This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.mft File: BfCLdPURftOAcj2eQp7LSqU4Ulo.mft (raw, json) Hash identifier: n8sLruWwx5yvYcU3V5C6/l8NsKofHwIP+x0HbpHb4jM= Subject key identifier: D6:7A:1C:30:E4:E3:F5:C0:14:02:37:B0:83:BC:2D:30:03:9C:C0:CF Authority key identifier: 05:F0:8B:74:F5:11:7E:D3:80:72:3D:9E:42:9E:CB:4A:A5:38:52:5A Certificate issuer: /CN=05f08b74f5117ed380723d9e429ecb4aa538525a Certificate serial: 019B0EC9C19100BFCC2E82DE7E0A9E6FD2CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.mft Manifest number: 1774 Signing time: Thu 11 Dec 2025 19:01:01 +0000 Manifest this update: Thu 11 Dec 2025 19:01:01 +0000 Manifest next update: Fri 12 Dec 2025 19:01:01 +0000 Files and hashes: 1: BfCLdPURftOAcj2eQp7LSqU4Ulo.crl (hash: LduVHNoVdW1rAVmk3Bgyd8OWnSp/RTasYcPwuo9u9V4=) 2: cadUElPbaF409FA_2Wg_Q_GYDPU.roa (hash: NuxwFEiNd/qBOlqeuoFPvUGS7VeCKWQWl9Silhu16kg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.crl rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.mft rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:c9:c1:91:00:bf:cc:2e:82:de:7e:0a:9e:6f:d2:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05f08b74f5117ed380723d9e429ecb4aa538525a Validity Not Before: Dec 11 19:01:01 2025 GMT Not After : Dec 12 19:01:01 2025 GMT Subject: CN=d67a1c30e4e3f5c0140237b083bc2d30039cc0cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f3:c4:f0:8e:2a:09:54:0d:a7:a7:b8:ff:22: b2:8d:5a:91:bf:fa:b1:e6:96:6e:55:89:db:1e:8b: db:98:20:0a:8f:58:2b:49:2a:3f:18:ff:d7:5c:59: 31:5d:c7:76:31:1d:6e:61:0d:dd:6e:ba:58:2c:d1: 4c:85:78:08:4c:b7:8e:bf:b9:2f:9a:ce:c7:63:b6: c1:0f:1f:85:7b:09:a9:eb:69:d7:8e:5d:e0:ff:52: 92:f7:16:43:e2:d3:f0:a2:5b:80:b6:6f:60:9b:d0: 78:ac:75:ba:d4:e8:ff:2f:9e:b1:f8:09:c1:78:09: 97:9f:37:20:29:6f:57:ef:35:b7:55:7a:07:ba:17: d8:c7:5b:55:47:e2:2b:da:4b:96:15:46:4a:b9:90: 80:51:d9:f0:3f:4a:e6:76:50:0a:fe:70:00:27:73: 4d:06:c6:c9:8d:e6:7b:9f:75:bf:44:16:b6:5b:82: c8:70:79:43:59:c5:ca:8c:35:0d:1b:bc:6d:2a:80: 50:a2:dd:f0:29:b3:c7:d2:8d:46:a1:97:9c:13:1c: 2f:91:c6:b9:56:b4:54:22:bd:2d:e8:72:87:64:69: 98:59:1d:a8:2d:43:b4:b7:17:0a:70:6c:97:d7:98: 77:9b:e1:7b:91:64:ce:8d:fe:fe:76:68:f4:5b:cc: 60:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:7A:1C:30:E4:E3:F5:C0:14:02:37:B0:83:BC:2D:30:03:9C:C0:CF X509v3 Authority Key Identifier: keyid:05:F0:8B:74:F5:11:7E:D3:80:72:3D:9E:42:9E:CB:4A:A5:38:52:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:56:6b:fe:ff:9f:f4:a9:b6:96:be:48:da:af:3f:15:ce:d2: