This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft File: BeHQfebxKPRpxMOzAorfjU034tk.mft (raw, json) Hash identifier: O9XCBv5fIWq8ATTxa5X9OGchHOi3IreqftgbnHiQSqI= Subject key identifier: DB:33:5F:F4:24:AB:BF:47:03:47:DC:71:CF:BF:8D:48:2F:48:56:D9 Authority key identifier: 05:E1:D0:7D:E6:F1:28:F4:69:C4:C3:B3:02:8A:DF:8D:4D:37:E2:D9 Certificate issuer: /CN=05e1d07de6f128f469c4c3b3028adf8d4d37e2d9 Certificate serial: 019B5907A62390C1CD2CA02FD0D512D3AEA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 05:00:31 +0000 Manifest this update: Fri 26 Dec 2025 05:00:31 +0000 Manifest next update: Sat 27 Dec 2025 05:00:31 +0000 Files and hashes: 1: 5_4qOd1GTRdKd6DbyMT4VAzgn60.roa (hash: Q449y6NU5T0NgahXGNO0aRD91GR+m9cfLNErlQRiyf0=) 2: BeHQfebxKPRpxMOzAorfjU034tk.crl (hash: 1Zq6gYKa987kpwRl4wApev1672vhGXI5epzpPPeZ1KA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:07:a6:23:90:c1:cd:2c:a0:2f:d0:d5:12:d3:ae:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05e1d07de6f128f469c4c3b3028adf8d4d37e2d9 Validity Not Before: Dec 26 05:00:31 2025 GMT Not After : Dec 27 05:00:31 2025 GMT Subject: CN=db335ff424abbf470347dc71cfbf8d482f4856d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:33:40:38:d5:ca:76:b2:c4:8f:8b:da:7f:9f: 0f:12:0f:09:81:e3:6b:f7:c9:b5:07:31:85:6b:34: 98:d7:cf:23:89:59:c9:41:1e:68:45:d7:22:4a:e5: 56:93:b9:03:8c:52:cf:e3:14:50:9f:a7:48:0a:62: 14:ec:64:69:12:c0:bb:97:e9:aa:36:66:7a:c7:5b: 3a:59:35:3e:6b:77:b9:b3:cb:ed:7b:6c:22:82:3c: ed:c2:67:40:e9:76:66:9e:aa:4a:32:21:9f:c4:ea: 7e:b6:38:c5:a3:21:4d:07:82:a6:a9:26:19:f3:0b: f1:3f:d1:18:13:e5:80:df:4d:cc:1d:7b:02:b8:da: f0:7d:e4:7b:8d:8a:df:77:3d:9d:b2:2f:69:a3:a9: 09:d8:fc:9b:ed:df:e4:4e:e6:13:86:cd:d2:f2:2b: a9:9f:b4:03:7c:fc:ab:53:0e:2a:36:41:f1:91:86: f5:a3:f6:1d:73:b3:3f:f1:56:f7:c9:1b:74:fc:d8: da:be:af:30:bc:dd:08:56:0e:af:02:40:c4:23:99: 42:e6:06:1b:f3:35:e9:dd:ce:20:25:48:65:ee:0a: 02:0e:c6:89:25:52:32:fa:4c:34:02:6b:a3:09:ef: e1:ca:35:50:78:f7:04:e3:64:be:e1:69:34:82:23: 47:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:33:5F:F4:24:AB:BF:47:03:47:DC:71:CF:BF:8D:48:2F:48:56:D9 X509v3 Authority Key Identifier: keyid:05:E1:D0:7D:E6:F1:28:F4:69:C4:C3:B3:02:8A:DF:8D:4D:37:E2:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BeHQfebxKPRpxMOzAorfjU034tk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9ce8f5-fed2-47ea-83b3-8d13f7b3f142/1/BeHQfebxKPRpxMOzAorfjU034tk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:26:c1:7f:07:c7:f5:68:2f:b3:d0:e3:c9:e5:80:35:6a:6a: 