This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft File: BMWTwzo9oilIzOIyis8F2YoB8aU.mft (raw, json) Hash identifier: Pjpy4KB9zpg3kXJsstYOeYfyG9uP8T2Y2gqT8UQWFLA= Subject key identifier: BD:88:97:13:D4:F6:03:06:CE:75:D0:6E:1D:FC:0A:02:3E:0D:1C:EB Authority key identifier: 04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 Certificate issuer: /CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Certificate serial: 019B481577ABE42525AFF93880C115CC7A25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft Manifest number: 08BF Signing time: Mon 22 Dec 2025 22:02:04 +0000 Manifest this update: Mon 22 Dec 2025 22:02:04 +0000 Manifest next update: Tue 23 Dec 2025 22:02:04 +0000 Files and hashes: 1: BMWTwzo9oilIzOIyis8F2YoB8aU.crl (hash: Tc6PoSsqsR1Lr0iN8h0CaVq58HuAmtitUNwAlT0pt8E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:77:ab:e4:25:25:af:f9:38:80:c1:15:cc:7a:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04c593c33a3da22948cce2328acf05d98a01f1a5 Validity Not Before: Dec 22 22:02:04 2025 GMT Not After : Dec 23 22:02:04 2025 GMT Subject: CN=bd889713d4f60306ce75d06e1dfc0a023e0d1ceb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7e:71:c2:ef:c4:89:cb:36:7a:2a:96:e1:fb: f3:22:d8:ac:2f:29:df:80:5a:d2:90:32:62:c0:e6: dd:9e:5d:63:90:e3:28:10:86:6e:a4:35:70:b3:b5: b2:33:84:f9:43:83:eb:7a:9a:74:74:85:fb:c3:59: e7:c4:52:fb:05:29:17:b1:51:cb:12:d1:55:b6:cc: 5e:74:67:f4:38:68:be:c8:ea:6e:da:14:80:82:a8: 8c:fa:68:bb:76:87:18:23:4f:e0:e2:30:26:e6:6c: d8:63:c2:25:06:62:3b:14:9d:65:4d:aa:12:6c:8b: 57:b2:2f:bd:7f:db:52:eb:06:52:43:f7:14:2e:b7: da:d1:2c:07:39:b2:dd:2d:8a:dd:f6:96:a5:9e:6d: e1:de:89:9b:3e:ec:16:4e:06:44:03:e3:fd:30:8e: 3f:c8:ad:f1:a1:45:0e:b8:19:c8:ec:f2:e9:2c:a4: a8:fb:12:29:3f:61:a3:8e:80:53:8b:80:fc:8b:20: 3e:49:7d:ad:f8:4c:51:d0:d4:e5:7c:c6:64:62:ff: fb:e1:3f:c6:5f:4c:17:d5:13:13:db:41:98:f8:64: 3a:35:13:d0:1e:e5:4c:26:cf:03:1a:91:5b:95:0c: 27:f4:69:db:98:2c:19:87:8a:0c:b3:65:69:32:fc: 60:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:88:97:13:D4:F6:03:06:CE:75:D0:6E:1D:FC:0A:02:3E:0D:1C:EB X509v3 Authority Key Identifier: keyid:04:C5:93:C3:3A:3D:A2:29:48:CC:E2:32:8A:CF:05:D9:8A:01:F1:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMWTwzo9oilIzOIyis8F2YoB8aU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/007683-43ed-4a9c-b3ea-50a735b29760/1/BMWTwzo9oilIzOIyis8F2YoB8aU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:83:99:74:0d:85:d9:f0:33:ac:24:98:d0:a9:fa:0a:3d:b7: ea:82:42:a6:91:f5:c3:d6:4a:fb:32:7f:8f:64:d7:c9:75:70: d6:21:57:51:2b:b8:a0:a4:eb:d2:b6:f0:c7:72:d8:9b:d9:65: ba:1a:52:64:45:71:88:f3:34:83:2b:a3:cd:f9:1d:d7:29:05: 5d:d5:e8:d5:d1:e5:ec:f7:3f:dd:e7:59:bf:0d:cf:ce:1b:63: f9:b4:ff:cf:4a:56:03:45:06:ef:ad:bd:3d:39:c0:af:7b:25: 38:98:14:70:92:0f:a2:03:5c:d4:bd:19:e9:85:fd:5b:c1:56: ba:b7:1b:6c:bb:34:0d:8c:2a:13:f9:be:5d:9f:56:05:84:af: 5f:b8:38:d4:eb:ac:29:d9:59:7d:65:14:df:93:ae:05:bb:f4: 97:d8:1a:9f:dc:1c:36:07:52:fb:7d:b0:56:5d:b7:33:1d:ae: 14:cd:9f:35:f0:ba:52:5b:6a:af:76:ba:39:e8:c4:6d:dd:53: 11:31:cb:3d:cb:7c:45:10:af:94:26:c0:c3:9b:96:6b:6e:25: 4a:ae:73:87:9a:c8:99:5b:c8:64:33:0b:48:3a:63:ff:23:0a: 51:86:cc:59:1e:b6:80:50:31:8d:77:06:a2:0c:0a:cc:d5:75: 23:6f:a9:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFXer5CUlr/k4gMEVzHolMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0YzU5M2MzM2EzZGEyMjk0OGNjZTIzMjhhY2YwNWQ5OGEw MWYxYTUwHhcNMjUxMjIyMjIwMjA0WhcNMjUxMjIzMjIwMjA0WjAzMTEwLwYDVQQD EyhiZDg4OTcxM2Q0ZjYwMzA2Y2U3NWQwNmUxZGZjMGEwMjNlMGQxY2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun5xwu/Eics2eiqW4fvzItisLynf gFrSkDJiwObdnl1jkOMoEIZupDVws7WyM4T5Q4Prepp0dIX7w1nnxFL7BSkXsVHL EtFVtsxedGf0OGi+yOpu2hSAgqiM+mi7docYI0/g4jAm5mzYY8IlBmI7FJ1lTaoS bItXsi+9f9tS6wZSQ/cULrfa0SwHObLdLYrd9palnm3h3ombPuwWTgZEA+P9MI4/ yK3xoUUOuBnI7PLpLKSo+xIpP2GjjoBTi4D8iyA+SX2t+ExR0NTlfMZkYv/74T/G X0wX1RMT20GY+GQ6NRPQHuVMJs8DGpFblQwn9GnbmCwZh4oMs2VpMvxgBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL2IlxPU9gMGznXQbh38CgI+DRzrMB8GA1UdIwQY MBaAFATFk8M6PaIpSMziMorPBdmKAfGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEt NTBhNzM1YjI5NzYwLzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8wMDc2ODMtNDNlZC00YTljLWIzZWEtNTBhNzM1YjI5NzYw LzEvQk1XVHd6bzlvaWxJek9JeWlzOEYyWW9COGFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIOZdA2F 2fAzrCSY0Kn6Cj236oJCppH1w9ZK+zJ/j2TXyXVw1iFXUSu4oKTr0rbwx3LYm9ll uhpSZEVxiPM0gyujzfkd1ykFXdXo1dHl7Pc/3edZvw3Pzhtj+bT/z0pWA0UG7629 PTnAr3slOJgUcJIPogNc1L0Z6YX9W8FWurcbbLs0DYwqE/m+XZ9WBYSvX7g41Ous KdlZfWUU35OuBbv0l9gan9wcNgdS+32wVl23Mx2uFM2fNfC6Ultqr3a6OejEbd1T ETHLPct8RRCvlCbAw5uWa24lSq5zh5rImVvIZDMLSDpj/yMKUYbMWR62gFAxjXcG ogwKzNV1I2+pyQ== -----END CERTIFICATE-----Generated at Tue Dec 23 01:57:41 2025 by rpki-client