This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft File: BaO2FkB7l-JhFjNId8aqkoqq7rI.mft (raw, json) Hash identifier: eJ2B153YFx27LZGw6OVwuy+1dP5zAdU4czfdbgQZF3A= Subject key identifier: DD:99:8D:66:D4:9F:6D:DF:A5:D2:61:5D:6B:EA:94:CB:31:8E:24:AE Authority key identifier: 05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 Certificate issuer: /CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Certificate serial: 019B0F6E5B926BCCABF79C0D205E7C49075B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft Manifest number: 0B5F Signing time: Thu 11 Dec 2025 22:00:49 +0000 Manifest this update: Thu 11 Dec 2025 22:00:49 +0000 Manifest next update: Fri 12 Dec 2025 22:00:49 +0000 Files and hashes: 1: BaO2FkB7l-JhFjNId8aqkoqq7rI.crl (hash: AV+Rz4olCoerWRbMYCkZsUJGoqVctmGUg/m5uxb48Nk=) 2: bDkAt0CCYnB2xqRfpALpEK1gmgo.roa (hash: HzyjrIASJdGjjHtk6b54LHkaX+3Gt8eRcO+z/aYxOaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:5b:92:6b:cc:ab:f7:9c:0d:20:5e:7c:49:07:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Validity Not Before: Dec 11 22:00:49 2025 GMT Not After : Dec 12 22:00:49 2025 GMT Subject: CN=dd998d66d49f6ddfa5d2615d6bea94cb318e24ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fb:a6:c5:0b:28:b5:ea:33:31:15:0d:20:7a: dc:dc:15:00:31:bb:f4:6d:70:d0:14:af:d7:7c:d2: 5a:87:4f:af:10:8e:9a:59:26:d4:24:6c:9b:f5:2a: b0:ac:90:21:8c:00:0e:55:a3:4c:78:3b:0e:ef:57: ee:01:c7:26:3b:d0:60:07:cc:d6:3d:69:4a:05:ec: 7c:9d:fe:61:f3:e8:9c:db:f9:37:e3:05:fe:75:b5: f5:b7:57:16:5e:04:23:0c:e1:3c:f7:33:04:f2:da: 13:92:a8:40:12:f9:ee:cc:bc:35:f2:cb:6f:1f:28: 84:eb:e0:23:d7:7d:8f:80:7d:77:8a:5c:85:80:68: 3f:4d:28:1b:dc:49:8b:a5:be:33:8b:aa:c6:ec:b9: f0:ed:78:c7:84:dd:6a:83:c1:2a:f9:e2:8f:80:25: 4e:54:36:ce:e4:11:fa:31:73:ba:70:31:21:e5:87: 1e:f6:5e:6f:09:9e:b5:da:03:87:a4:7b:14:52:3a: e9:2a:a6:1f:5e:21:cb:2a:de:ec:46:dd:ac:a9:45: 6d:5c:db:68:8e:11:b4:af:33:dd:52:ea:ac:c7:f1: d1:39:95:29:7f:02:1d:bc:dd:44:0c:4e:fb:5e:c9: ba:61:a4:20:a6:da:0a:f7:0a:3a:b9:34:c1:26:df: 0b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:99:8D:66:D4:9F:6D:DF:A5:D2:61:5D:6B:EA:94:CB:31:8E:24:AE X509v3 Authority Key Identifier: keyid:05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:23:4b:b8:50:2f:0e:c1:3d:1b:1b:fa:ac:bd:7c:e0:3f:a6: 5e:a1:59:be:61:d2:a0:8e:ee:37:81:1a:00:92:f6:bd:e7:c0: ea:da:8c:6a:17:5a:cb:8c:a1:28:55:e2:a5:ad:c3:c0:ff:29: 01:11:be:68:2c:0b:c6:1f:04:a7:70:6d:9b:66:23:87:cd:d8: 13:44:b5:08:5a:ec:9e:c8:f1:df:d0:a5:d0:e2:99:c0:1a:71: a6:68:17:99:cc:fb:5c:c5:1f:37:7a:5a:5b:d2:b3:43:e1:49: cb:fa:13:58:17:da:73:63:ee:5e:be:7c:07:88:47:b9:4f:13: fd:68:a8:b4:70:42:52:64:c0:29:73:a1:19:d3:d0:01:ac:35: 14:1d:11:53:44:61:00:a5:d3:33:c3:60:0d:76:67:6d:37:09: af:5a:95:8b:c9:ef:d7:2f:44:8a:52:f1:71:45:84:21:ff:da: 19:ac:fd:b3:cc:95:6e:b5:7b:73:74:71:6b:83:2a:b0:45:ce: 66:1a:7c:82:01:40:61:ba:85:90:e0:a0:d0:70:17:b3:bd:3e: 0c:59:12:41:db:24:8c:25:e4:1a:62:83:29:d8:e2:80:f7:dd: 2e:ad:da:bb:d9:42:5e:6e:e8:56:ad:f2:d6:c0:76:8c:00:55: 42:63:83:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbluSa8yr95wNIF58SQdbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1YTNiNjE2NDA3Yjk3ZTI2MTE2MzM0ODc3YzZhYTkyOGFh YWVlYjIwHhcNMjUxMjExMjIwMDQ5WhcNMjUxMjEyMjIwMDQ5WjAzMTEwLwYDVQQD EyhkZDk5OGQ2NmQ0OWY2ZGRmYTVkMjYxNWQ2YmVhOTRjYjMxOGUyNGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvumxQsoteozMRUNIHrc3BUAMbv0 bXDQFK/XfNJah0+vEI6aWSbUJGyb9SqwrJAhjAAOVaNMeDsO71fuAccmO9BgB8zW PWlKBex8nf5h8+ic2/k34wX+dbX1t1cWXgQjDOE89zME8toTkqhAEvnuzLw18stv HyiE6+Aj132PgH13ilyFgGg/TSgb3EmLpb4zi6rG7Lnw7XjHhN1qg8Eq+eKPgCVO VDbO5BH6MXO6cDEh5Yce9l5vCZ612gOHpHsUUjrpKqYfXiHLKt7sRt2sqUVtXNto jhG0rzPdUuqsx/HROZUpfwIdvN1EDE77Xsm6YaQgptoK9wo6uTTBJt8LZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2ZjWbUn23fpdJhXWvqlMsxjiSuMB8GA1UdIwQY MBaAFAWjthZAe5fiYRYzSHfGqpKKqu6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2Et YWQ1MTM1NzRhNDA0LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2EtYWQ1MTM1NzRhNDA0 LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVSNLuFAv DsE9Gxv6rL184D+mXqFZvmHSoI7uN4EaAJL2vefA6tqMahday4yhKFXipa3DwP8p ARG+aCwLxh8Ep3Btm2Yjh83YE0S1CFrsnsjx39Cl0OKZwBpxpmgXmcz7XMUfN3pa W9KzQ+FJy/oTWBfac2PuXr58B4hHuU8T/WiotHBCUmTAKXOhGdPQAaw1FB0RU0Rh AKXTM8NgDXZnbTcJr1qVi8nv1y9EilLxcUWEIf/aGaz9s8yVbrV7c3Rxa4MqsEXO Zhp8ggFAYbqFkOCg0HAXs70+DFkSQdskjCXkGmKDKdjigPfdLq3au9lCXm7oVq3y 1sB2jABVQmOD+g== -----END CERTIFICATE-----Generated at Fri Dec 12 04:03:41 2025 by rpki-client