This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft File: bzipg89Dc6pJdJhasi1RTA9IHS4.mft (raw, json) Hash identifier: BeQI1y2FWllYGMjjPu7ICEqeguIA0EjTPPHFGuu0PXY= Subject key identifier: 1A:60:51:D4:13:40:69:B8:7E:83:DD:FC:66:D6:9F:96:AD:D8:19:97 Authority key identifier: 6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E Certificate issuer: /CN=6f38a983cf4373aa4974985ab22d514c0f481d2e Certificate serial: 019B3A9053F6FC66C1AAAE15A21DA2BBB167 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft Manifest number: 03D4 Signing time: Sat 20 Dec 2025 07:01:35 +0000 Manifest this update: Sat 20 Dec 2025 07:01:35 +0000 Manifest next update: Sun 21 Dec 2025 07:01:35 +0000 Files and hashes: 1: HZb4ypfyyLknrNflDGCKDQospm0.roa (hash: DJb41fbhgLGXN4Umv3DyaNZTQa8ZY7nKkJ22hR0xLS4=) 2: bzipg89Dc6pJdJhasi1RTA9IHS4.crl (hash: 9JzSyk4PWfWQHGREETCFTZXizwOv/58SLErEcyTqtJo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:53:f6:fc:66:c1:aa:ae:15:a2:1d:a2:bb:b1:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f38a983cf4373aa4974985ab22d514c0f481d2e Validity Not Before: Dec 20 07:01:35 2025 GMT Not After : Dec 21 07:01:35 2025 GMT Subject: CN=1a6051d4134069b87e83ddfc66d69f96add81997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:8c:3f:5f:35:cc:e6:2c:71:ae:f7:e4:bc:aa: 87:c5:62:db:cf:2c:e5:ee:15:a5:27:79:30:84:4f: 69:14:48:b9:a9:a4:8b:08:89:07:59:f3:25:e0:a7: c4:49:23:e6:d7:96:43:82:2f:4b:08:87:ad:ca:18: 6e:81:a2:4d:ec:38:e9:f1:33:c2:12:1f:66:03:3e: e5:29:34:1f:58:48:f8:1d:46:8a:b2:54:bf:66:71: 03:f3:d6:2c:85:fd:e4:8d:e6:02:67:77:bf:e6:e5: 61:16:21:2b:2c:3f:60:b1:04:1e:ba:dc:b2:53:4f: d7:54:fa:03:5e:40:28:60:e2:cf:01:31:ee:b4:4e: b6:9b:1a:ab:50:98:d5:e3:04:6d:fd:d1:80:11:56: 6b:a1:67:b7:00:8b:d5:56:a6:56:17:9f:bb:86:b9: 2c:ec:43:d6:83:1b:eb:09:f5:85:31:18:d2:fb:5f: eb:74:30:48:ac:08:e3:f2:79:66:51:e4:69:70:93: 4c:8e:93:c2:93:6f:89:80:54:a8:41:15:82:ec:5a: 98:9b:90:ed:25:9e:42:fd:05:3d:db:31:5a:59:9e: fa:75:7d:71:13:e8:d9:fd:e9:84:01:d0:c6:6d:2c: bd:3a:dc:11:eb:6e:cf:55:5f:9d:1d:cc:6f:9a:39: b4:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:60:51:D4:13:40:69:B8:7E:83:DD:FC:66:D6:9F:96:AD:D8:19:97 X509v3 Authority Key Identifier: keyid:6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:8a:c9:a2:80:44:d6:f8:2a:a8:9c:42:c3:35:a5:9a:f9:6c: 16:c0:94:ef:d7:2f:6e:c4:8b:e5:51:79:22:ed:78:25:8a:4b: 07:fe:ca:e0:9a:02:fb:53:49:b5:df:81:64:be:75:26:90:0f: 9c:49:e8:f8:dd:5a:f9:66:54:df:e6:3c:f6:19:44:04:95:9b: a9:e5:0d:3a:00:4e:c2:da:c1:29:1c:7a:a3:b8:d4:72:13:f2: 88:bb:68:c1:6a:1a:c7:02:37:fe:b7:b4:7d:dd:97:6d:e7:eb: 3c:6d:06:2c:9c:9a:a4:75:e5:52:18:59:ff:99:26:f4:9b:8a: 80:99:09:38:db:73:ab:08:e5:32:9f:5d:4d:5e:01:80:b8:17: 81:3d:78:37:dd:a1:58:ea:c7:c0:41:67:20:5b:d5:47:a0:8c: 44:9d:a2:dc:8c:13:bc:96:2c:8c:f9:28:2e:51:eb:90:54:5a: d7:71:0b:16:ca:59:68:dc:68:ca:e8:fe:3a:7a:15:4a:24:da: 0e:49:27:f1:2c:b2:8d:70:2d:1e:6f:7d:ff:86:7c:19:d2:91: e0:f3:06:18:2c:84:76:73:b0:af:12:b1:5c:51:50:fc:46:62: 65:9d:9e:69:7b:97:d4:f2:b2:63:5b:a3:a1:ed:11:39:65:2d: 87:5d:5d:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kFP2/GbBqq4Voh2iu7FnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzhhOTgzY2Y0MzczYWE0OTc0OTg1YWIyMmQ1MTRjMGY0 ODFkMmUwHhcNMjUxMjIwMDcwMTM1WhcNMjUxMjIxMDcwMTM1WjAzMTEwLwYDVQQD EygxYTYwNTFkNDEzNDA2OWI4N2U4M2RkZmM2NmQ2OWY5NmFkZDgxOTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4w/XzXM5ixxrvfkvKqHxWLbzyzl 7hWlJ3kwhE9pFEi5qaSLCIkHWfMl4KfESSPm15ZDgi9LCIetyhhugaJN7Djp8TPC Eh9mAz7lKTQfWEj4HUaKslS/ZnED89Yshf3kjeYCZ3e/5uVhFiErLD9gsQQeutyy U0/XVPoDXkAoYOLPATHutE62mxqrUJjV4wRt/dGAEVZroWe3AIvVVqZWF5+7hrks 7EPWgxvrCfWFMRjS+1/rdDBIrAjj8nlmUeRpcJNMjpPCk2+JgFSoQRWC7FqYm5Dt JZ5C/QU92zFaWZ76dX1xE+jZ/emEAdDGbSy9OtwR627PVV+dHcxvmjm02QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBpgUdQTQGm4foPd/GbWn5at2BmXMB8GA1UdIwQY MBaAFG84qYPPQ3OqSXSYWrItUUwPSB0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQt YWY1YTU2NzczMmVmLzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQtYWY1YTU2NzczMmVm LzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIIrJooBE 1vgqqJxCwzWlmvlsFsCU79cvbsSL5VF5Iu14JYpLB/7K4JoC+1NJtd+BZL51JpAP nEno+N1a+WZU3+Y89hlEBJWbqeUNOgBOwtrBKRx6o7jUchPyiLtowWoaxwI3/re0 fd2XbefrPG0GLJyapHXlUhhZ/5km9JuKgJkJONtzqwjlMp9dTV4BgLgXgT14N92h WOrHwEFnIFvVR6CMRJ2i3IwTvJYsjPkoLlHrkFRa13ELFspZaNxoyuj+OnoVSiTa Dkkn8SyyjXAtHm99/4Z8GdKR4PMGGCyEdnOwrxKxXFFQ/EZiZZ2eaXuX1PKyY1uj oe0ROWUth11dTw== -----END CERTIFICATE-----Generated at Sat Dec 20 14:02:21 2025 by rpki-client