This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft File: BaO2FkB7l-JhFjNId8aqkoqq7rI.mft (raw, json) Hash identifier: ZjhhiUGQKF2de5RPlinlqe47o4KxfwN7K61Gk+K0sM8= Subject key identifier: 3D:CF:6B:7F:DD:B8:D9:8D:94:9A:D4:47:3C:FE:41:FF:38:84:11:DC Authority key identifier: 05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 Certificate issuer: /CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Certificate serial: 019B3BD93597AE3B97F2439B97D3B0F11F6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft Manifest number: 0B76 Signing time: Sat 20 Dec 2025 13:00:49 +0000 Manifest this update: Sat 20 Dec 2025 13:00:49 +0000 Manifest next update: Sun 21 Dec 2025 13:00:49 +0000 Files and hashes: 1: BaO2FkB7l-JhFjNId8aqkoqq7rI.crl (hash: gkNXFHcgS40qU7ea1gYbMjGfT8y7e9iTqRewXTnFWg8=) 2: bDkAt0CCYnB2xqRfpALpEK1gmgo.roa (hash: HzyjrIASJdGjjHtk6b54LHkaX+3Gt8eRcO+z/aYxOaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:35:97:ae:3b:97:f2:43:9b:97:d3:b0:f1:1f:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05a3b616407b97e26116334877c6aa928aaaeeb2 Validity Not Before: Dec 20 13:00:49 2025 GMT Not After : Dec 21 13:00:49 2025 GMT Subject: CN=3dcf6b7fddb8d98d949ad4473cfe41ff388411dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:67:2d:c0:dc:4d:89:5f:35:4d:1f:75:1b:ac: af:14:2f:9e:f5:ae:19:3c:30:35:f6:1d:aa:d0:22: bc:8c:76:24:96:47:12:2e:86:fb:a4:b5:bf:b6:55: 27:1d:f0:25:5f:da:23:c0:47:11:1c:2a:4f:35:b1: 7f:ff:6c:0a:87:89:31:0a:a4:6c:75:f3:d8:fb:04: 51:2e:78:1d:44:df:0d:fc:c9:07:26:7d:1c:fd:55: 93:b9:68:87:94:11:96:9d:5e:f2:86:ad:ff:99:40: 8d:55:82:11:41:f9:c2:36:34:c5:8f:b3:83:68:48: bb:f6:93:38:cb:90:5c:12:d6:93:73:58:d7:f8:5b: 41:93:78:e5:ad:9c:f2:c6:bb:f8:d4:fa:68:fe:2b: 93:0c:43:8d:fe:dc:d4:6c:9d:57:11:49:99:b4:a0: 3f:57:21:e1:58:a2:60:3a:43:c3:bd:43:28:51:ff: 1b:a0:55:cf:62:94:6c:ae:94:8a:d4:43:6d:e4:63: d4:c0:2b:18:06:98:e0:68:89:a7:1c:2f:dc:95:0d: fa:26:a0:af:a5:ed:aa:06:77:70:b0:e1:ad:79:a3: 25:41:99:ff:2d:92:59:4c:25:80:0f:31:ef:e3:bd: 03:9f:6d:4a:02:40:3a:0a:c1:4a:d7:8d:ca:0e:58: f5:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:CF:6B:7F:DD:B8:D9:8D:94:9A:D4:47:3C:FE:41:FF:38:84:11:DC X509v3 Authority Key Identifier: keyid:05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:5c:42:7b:ed:07:3f:a5:9e:d2:b7:c0:b6:21:cb:15:b9:3e: d3:3c:18:d2:3e:95:0d:b4:fe:dc:3f:d2:22:ca:b6:a7:06:62: 0b:32:3a:22:62:16:1e:60:67:e5:aa:c9:60:33:98:2e:b2:c1: 45:ea:a8:c8:86:4c:c8:a3:42:80:df:a4:ff:ed:e1:ef:c0:19: c9:81:e9:73:05:aa:f2:69:9e:23:3c:77:2f:8e:36:10:14:72: c2:cb:d3:63:d9:ce:3b:49:b6:91:f7:04:91:29:f0:96:96:16: a1:86:d3:7a:de:18:f7:1b:84:c3:a7:91:2d:d3:0b:d8:32:64: c8:fd:24:29:c3:49:6b:81:cb:c4:d8:80:46:f5:ad:88:c1:d0: 71:5b:f5:48:ed:e1:13:b6:49:64:08:3a:31:e0:77:59:b3:ea: 80:11:5e:a9:1f:e2:52:3e:56:7b:ce:66:f1:5c:d2:b6:2c:ab: 59:9d:88:b8:d6:d0:3d:d2:58:be:50:78:d2:7c:08:d7:34:66: 71:e5:47:e5:21:be:95:0c:24:3b:54:36:85:ed:b3:f5:8b:94: c5:8a:b3:d3:52:83:46:49:de:af:6a:9e:a8:75:09:60:e6:df: 29:c0:ec:18:54:7e:76:7d:a9:a8:21:ac:64:ff:85:e1:b3:b8: 5a:04:29:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72TWXrjuX8kObl9Ow8R9sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1YTNiNjE2NDA3Yjk3ZTI2MTE2MzM0ODc3YzZhYTkyOGFh YWVlYjIwHhcNMjUxMjIwMTMwMDQ5WhcNMjUxMjIxMTMwMDQ5WjAzMTEwLwYDVQQD EygzZGNmNmI3ZmRkYjhkOThkOTQ5YWQ0NDczY2ZlNDFmZjM4ODQxMWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGctwNxNiV81TR91G6yvFC+e9a4Z PDA19h2q0CK8jHYklkcSLob7pLW/tlUnHfAlX9ojwEcRHCpPNbF//2wKh4kxCqRs dfPY+wRRLngdRN8N/MkHJn0c/VWTuWiHlBGWnV7yhq3/mUCNVYIRQfnCNjTFj7OD aEi79pM4y5BcEtaTc1jX+FtBk3jlrZzyxrv41Ppo/iuTDEON/tzUbJ1XEUmZtKA/ VyHhWKJgOkPDvUMoUf8boFXPYpRsrpSK1ENt5GPUwCsYBpjgaImnHC/clQ36JqCv pe2qBndwsOGteaMlQZn/LZJZTCWADzHv470Dn21KAkA6CsFK143KDlj1rwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD3Pa3/duNmNlJrURzz+Qf84hBHcMB8GA1UdIwQY MBaAFAWjthZAe5fiYRYzSHfGqpKKqu6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2Et YWQ1MTM1NzRhNDA0LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2EtYWQ1MTM1NzRhNDA0 LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFxCe+0H P6We0rfAtiHLFbk+0zwY0j6VDbT+3D/SIsq2pwZiCzI6ImIWHmBn5arJYDOYLrLB ReqoyIZMyKNCgN+k/+3h78AZyYHpcwWq8mmeIzx3L442EBRywsvTY9nOO0m2kfcE kSnwlpYWoYbTet4Y9xuEw6eRLdML2DJkyP0kKcNJa4HLxNiARvWtiMHQcVv1SO3h E7ZJZAg6MeB3WbPqgBFeqR/iUj5We85m8VzStiyrWZ2IuNbQPdJYvlB40nwI1zRm ceVH5SG+lQwkO1Q2he2z9YuUxYqz01KDRkner2qeqHUJYObfKcDsGFR+dn2pqCGs ZP+F4bO4WgQpYg== -----END CERTIFICATE-----Generated at Sat Dec 20 18:08:50 2025 by rpki-client