This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft File: BmVsWtlzg3LVTAN-OX81vpqpJNs.mft (raw, json) Hash identifier: cLG3pbxDhiL9zc3NO/1HMNLHqcE58WJY+RoXUNSt7Pc= Subject key identifier: FA:36:A6:9A:85:15:BC:9E:14:7E:1C:A1:EA:4A:9B:5B:FC:0F:AB:9D Authority key identifier: 06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB Certificate issuer: /CN=06656c5ad9738372d54c037e397f35be9aa924db Certificate serial: 019B330D0FBA70B42598C2A8E55287953353 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft Manifest number: 0351 Signing time: Thu 18 Dec 2025 20:00:52 +0000 Manifest this update: Thu 18 Dec 2025 20:00:52 +0000 Manifest next update: Fri 19 Dec 2025 20:00:52 +0000 Files and hashes: 1: BOJlFcCNxlleMHUbR9TjmHCDeZc.roa (hash: ujITDNQNM0fpryFmlYjLZ0Q/wbil/+me/IAh88EFBg8=) 2: BmVsWtlzg3LVTAN-OX81vpqpJNs.crl (hash: KFzNkW8wpQDmGxw7lAyPw1Mz8CNfJK0Rpe3sywvCB/w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:0d:0f:ba:70:b4:25:98:c2:a8:e5:52:87:95:33:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=06656c5ad9738372d54c037e397f35be9aa924db Validity Not Before: Dec 18 20:00:52 2025 GMT Not After : Dec 19 20:00:52 2025 GMT Subject: CN=fa36a69a8515bc9e147e1ca1ea4a9b5bfc0fab9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:f0:46:be:07:19:58:cd:d3:53:ca:77:b9:77: 3b:c9:af:d5:e2:45:21:9d:a6:82:07:43:7a:98:4a: 79:44:dd:d7:6f:0f:80:75:22:a0:30:ce:cd:61:08: b5:2e:e7:f1:e5:2b:87:f3:29:b9:2a:91:d1:97:7b: ae:13:ad:fd:52:45:99:2a:f2:ef:a7:44:78:f3:47: 8b:84:18:1d:63:c3:ac:22:8e:f8:49:39:6e:83:68: 47:26:ef:50:c4:93:58:e2:bc:84:b2:8e:c2:81:dd: e6:b4:14:bb:66:29:94:74:04:8c:4f:1b:58:d8:7c: 53:3c:d5:aa:8a:ba:24:f5:68:29:d4:5f:26:16:9c: c2:f7:6b:39:be:d8:ab:0c:a9:ed:7c:e3:b9:93:7b: 26:c0:63:4a:d9:8f:bc:f5:71:4c:60:13:50:e0:46: 18:8a:eb:5d:30:e6:e6:59:f3:8b:fa:e6:e2:13:3b: 7b:4c:c8:f1:b7:47:46:cd:51:01:e3:b8:28:d3:8e: 57:6a:16:d6:ea:59:27:ff:21:d2:44:68:e8:a9:d0: ad:e8:43:ba:dd:ba:84:5f:4b:48:6e:4d:0d:4b:a6: b8:91:f3:8a:1c:82:8e:e3:19:b4:3b:ce:ff:79:34: 1f:8e:82:19:f8:9f:b7:54:4c:5c:f3:bf:bd:e9:df: 38:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:36:A6:9A:85:15:BC:9E:14:7E:1C:A1:EA:4A:9B:5B:FC:0F:AB:9D X509v3 Authority Key Identifier: keyid:06:65:6C:5A:D9:73:83:72:D5:4C:03:7E:39:7F:35:BE:9A:A9:24:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmVsWtlzg3LVTAN-OX81vpqpJNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3b9d27-7ba4-409e-888c-8b076256f39d/1/BmVsWtlzg3LVTAN-OX81vpqpJNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:73:33:dc:ca:81:cd:6e:5e:1c:29:fd:24:e1:aa:fe:cf:01: