This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft File: bSPOewwQBo-8RMAhlD4zkBPyruA.mft (raw, json) Hash identifier: 1ukfM8e1YEhGDTSAkN8L87DB9OUPW/nZbPVpFwzmiRc= Subject key identifier: 93:63:09:24:4D:4B:F8:D0:47:8E:F8:BD:40:96:4E:0D:56:6C:14:3B Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Certificate serial: 019B1B04D58FCC2D2E8CBEAB5DBD5C6D1392 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft Manifest number: 1776 Signing time: Sun 14 Dec 2025 04:01:00 +0000 Manifest this update: Sun 14 Dec 2025 04:01:00 +0000 Manifest next update: Mon 15 Dec 2025 04:01:00 +0000 Files and hashes: 1: LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa (hash: ScQNvXtsK5w/Wj3QzlqfHMAUcdIYUpFbtGKhSGmn1FI=) 2: bSPOewwQBo-8RMAhlD4zkBPyruA.crl (hash: n0lkVS4LDT0Vs+jUbWb8w1aWImXgkifMrZw9iKr7Tgs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:04:d5:8f:cc:2d:2e:8c:be:ab:5d:bd:5c:6d:13:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Validity Not Before: Dec 14 04:01:00 2025 GMT Not After : Dec 15 04:01:00 2025 GMT Subject: CN=936309244d4bf8d0478ef8bd40964e0d566c143b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a3:0f:82:e8:60:19:f8:c4:56:49:7e:3f:ec: 0e:3e:43:3b:5d:43:e3:37:ec:6f:eb:c2:e8:20:15: 1b:2a:d0:47:6d:1d:53:d3:c8:7c:8b:57:30:64:3f: 37:23:9a:83:a3:b5:8b:aa:bd:41:4e:19:22:be:2a: 03:7b:31:17:99:54:ef:5d:3e:e1:5d:93:44:11:47: 01:ea:f8:24:93:82:fe:d9:65:05:82:41:f4:74:12: c4:db:35:af:09:b8:a4:c0:32:5b:fc:e1:de:52:c4: 8d:3a:ef:a1:3a:6e:87:9c:33:6b:5b:61:38:b9:97: fc:54:0d:53:45:22:15:e4:d7:e0:85:c6:1b:6d:da: 0e:ee:a5:bf:e7:44:aa:8e:16:73:e4:5c:00:51:ad: 8f:e8:4e:e9:ee:c3:db:6a:f1:53:fc:79:7d:b7:a5: 85:e1:74:6b:8e:21:66:47:24:31:8d:b9:9c:96:98: e0:ed:ae:57:ac:0d:d8:dd:37:06:40:3d:b0:13:38: d3:4a:bc:81:a7:1a:31:bd:95:60:6e:60:d9:28:f9: 96:f2:b5:c6:ec:2f:cb:2c:1b:d0:2a:a4:ed:4d:5f: 3b:21:f8:b9:d6:d3:de:53:7f:fc:02:a0:b1:a7:c1: 44:bd:fb:27:b7:61:87:8f:8d:1a:71:5f:45:d8:3f: e5:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:63:09:24:4D:4B:F8:D0:47:8E:F8:BD:40:96:4E:0D:56:6C:14:3B X509v3 Authority Key Identifier: keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:8a:55:c1:34:15:12:d8:c5:cf:c8:c8:23:09:9a:76:c5:8a: 88:3b:dc:9f:46:0e:6f:ec:21:94:63:df:68:e2:b1:87:ff:82: 3f:8e:18:c6:c4:cf:0d:aa:60:23:32:47:91:00:ca:e6:37:1d: 12:b4:ae:9e:7a:05:b1:97:04:90:da:5a:c6:d1:10:66:2a:65: c9:f0:d5:74:70:95:0b:4a:4c:13:0f:b4:e6:f2:5d:69:ed:14: 5f:66:9d:ec:03:95:4b:e2:4d:f2:cd:72:72:98:3f:d7:0f:44: cf:83:1f:47:47:bd:de:17:8a:4c:6b:35:69:61:2e:74:21:14: f7:dd:99:c2:ac:ff:59:2f:c5:b3:1c:e8:57:20:56:7a:1a:78: 33:88:c6:3a:2b:8d:0c:b6:53:1e:91:41:7a:b7:cc:f5:bf:be: e8:fc:7f:99:53:0a:0b:a0:61:b9:ed:2d:05:04:cd:0f:6d:73: 10:86:df:80:30:e6:7b:70:32:ab:8f:6c:31:84:f3:54:6a:4f: d7:99:92:d4:7b:c4:50:f1:e2:81:e8:6e:db:22:cb:04:f3:10: f6:0c:ff:32:42:e0:35:46:b3:ac:4a:3a:74:71:27:50:f4:3d: d2:11:58:29:50:28:ea:d9:01:4d:c0:39:62:8d:1e:96:ee:4e: df:21:d9:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbBNWPzC0ujL6rXb1cbROSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjNjZTdiMGMxMDA2OGZiYzQ0YzAyMTk0M2UzMzkwMTNm MmFlZTAwHhcNMjUxMjE0MDQwMTAwWhcNMjUxMjE1MDQwMTAwWjAzMTEwLwYDVQQD Eyg5MzYzMDkyNDRkNGJmOGQwNDc4ZWY4YmQ0MDk2NGUwZDU2NmMxNDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqMPguhgGfjEVkl+P+wOPkM7XUPj N+xv68LoIBUbKtBHbR1T08h8i1cwZD83I5qDo7WLqr1BThkivioDezEXmVTvXT7h XZNEEUcB6vgkk4L+2WUFgkH0dBLE2zWvCbikwDJb/OHeUsSNOu+hOm6HnDNrW2E4 uZf8VA1TRSIV5NfghcYbbdoO7qW/50SqjhZz5FwAUa2P6E7p7sPbavFT/Hl9t6WF 4XRrjiFmRyQxjbmclpjg7a5XrA3Y3TcGQD2wEzjTSryBpxoxvZVgbmDZKPmW8rXG 7C/LLBvQKqTtTV87Ifi51tPeU3/8AqCxp8FEvfsnt2GHj40acV9F2D/lyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJNjCSRNS/jQR474vUCWTg1WbBQ7MB8GA1UdIwQY MBaAFG0jznsMEAaPvETAIZQ+M5AT8q7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYt NDBjNWViYzZmNzM2LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYtNDBjNWViYzZmNzM2 LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJopVwTQV EtjFz8jIIwmadsWKiDvcn0YOb+whlGPfaOKxh/+CP44YxsTPDapgIzJHkQDK5jcd ErSunnoFsZcEkNpaxtEQZiplyfDVdHCVC0pMEw+05vJdae0UX2ad7AOVS+JN8s1y cpg/1w9Ez4MfR0e93heKTGs1aWEudCEU992Zwqz/WS/FsxzoVyBWehp4M4jGOiuN DLZTHpFBerfM9b++6Px/mVMKC6Bhue0tBQTND21zEIbfgDDme3Ayq49sMYTzVGpP 15mS1HvEUPHigehu2yLLBPMQ9gz/MkLgNUazrEo6dHEnUPQ90hFYKVAo6tkBTcA5 Yo0elu5O3yHZ1Q== -----END CERTIFICATE-----Generated at Sun Dec 14 07:47:05 2025 by rpki-client