60:11:a6:67:65:5b:91:23:9f:7d:bd:11:d8:d8:d0:f2:98:61: c7:cc:86:a5:a6:4a:40:7e:11:ca:98:d8:02:3c:22:03:47:14: 87:8e:3c:9b:da:a6:3d:35:73:92:60:5e:f4:3e:09:5a:83:01: e3:01:68:0b:0d:5e:7a:e6:c0:3b:ef:2d:58:ab:56:a0:d7:c5: 42:bb:cc:a1:55:4a:3f:27:6e:60:f8:92:34:3f:c3:b8:2f:a9: 0d:0d:13:1c:c4:e2:47:4b:cb:02:ea:04:e7:ea:0e:a9:d1:8c: 57:c6:42:0c:35:2f:68:cc:47:69:8f:be:09:ae:a1:11:ef:cd: c3:48:a3:a8:86:e2:5e:8f:5e:b2:77:af:8f:8e:8f:c3:5e:e2: 21:ba:c7:a5:d6:17:eb:ce:56:ba:9d:63:a8:e8:1e:2c:7e:31: 82:e5:bc:d4:f4:84:48:54:d6:9c:b4:fb:31:de:8a:eb:d4:1d: c9:86:2c:21:6e:8c:2d:c1:8c:5c:cc:51:78:e0:7c:8c:d2:b7: 5f:76:1c:ff:fd:da:b9:5c:ff:59:ee:03:26:d6:af:88:7a:c7: e1:cd:9a:af:e4:e2:c7:c1:b4:a4:14:56:8b:b4:36:f7:37:5c: c1:a7:e0:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZB6YjkMHNLKAv0NUS066lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1ZTFkMDdkZTZmMTI4ZjQ2OWM0YzNiMzAyOGFkZjhkNGQz N2UyZDkwHhcNMjUxMjI2MDUwMDMxWhcNMjUxMjI3MDUwMDMxWjAzMTEwLwYDVQQD EyhkYjMzNWZmNDI0YWJiZjQ3MDM0N2RjNzFjZmJmOGQ0ODJmNDg1NmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jNAONXKdrLEj4vaf58PEg8JgeNr 98m1BzGFazSY188jiVnJQR5oRdciSuVWk7kDjFLP4xRQn6dICmIU7GRpEsC7l+mq NmZ6x1s6WTU+a3e5s8vte2wigjztwmdA6XZmnqpKMiGfxOp+tjjFoyFNB4KmqSYZ 8wvxP9EYE+WA303MHXsCuNrwfeR7jYrfdz2dsi9po6kJ2Pyb7d/kTuYThs3S8iup n7QDfPyrUw4qNkHxkYb1o/Ydc7M/8Vb3yRt0/Njavq8wvN0IVg6vAkDEI5lC5gYb 8zXp3c4gJUhl7goCDsaJJVIy+kw0AmujCe/hyjVQePcE42S+4Wk0giNHzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNszX/Qkq79HA0fccc+/jUgvSFbZMB8GA1UdIwQY MBaAFAXh0H3m8Sj0acTDswKK341NN+LZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85Y2U4ZjUtZmVkMi00N2VhLTgzYjMt OGQxM2Y3YjNmMTQyLzEvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi85Y2U4ZjUtZmVkMi00N2VhLTgzYjMtOGQxM2Y3YjNmMTQy LzEvQmVIUWZlYnhLUFJweE1PekFvcmZqVTAzNHRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCbBfwfH 9Wgvs9DjyeWANWpqYBGmZ2VbkSOffb0R2NjQ8phhx8yGpaZKQH4RypjYAjwiA0cU h448m9qmPTVzkmBe9D4JWoMB4wFoCw1eeubAO+8tWKtWoNfFQrvMoVVKPyduYPiS ND/DuC+pDQ0THMTiR0vLAuoE5+oOqdGMV8ZCDDUvaMxHaY++Ca6hEe/Nw0ijqIbi Xo9esnevj46Pw17iIbrHpdYX685Wup1jqOgeLH4xguW81PSESFTWnLT7Md6K69Qd yYYsIW6MLcGMXMxReOB8jNK3X3Yc//3auVz/We4DJtaviHrH4c2ar+Tix8G0pBRW i7Q29zdcwafgbA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:04 2025 by rpki-client