a:ba:e0:a4:8d:15: 30:a6:95:e7:06:8b:df:3f:cd:44:f2:37:b4:70:70: 3b:21:59:39:8c:fd:d8:0f:1a:f1:bc:39:92:e8:e1: 20:bb:c5:93:cb:08:54:87:63:38:95:81:51:c1:b5: f3:6e:3e:bb:e5:6d:9c:b0:94:6e:86:8a:4f:38:44: 96:93:d6:64:00:b2:5c:93:71:dc:56:56:37:ea:56: bd:a5:b0:2a:8e:f7:29:e7:70:a1:b4:51:89:00:5d: 2f:b1:e6:fb:99:7f:d6:e5:63:49:88:2b:3f:ab:aa: 48:e3:87:97:b1:55:c3:62:e2:2d:ce:63:41:5c:d8: ec:a1:26:1e:05:50:91:e2:1c:bc:2e:e3:c2:54:07: 6e:81:84:2f:1d:46:98:5a:d2:ba:73:76:a8:0b:97: a3:9f:53:47:21:97:e1:7b:80:39:43:bf:05:f8:df: 5b:54:05:15:a0:92:29:42:51:52:67:cd:11:cd:9a: aa:a1:eb:ac:ae:ab:68:bc:e1:96:79:53:df:7e:31: 97:eb:4f:1a:d5:26:51:a5:0c:14:43:2c:46:49:24: 1b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E3:47:87:5D:22:EC:8D:34:DF:15:9F:5E:66:55:E1:A6:31:74:8D X509v3 Authority Key Identifier: keyid:6E:44:28:F7:F1:7B:19:C1:50:68:CA:B9:39:D3:77:94:0E:8D:4C:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkQo9_F7GcFQaMq5OdN3lA6NTHA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6cf5f4-3d60-41d7-ae1a-cbc331bfcdb2/1/bkQo9_F7GcFQaMq5OdN3lA6NTHA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:27:6b:91:e9:b3:72:0a:c2:a3:ce:90:2f:f2:4a:35:3e:da: bd:b9:37:5a:c1:a3:07:8b:1a:49:52:5e:70:e1:d3:5f:80:52: 42:4c:1f:73:25:54:18:39:5c:03:37:7b:9b:97:38:85:1d:48: 4a:94:af:47:f3:d5:cb:25:ae:fa:9a:1a:34:c3:93:c6:b7:26: e3:c0:ca:a4:25:77:c7:68:64:c0:2d:82:17:48:a6:33:e1:1d: d9:7c:6e:62:9d:24:23:11:4d:6e:01:06:a1:5f:cd:ce:50:01: e5:29:c9:ab:b5:3c:47:ac:34:bd:b7:e2:0d:fc:1f:06:6f:30: 09:f9:49:43:11:87:08:fb:b9:84:16:07:82:82:d9:da:4e:92: 36:e1:04:32:23:7d:18:2a:97:94:99:c1:85:8c:10:91:0e:d6: e6:92:8c:bc:e8:1d:6b:21:1e:f3:f5:41:ed:6b:56:2b:91:8e: f5:39:4a:7c:14:be:93:06:1d:cc:b9:a1:3a:b4:b9:63:7f:ed: ea:b4:6b:a4:f4:5b:2c:5b:db:4f:21:1b:cd:b8:60:31:f3:78: 24:94:07:07:a7:26:f2:62:fa:ea:ae:b9:82:c4:ed:c2:d1:b3: e8:17:4e:58:4f:6e:91:24:58:e6:0e:8e:ed:43:82:96:c0:30: aa:0a:a4:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUhImqkdjx1ef7y6muLKFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlNDQyOGY3ZjE3YjE5YzE1MDY4Y2FiOTM5ZDM3Nzk0MGU4 ZDRjNzAwHhcNMjUxMjI2MTEwMTI2WhcNMjUxMjI3MTEwMTI2WjAzMTEwLwYDVQQD EygxZWUzNDc4NzVkMjJlYzhkMzRkZjE1OWY1ZTY2NTVlMWE2MzE3NDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrAFs4yHD4QmG5a6NSSbKMRzawFg JoMtb8pVz8DA4FK+ceAJo9pquuCkjRUwppXnBovfP81E8je0cHA7IVk5jP3YDxrx vDmS6OEgu8WTywhUh2M4lYFRwbXzbj675W2csJRuhopPOESWk9ZkALJck3HcVlY3 6la9pbAqjvcp53ChtFGJAF0vseb7mX/W5WNJiCs/q6pI44eXsVXDYuItzmNBXNjs oSYeBVCR4hy8LuPCVAdugYQvHUaYWtK6c3aoC5ejn1NHIZfhe4A5Q78F+N9bVAUV oJIpQlFSZ80RzZqqoeusrqtovOGWeVPffjGX608a1SZRpQwUQyxGSSQbqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7jR4ddIuyNNN8Vn15mVeGmMXSNMB8GA1UdIwQY MBaAFG5EKPfxexnBUGjKuTnTd5QOjUxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82Y2Y1ZjQtM2Q2MC00MWQ3LWFlMWEt Y2JjMzMxYmZjZGIyLzEvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS82Y2Y1ZjQtM2Q2MC00MWQ3LWFlMWEtY2JjMzMxYmZjZGIy LzEvYmtRbzlfRjdHY0ZRYU1xNU9kTjNsQTZOVEhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUCdrkemz cgrCo86QL/JKNT7avbk3WsGjB4saSVJecOHTX4BSQkwfcyVUGDlcAzd7m5c4hR1I SpSvR/PVyyWu+poaNMOTxrcm48DKpCV3x2hkwC2CF0imM+Ed2XxuYp0kIxFNbgEG oV/NzlAB5SnJq7U8R6w0vbfiDfwfBm8wCflJQxGHCPu5hBYHgoLZ2k6SNuEEMiN9 GCqXlJnBhYwQkQ7W5pKMvOgdayEe8/VB7WtWK5GO9TlKfBS+kwYdzLmhOrS5Y3/t 6rRrpPRbLFvbTyEbzbhgMfN4JJQHB6cm8mL66q65gsTtwtGz6BdOWE9ukSRY5g6O 7UOClsAwqgqkqQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:14:58 2025 by rpki-client