This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft File: BjfRzl3D-oAOHR3PvaqEH93UOQU.mft (raw, json) Hash identifier: GT6f53ZE/j7gDm1bU6h5kOgEXzA/pw34d80fL2dkfeI= Subject key identifier: 28:52:74:09:35:F0:02:4F:DB:85:2A:9D:5F:4F:6A:A8:9B:0C:AB:DE Authority key identifier: 06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05 Certificate issuer: /CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905 Certificate serial: 019B37FC74335182BDE241F4FB033CFCC8E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft Manifest number: 15CF Signing time: Fri 19 Dec 2025 19:00:50 +0000 Manifest this update: Fri 19 Dec 2025 19:00:50 +0000 Manifest next update: Sat 20 Dec 2025 19:00:50 +0000 Files and hashes: 1: BjfRzl3D-oAOHR3PvaqEH93UOQU.crl (hash: WJwKq1U+qUn4SILMr57G4srTV2HwpACCUwwr7ebJuT4=) 2: cqs27uyShJLHJ19HI0wbuu9K6Mw.roa (hash: Io5SItgYrsPuNxUpvFI/wIElXAajrpA8wR3rTKWJTBI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:fc:74:33:51:82:bd:e2:41:f4:fb:03:3c:fc:c8:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0637d1ce5dc3fa800e1d1dcfbdaa841fddd43905 Validity Not Before: Dec 19 19:00:50 2025 GMT Not After : Dec 20 19:00:50 2025 GMT Subject: CN=2852740935f0024fdb852a9d5f4f6aa89b0cabde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:85:7f:2d:12:c2:90:79:4c:19:77:93:19:39: a8:4a:45:5e:89:51:8e:7f:2a:c0:e0:8d:a0:98:89: 97:9b:5e:40:9c:61:3c:aa:26:e0:9b:09:f8:83:b6: d5:66:ee:d3:4c:22:d3:85:d8:cb:68:fc:61:1e:81: ba:f0:fe:fa:aa:ab:39:16:91:f7:28:10:d8:5f:c1: a7:ec:43:60:8e:6a:97:22:6c:66:1a:3a:d5:51:9f: 8b:6e:1b:b4:c9:7b:e5:00:70:ce:d5:b4:f7:2d:7b: f7:a4:6e:ae:4f:92:9a:0d:57:5b:d8:dd:36:36:bc: 1f:9b:30:ac:03:04:71:1a:c4:3c:c8:88:6b:c2:87: 9d:4a:35:2a:14:29:95:f4:19:ff:4a:2f:50:c1:cd: 8c:70:c4:f8:ea:87:b0:1b:7d:87:a1:f1:85:f7:6e: 69:ec:cb:c3:b0:a0:3c:f0:7a:29:a4:0b:b8:f7:e7: cc:9c:ac:c6:42:ad:32:bf:dd:5c:0f:87:5f:3b:d4: bd:b1:51:3a:4b:7e:00:6c:2c:a4:da:7c:25:38:33: 54:65:5a:4f:6a:70:47:32:2b:e9:8d:92:73:0f:6c: 20:bd:34:3d:7c:31:96:9c:c6:6d:fd:b3:ba:6c:6a: 8a:3c:06:81:b7:cb:ac:45:bf:25:9e:3b:80:32:7a: 43:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:52:74:09:35:F0:02:4F:DB:85:2A:9D:5F:4F:6A:A8:9B:0C:AB:DE X509v3 Authority Key Identifier: keyid:06:37:D1:CE:5D:C3:FA:80:0E:1D:1D:CF:BD:AA:84:1F:DD:D4:39:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjfRzl3D-oAOHR3PvaqEH93UOQU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/eaa602-2a3f-4f32-abce-3d80d686e747/1/BjfRzl3D-oAOHR3PvaqEH93UOQU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:15:b6:3f:da:1d:ea:0d:10:0f:1e:40:38:0b:35:d9:16:55: 