b1:cf:84:19:e3:58:ee:30:93:08:89:bf:e9:66:99:04:f2:63: 22:88:63:7e:70:10:9c:2c:8e:ce:b4:b5:47:7e:79:d3:0c:91: 65:24:65:8f:fd:0a:26:24:a6:8d:9d:50:fe:da:35:a7:19:4e: a0:b8:77:78:b6:63:4d:b2:5b:8d:22:eb:c2:65:25:bc:5d:97: 1e:35:a4:63:81:ab:55:ca:34:63:9c:09:bd:29:c9:5f:da:76: 87:dd:a2:a2:12:90:44:13:92:6f:8e:14:49:3a:6d:1a:11:83: 0d:8e:c3:3a:25:7d:c5:08:08:69:89:0b:c6:9f:3f:99:a2:56: d2:c5:6a:29:09:5c:01:24:4e:42:6a:b1:7f:16:36:3e:1d:f7: 6e:0c:d7:8a:af:67:3d:e0:9e:a4:6c:36:40:96:ab:36:12:21: 64:96:7a:b9:12:fc:20:91:f6:d9:6a:0e:3e:1e:30:14:e7:bc: 2e:9a:88:1d:bb:c6:5f:6b:19:8f:9f:ff:0b:ce:3b:b5:ac:a9: 43:19:ed:6f:08:9d:59:f9:b7:10:dd:90:c2:44:91:6d:eb:90: ce:bd:d7:37:05:35:cb:82:84:ef:a0:42:3c:cd:cf:0a:ba:93: 0c:b9:6f:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszDQ+6cLQlmMKo5VKHlTNTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NjU2YzVhZDk3MzgzNzJkNTRjMDM3ZTM5N2YzNWJlOWFh OTI0ZGIwHhcNMjUxMjE4MjAwMDUyWhcNMjUxMjE5MjAwMDUyWjAzMTEwLwYDVQQD EyhmYTM2YTY5YTg1MTViYzllMTQ3ZTFjYTFlYTRhOWI1YmZjMGZhYjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fBGvgcZWM3TU8p3uXc7ya/V4kUh naaCB0N6mEp5RN3Xbw+AdSKgMM7NYQi1Lufx5SuH8ym5KpHRl3uuE639UkWZKvLv p0R480eLhBgdY8OsIo74STlug2hHJu9QxJNY4ryEso7Cgd3mtBS7ZimUdASMTxtY 2HxTPNWqirok9Wgp1F8mFpzC92s5vtirDKntfOO5k3smwGNK2Y+89XFMYBNQ4EYY iutdMObmWfOL+ubiEzt7TMjxt0dGzVEB47go045XahbW6lkn/yHSRGjoqdCt6EO6 3bqEX0tIbk0NS6a4kfOKHIKO4xm0O87/eTQfjoIZ+J+3VExc87+96d84owIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPo2ppqFFbyeFH4coepKm1v8D6udMB8GA1UdIwQY MBaAFAZlbFrZc4Ny1UwDfjl/Nb6aqSTbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMt OGIwNzYyNTZmMzlkLzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zYjlkMjctN2JhNC00MDllLTg4OGMtOGIwNzYyNTZmMzlk LzEvQm1Wc1d0bHpnM0xWVEFOLU9YODF2cHFwSk5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3Mz3MqB zW5eHCn9JOGq/s8Bsc+EGeNY7jCTCIm/6WaZBPJjIohjfnAQnCyOzrS1R3550wyR ZSRlj/0KJiSmjZ1Q/to1pxlOoLh3eLZjTbJbjSLrwmUlvF2XHjWkY4GrVco0Y5wJ vSnJX9p2h92iohKQRBOSb44USTptGhGDDY7DOiV9xQgIaYkLxp8/maJW0sVqKQlc ASROQmqxfxY2Ph33bgzXiq9nPeCepGw2QJarNhIhZJZ6uRL8IJH22WoOPh4wFOe8 LpqIHbvGX2sZj5//C847taypQxntbwidWfm3EN2QwkSRbeuQzr3XNwU1y4KE76BC PM3PCrqTDLlv9g== -----END CERTIFICATE-----Generated at Fri Dec 19 00:54:16 2025 by rpki-client