a1:d4:ec:b3:83:50:c2:8a:f7:00:02:95:1c:91:24:2e:a0:ff: a3:51:b9:8a:a4:25:c9:4a:c0:21:f7:3b:9b:ff:c7:d8:f3:a8: 97:38:3d:10:66:ec:ab:30:eb:50:ab:6a:b9:53:ba:6e:c4:84: d6:fa:87:f5:5a:1a:33:f7:ab:50:71:0d:cb:13:b7:10:15:0c: 92:08:9a:7c:0b:3e:3c:d5:63:d6:d8:61:59:7c:00:96:21:69: 56:3b:77:84:2e:a6:3a:42:14:29:73:34:c5:2f:c4:6b:80:b9: cc:0e:0f:87:c6:b2:f4:ee:5b:64:a0:5e:0c:2d:23:ee:b5:48: 1c:28:bd:56:51:31:20:b8:b9:49:f5:0e:ab:32:d4:3d:ce:bf: 5b:14:3e:e7:ba:1f:da:2a:e6:a2:26:f6:9d:84:57:46:1d:86: 1e:d0:05:94:d1:82:d3:7e:31:af:84:45:93:8b:83:bf:94:01: 31:08:17:c6:d6:78:e0:3e:11:77:02:2c:1d:ef:32:a0:c5:fd: 0d:5e:69:0b:b4:dc:28:44:5d:71:ca:e3:5f:9b:a6:05:f3:13: d6:15:87:b7:de:11:ae:9d:63:1b:6c:20:e7:be:4a:6e:21:51: 59:b1:6d:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOycGRAL/MLoLefgqeb9LKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1ZjA4Yjc0ZjUxMTdlZDM4MDcyM2Q5ZTQyOWVjYjRhYTUz ODUyNWEwHhcNMjUxMjExMTkwMTAxWhcNMjUxMjEyMTkwMTAxWjAzMTEwLwYDVQQD EyhkNjdhMWMzMGU0ZTNmNWMwMTQwMjM3YjA4M2JjMmQzMDAzOWNjMGNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvPE8I4qCVQNp6e4/yKyjVqRv/qx 5pZuVYnbHovbmCAKj1grSSo/GP/XXFkxXcd2MR1uYQ3dbrpYLNFMhXgITLeOv7kv ms7HY7bBDx+Fewmp62nXjl3g/1KS9xZD4tPwoluAtm9gm9B4rHW61Oj/L56x+AnB eAmXnzcgKW9X7zW3VXoHuhfYx1tVR+Ir2kuWFUZKuZCAUdnwP0rmdlAK/nAAJ3NN BsbJjeZ7n3W/RBa2W4LIcHlDWcXKjDUNG7xtKoBQot3wKbPH0o1GoZecExwvkca5 VrRUIr0t6HKHZGmYWR2oLUO0txcKcGyX15h3m+F7kWTOjf7+dmj0W8xggQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNZ6HDDk4/XAFAI3sIO8LTADnMDPMB8GA1UdIwQY MBaAFAXwi3T1EX7TgHI9nkKey0qlOFJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmZDTGRQVVJmdE9BY2oyZVFwN0xTcVU0VWxvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xODg2ZDgtZDg3NC00YzI0LTkyYjkt ZDQxYWM4MWQxY2M0LzEvQmZDTGRQVVJmdE9BY2oyZVFwN0xTcVU0VWxvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi8xODg2ZDgtZDg3NC00YzI0LTkyYjktZDQxYWM4MWQxY2M0 LzEvQmZDTGRQVVJmdE9BY2oyZVFwN0xTcVU0VWxvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeFZr/v+f 9Km2lr5I2q8/Fc7SodTss4NQwor3AAKVHJEkLqD/o1G5iqQlyUrAIfc7m//H2POo lzg9EGbsqzDrUKtquVO6bsSE1vqH9VoaM/erUHENyxO3EBUMkgiafAs+PNVj1thh WXwAliFpVjt3hC6mOkIUKXM0xS/Ea4C5zA4Ph8ay9O5bZKBeDC0j7rVIHCi9VlEx ILi5SfUOqzLUPc6/WxQ+57of2irmoib2nYRXRh2GHtAFlNGC034xr4RFk4uDv5QB MQgXxtZ44D4RdwIsHe8yoMX9DV5pC7TcKERdccrjX5umBfMT1hWHt94Rrp1jG2wg 575KbiFRWbFtiQ== -----END CERTIFICATE-----Generated at Fri Dec 12 04:00:21 2025 by rpki-client