6f:6d:81:3a:23:6a:6c:09:f1:4c:7b:96:90:d3:98:d6:55:b5: bc:b4:4a:2d:64:0d:7e:58:ea:f0:85:df:77:0c:13:ff:b3:1b: f6:e6:b3:64:82:5f:5c:20:86:86:7e:75:de:2a:ac:f1:cf:75: b4:26:e1:e9:b3:9c:d2:0c:b9:64:ad:1e:da:d4:40:6c:cc:19: 97:a6:1c:61:4f:f6:02:15:90:79:ad:95:5b:1d:e4:e0:7b:42: 28:7c:c1:0f:a2:55:cf:81:71:6e:e6:5d:a5:88:e5:d8:44:64: d7:40:37:2e:35:84:ab:13:72:ee:65:ab:c6:60:65:81:c4:0b: d7:15:47:31:37:b4:f4:af:29:18:47:be:d1:ea:2e:49:19:8c: 7d:d2:a6:03:e9:9e:ef:16:cf:53:67:c7:cc:fc:0a:ce:c8:1c: 23:bf:cc:bc:a5:90:6d:78:90:a2:74:d2:48:6e:76:6e:b1:e5: 4f:dd:8d:51:3a:61:79:c6:cc:cf:15:c2:2e:f7:f8:df:61:6a: 46:26:bd:aa:ce:42:7c:1b:cb:c4:ab:c6:64:a0:87:53:0f:c3: 41:85:3c:95:e0:ac:0e:97:59:7d:1d:00:b1:23:c7:48:1a:64: 8a:73:b1:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3/HQzUYK94kH0+wM8/MjmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2MzdkMWNlNWRjM2ZhODAwZTFkMWRjZmJkYWE4NDFmZGRk NDM5MDUwHhcNMjUxMjE5MTkwMDUwWhcNMjUxMjIwMTkwMDUwWjAzMTEwLwYDVQQD EygyODUyNzQwOTM1ZjAwMjRmZGI4NTJhOWQ1ZjRmNmFhODliMGNhYmRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoV/LRLCkHlMGXeTGTmoSkVeiVGO fyrA4I2gmImXm15AnGE8qibgmwn4g7bVZu7TTCLThdjLaPxhHoG68P76qqs5FpH3 KBDYX8Gn7ENgjmqXImxmGjrVUZ+Lbhu0yXvlAHDO1bT3LXv3pG6uT5KaDVdb2N02 NrwfmzCsAwRxGsQ8yIhrwoedSjUqFCmV9Bn/Si9Qwc2McMT46oewG32HofGF925p 7MvDsKA88HoppAu49+fMnKzGQq0yv91cD4dfO9S9sVE6S34AbCyk2nwlODNUZVpP anBHMivpjZJzD2wgvTQ9fDGWnMZt/bO6bGqKPAaBt8usRb8lnjuAMnpDDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFChSdAk18AJP24UqnV9PaqibDKveMB8GA1UdIwQY MBaAFAY30c5dw/qADh0dz72qhB/d1DkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2Ut M2Q4MGQ2ODZlNzQ3LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9lYWE2MDItMmEzZi00ZjMyLWFiY2UtM2Q4MGQ2ODZlNzQ3 LzEvQmpmUnpsM0Qtb0FPSFIzUHZhcUVIOTNVT1FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRW2P9od 6g0QDx5AOAs12RZVb22BOiNqbAnxTHuWkNOY1lW1vLRKLWQNfljq8IXfdwwT/7Mb 9uazZIJfXCCGhn513iqs8c91tCbh6bOc0gy5ZK0e2tRAbMwZl6YcYU/2AhWQea2V Wx3k4HtCKHzBD6JVz4FxbuZdpYjl2ERk10A3LjWEqxNy7mWrxmBlgcQL1xVHMTe0 9K8pGEe+0eouSRmMfdKmA+me7xbPU2fHzPwKzsgcI7/MvKWQbXiQonTSSG52brHl T92NUTphecbMzxXCLvf432FqRia9qs5CfBvLxKvGZKCHUw/DQYU8leCsDpdZfR0A sSPHSBpkinOxjg== -----END CERTIFICATE-----Generated at Sat Dec 20 00:14:55 2025 by rpki-client