This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft File: BjfRzl3D-oAOHR3PvaqEH93UOQU.mft (raw, json) Hash identifier: tAOtOAOpOzk20n1Oar88Fi3CYntYuniEmY/JSXAy3jk= Subject key identifier: 84:FC:3B:DC:AE:79:01:A0:2A:34:33:4C:0D:16:B2:9D:A0:6E:C7:C0 Authority key identifier: 06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05 Certificate issuer: /CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905 Certificate serial: 019B0F6ED2B0EE1FD9E75B6121EC00C1471F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft Manifest number: 15BA Signing time: Thu 11 Dec 2025 22:01:19 +0000 Manifest this update: Thu 11 Dec 2025 22:01:19 +0000 Manifest next update: Fri 12 Dec 2025 22:01:19 +0000 Files and hashes: 1: BjfRzl3D-oAOHR3PvaqEH93UOQU.crl (hash: RltSCFvfS1L++4EnjMHXQPdydl/w0SM0uWV6UIYCFFg=) 2: cqs27uyShJLHJ19HI0wbuu9K6Mw.roa (hash: Io5SItgYrsPuNxUpvFI/wIElXAajrpA8wR3rTKWJTBI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:d2:b0:ee:1f:d9:e7:5b:61:21:ec:00:c1:47:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905 Validity Not Before: Dec 11 22:01:19 2025 GMT Not After : Dec 12 22:01:19 2025 GMT Subject: CN=84fc3bdcae7901a02a34334c0d16b29da06ec7c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c0:eb:a6:05:3e:dd:96:e8:f1:1c:23:e6:bd: 0b:c8:fc:b3:76:3e:b8:e8:42:10:94:e7:9a:ca:5d: c4:f2:0b:c0:de:ac:7f:cf:fa:f0:58:ee:6b:02:02: 00:aa:e0:38:33:9c:48:c7:90:c9:01:fa:fa:03:d3: d7:db:69:51:fc:48:68:27:51:d5:d6:0e:74:1f:2f: 72:1f:9d:60:2e:3f:43:77:b5:13:91:b2:0b:81:30: 29:fe:63:3a:d0:fa:98:76:4c:ed:bb:58:ab:3d:65: 83:ca:d6:8c:6c:ca:77:2e:d8:49:ef:d0:b3:b0:ab: 4d:81:53:fe:b1:67:7c:9f:62:b8:22:97:c8:3e:43: b9:a7:3b:d3:82:69:34:21:f2:a0:e6:10:1c:c6:48: 56:bc:28:9f:c0:4a:94:20:98:da:95:9d:5a:90:f3: c9:97:53:bf:53:75:bb:9b:71:5f:a0:88:42:b2:f7: 1f:60:06:28:fb:40:50:2e:5b:31:bd:78:14:99:16: 51:b5:14:1b:e8:ae:0a:22:aa:1c:b9:10:7e:f8:70: 1e:12:4a:e2:d7:e3:1f:b1:65:ac:07:a2:2b:d3:c7: d8:d6:cb:73:ec:b8:fc:b9:d0:b2:d5:14:13:69:2d: 71:a4:b6:95:3f:61:09:57:91:9d:f6:aa:95:b3:c2: 33:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:FC:3B:DC:AE:79:01:A0:2A:34:33:4C:0D:16:B2:9D:A0:6E:C7:C0 X509v3 Authority Key Identifier: keyid:06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:2c:c7:88:41:c9:cb:5b:c2:3c:05:94:6b:14:a8:ad:97:39: 1b:04:03:0a:4f:2b:e9:f4:03:56:0f:a4:4e:fa:fa:94:c4:53: ff:2b:7b:14:89:89:eb:51:78:f3:9e:f4:eb:48:ed:42:b7:df: 6f:62:33:14:2f:74:b8:51:f4:e4:d2:06:0e:56:dc:30:52:7b: 62:7e:40:bb:dd:05:d9:ac:8b:8b:5e:38:40:c8:36:b8:cd:0c: a1:02:60:6a:0a:3e:da:6f:7b:d6:7f:48:90:de:15:8a:cb:55: 98:af:ba:f2:f8:ac:fd:d4:ba:de:71:47:1b:37:22:8c:c5:f0: ac:4c:fa:5e:2b:6c:ae:d0:9c:0b:7f:8a:96:dc:9e:b5:cf:27: bd:01:aa:4e:a4:c2:e9:5f:3b:b3:aa:30:92:0e:2d:ad:ca:9a: f2:8d:66:ff:51:90:4a:2c:44:45:62:21:4d:a5:02:7e:f4:7c: 7d:b7:60:0e:f5:be:fa:0f:73:24:4f:0b:68:9f:3d:a8:5b:85: c0:5c:f1:48:10:aa:a6:32:28:1a:bb:c1:ab:82:45:3b:37:b4: 5e:fc:19:c9:5d:32:bb:bb:fd:5e:91:e4:6a:91:de:8e:de:ff: d0:21:9d:2d:58:45:c1:24:38:74:e0:85:c6:b7:ba:44:39:e4: a0:b0:56:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbtKw7h/Z51thIewAwUcfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2MzdkMWNlNWRjM2ZhODAwZTFkMWRjZmJkYWE4NDFmZGRk NDM5MDUwHhcNMjUxMjExMjIwMTE5WhcNMjUxMjEyMjIwMTE5WjAzMTEwLwYDVQQD Eyg4NGZjM2JkY2FlNzkwMWEwMmEzNDMzNGMwZDE2YjI5ZGEwNmVjN2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMDrpgU+3Zbo8Rwj5r0LyPyzdj64 6EIQlOeayl3E8gvA3qx/z/rwWO5rAgIAquA4M5xIx5DJAfr6A9PX22lR/EhoJ1HV 1g50Hy9yH51gLj9Dd7UTkbILgTAp/mM60PqYdkztu1irPWWDytaMbMp3LthJ79Cz sKtNgVP+sWd8n2K4IpfIPkO5pzvTgmk0IfKg5hAcxkhWvCifwEqUIJjalZ1akPPJ l1O/U3W7m3FfoIhCsvcfYAYo+0BQLlsxvXgUmRZRtRQb6K4KIqocuRB++HAeEkri 1+MfsWWsB6Ir08fY1stz7Lj8udCy1RQTaS1xpLaVP2EJV5Gd9qqVs8IzFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIT8O9yueQGgKjQzTA0Wsp2gbsfAMB8GA1UdIwQY MBaAFAY30c5dw/qADh0dz72qhB/d1DkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2Ut M2Q4MGQ2ODZlNzQ3LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2UtM2Q4MGQ2ODZlNzQ3 LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJSzHiEHJ y1vCPAWUaxSorZc5GwQDCk8r6fQDVg+kTvr6lMRT/yt7FImJ61F4857060jtQrff b2IzFC90uFH05NIGDlbcMFJ7Yn5Au90F2ayLi144QMg2uM0MoQJgago+2m971n9I kN4VistVmK+68vis/dS63nFHGzcijMXwrEz6XitsrtCcC3+Kltyetc8nvQGqTqTC 6V87s6owkg4trcqa8o1m/1GQSixERWIhTaUCfvR8fbdgDvW++g9zJE8LaJ89qFuF wFzxSBCqpjIoGrvBq4JFOze0XvwZyV0yu7v9XpHkapHejt7/0CGdLVhFwSQ4dOCF xre6RDnkoLBWug== -----END CERTIFICATE-----Generated at Fri Dec 12 02:36:56 2025 by rpki-client