This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft File: bSPOewwQBo-8RMAhlD4zkBPyruA.mft (raw, json) Hash identifier: Ldzfu/ogUXCC0a0g2BshW/wfF7BsaQs1XCeuBAigCxE= Subject key identifier: BD:B3:CE:E1:AA:1A:89:ED:85:08:A1:71:1D:99:2D:F1:CF:15:5F:AF Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Certificate serial: 019B0F6EF408F20A4434E1E318903F72E967 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft Manifest number: 1770 Signing time: Thu 11 Dec 2025 22:01:28 +0000 Manifest this update: Thu 11 Dec 2025 22:01:28 +0000 Manifest next update: Fri 12 Dec 2025 22:01:28 +0000 Files and hashes: 1: LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa (hash: ScQNvXtsK5w/Wj3QzlqfHMAUcdIYUpFbtGKhSGmn1FI=) 2: bSPOewwQBo-8RMAhlD4zkBPyruA.crl (hash: HG/5pW+KhxcHkw22IyZRPIHc9LaQEIYupik8OkPfD0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 22:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:f4:08:f2:0a:44:34:e1:e3:18:90:3f:72:e9:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0 Validity Not Before: Dec 11 22:01:28 2025 GMT Not After : Dec 12 22:01:28 2025 GMT Subject: CN=bdb3cee1aa1a89ed8508a1711d992df1cf155faf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3a:a8:ac:1c:ce:af:ec:51:0a:a7:cd:f1:65: f8:82:3e:1f:54:b5:c6:a7:85:be:b3:6b:12:8f:f1: b1:03:c5:3d:d8:95:49:40:8d:10:6e:fc:e8:1f:77: 78:96:53:a8:34:77:17:c3:50:c6:40:ec:92:1a:47: 35:ee:da:2c:76:1c:db:be:fd:d6:5c:27:97:ce:31: 8f:e4:ad:c8:3f:16:c9:67:fd:8d:fb:90:0a:db:55: d4:7f:08:06:07:4c:ab:03:aa:d1:70:79:d0:41:85: a5:72:2b:56:84:f5:65:25:fa:2a:d1:67:13:6e:39: 49:ca:49:46:fa:31:fd:97:0f:27:11:fc:07:c0:e8: 36:8a:75:4c:91:fc:69:09:0a:5f:81:20:8f:86:5c: 0f:e2:5d:67:85:d7:8c:6f:cc:2d:9e:46:0c:18:5f: c2:a2:90:54:69:27:49:1c:fc:73:a6:c5:46:4f:b5: f8:4f:19:12:8f:c8:b0:39:cb:9e:11:0c:ed:2e:66: 2d:be:09:22:49:e0:60:47:e9:37:d6:14:45:ab:a7: f5:6f:a2:20:78:fc:a2:e4:ae:5f:06:9a:0a:f7:25: 14:2b:82:8d:88:1c:8f:32:ac:01:14:99:df:c5:c5: 6c:3b:d7:e7:2b:25:3f:7d:de:c6:15:d2:0d:d7:0a: eb:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:B3:CE:E1:AA:1A:89:ED:85:08:A1:71:1D:99:2D:F1:CF:15:5F:AF X509v3 Authority Key Identifier: keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:35:84:2e:9f:c9:64:a9:d3:fc:23:df:a9:9a:50:b6:45:e4: ab:37:f0:40:dc:fd:f1:bf:34:81:70:91:36:01:37:f7:8a:23: 6e:77:57:22:4a:41:7f:2a:bf:b8:af:4a:16:e8:ba:6e:8c:59: c6:fd:99:19:c9:9d:0b:d1:a2:cc:ae:35:12:9f:1e:96:0b:73: 86:1d:d4:16:2f:68:41:3d:ad:b1:ff:12:22:70:5a:08:4d:da: e9:ff:d3:56:94:37:cf:f7:2a:9a:e3:f1:c3:90:82:c9:13:36: 37:05:a5:ac:0a:d4:f3:2d:7b:43:8d:b0:85:5e:1e:64:4c:55: 71:c2:3e:9e:85:8f:82:a7:87:9f:6a:3c:b1:06:4f:1c:bd:40: 44:8d:39:13:ab:0c:c5:be:7c:f9:6d:cb:b6:ed:bf:b9:ca:0e: 2e:93:5f:d7:55:65:3c:9f:a9:d6:1e:6f:94:64:04:7e:09:ac: b4:af:ef:6b:c9:a5:68:73:89:d4:0a:f7:8c:4b:0e:b6:fc:f6: 3a:d6:a5:5b:9c:65:63:f5:8e:1e:9f:4b:8e:20:d4:c4:7c:7b: e4:e3:a3:0c:7a:2d:78:95:89:dd:74:28:f8:ee:67:f0:42:cf: 4c:6e:b7:ae:66:fd:42:89:9b:b3:c3:78:3e:40:51:05:3e:02: fd:db:9a:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbvQI8gpENOHjGJA/culnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjNjZTdiMGMxMDA2OGZiYzQ0YzAyMTk0M2UzMzkwMTNm MmFlZTAwHhcNMjUxMjExMjIwMTI4WhcNMjUxMjEyMjIwMTI4WjAzMTEwLwYDVQQD EyhiZGIzY2VlMWFhMWE4OWVkODUwOGExNzExZDk5MmRmMWNmMTU1ZmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozqorBzOr+xRCqfN8WX4gj4fVLXG p4W+s2sSj/GxA8U92JVJQI0QbvzoH3d4llOoNHcXw1DGQOySGkc17tosdhzbvv3W XCeXzjGP5K3IPxbJZ/2N+5AK21XUfwgGB0yrA6rRcHnQQYWlcitWhPVlJfoq0WcT bjlJyklG+jH9lw8nEfwHwOg2inVMkfxpCQpfgSCPhlwP4l1nhdeMb8wtnkYMGF/C opBUaSdJHPxzpsVGT7X4TxkSj8iwOcueEQztLmYtvgkiSeBgR+k31hRFq6f1b6Ig ePyi5K5fBpoK9yUUK4KNiByPMqwBFJnfxcVsO9fnKyU/fd7GFdIN1wrrEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL2zzuGqGonthQihcR2ZLfHPFV+vMB8GA1UdIwQY MBaAFG0jznsMEAaPvETAIZQ+M5AT8q7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYt NDBjNWViYzZmNzM2LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYtNDBjNWViYzZmNzM2 LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzWELp/J ZKnT/CPfqZpQtkXkqzfwQNz98b80gXCRNgE394ojbndXIkpBfyq/uK9KFui6boxZ xv2ZGcmdC9GizK41Ep8elgtzhh3UFi9oQT2tsf8SInBaCE3a6f/TVpQ3z/cqmuPx w5CCyRM2NwWlrArU8y17Q42whV4eZExVccI+noWPgqeHn2o8sQZPHL1ARI05E6sM xb58+W3Ltu2/ucoOLpNf11VlPJ+p1h5vlGQEfgmstK/va8mlaHOJ1Ar3jEsOtvz2 OtalW5xlY/WOHp9LjiDUxHx75OOjDHoteJWJ3XQo+O5n8ELPTG63rmb9Qombs8N4 PkBRBT4C/dua6g== -----END CERTIFICATE-----Generated at Fri Dec 12 05:16:52 2025 by rpki-client