This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft File: bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json) Hash identifier: 3S9jKx9ncjUzNUQTPz3bif2fRAqE0OPl9mdPW4Uj59c= Subject key identifier: CE:42:FD:72:89:7F:B0:03:4E:64:D2:D3:51:95:94:01:EB:EE:62:59 Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D Certificate issuer: /CN=6cb76b5363383d68e555e5270a5931d8340e180d Certificate serial: 019B32D78E3856133B8B2430D33D8233B555 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft Manifest number: 0F10 Signing time: Thu 18 Dec 2025 19:02:25 +0000 Manifest this update: Thu 18 Dec 2025 19:02:25 +0000 Manifest next update: Fri 19 Dec 2025 19:02:25 +0000 Files and hashes: 1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: jW1zG4+3dhNwtSpxyQNWCW+HnNYTsZBwM/WEIoHIM98=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:8e:38:56:13:3b:8b:24:30:d3:3d:82:33:b5:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d Validity Not Before: Dec 18 19:02:25 2025 GMT Not After : Dec 19 19:02:25 2025 GMT Subject: CN=ce42fd72897fb0034e64d2d351959401ebee6259 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ad:9d:be:61:1a:a7:cc:8b:91:07:c8:32:28: c9:13:37:93:6a:2f:28:bd:4b:f0:01:70:d0:fa:43: 67:89:80:a6:8a:40:2f:68:19:01:72:d6:60:3b:45: 16:15:bc:95:13:17:a9:f3:3b:13:05:b3:8a:bc:26: 68:f6:cd:c1:ee:4d:7b:f9:83:69:74:ab:a6:3f:4f: 3a:4b:16:9d:9a:0b:94:29:ea:bc:49:3a:cc:4d:15: a6:14:d6:c3:a4:bc:83:dd:6c:84:f6:a2:66:3e:42: 49:7a:b7:53:f1:7c:da:b0:db:ab:d9:09:88:ff:2a: 73:97:0a:b0:3f:f7:e2:06:91:c8:5e:d4:b5:0c:26: bf:3b:4d:cc:4a:c5:ed:57:97:b2:f7:05:6b:c8:81: 2c:82:c2:9f:8a:cb:dc:27:4c:1f:78:87:77:09:6e: 24:50:7f:33:98:4c:28:61:eb:05:ea:3a:0a:eb:c1: fd:6c:43:93:b8:62:a7:f2:30:27:f2:05:40:c3:67: a2:90:f2:39:9d:8a:0d:ee:92:67:8a:c3:19:0a:e2: eb:08:0a:80:1c:13:1d:2b:64:5d:97:e5:f9:86:a4: dc:fa:15:a0:9c:a1:3d:58:1a:b3:f5:ba:e1:e3:e6: ae:04:f9:a5:3c:09:0b:79:27:4e:c0:9a:57:36:e3: 69:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:42:FD:72:89:7F:B0:03:4E:64:D2:D3:51:95:94:01:EB:EE:62:59 X509v3 Authority Key Identifier: keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:f9:c5:24:0e:bc:cd:4f:62:a0:11:23:e8:f3:ae:31:6b:3b: a6:c0:c2:a1:50:a6:aa:67:a2:da:ea:0e:4e:82:a3:c9:c8:ea: 1a:b2:bc:18:cf:15:31:33:bf:f4:bc:88:e5:2c:12:be:da:66: 92:56:ff:a3:ac:f9:10:c8:5c:20:b9:51:11:43:03:80:63:6d: ae:ed:64:76:ea:09:11:2e:e4:bd:0c:b3:15:ae:52:bb:e7:29: e9:f6:40:f1:32:6a:ec:25:27:5a:00:f8:8f:eb:75:f1:13:67: a3:fa:b2:ab:1a:17:a3:f3:7b:d3:1a:0b:d9:7f:f0:f6:3a:4c: db:b0:01:e0:73:0a:54:93:da:bc:01:9c:41:20:4d:9f:78:b7: ea:da:60:40:9d:63:ba:4d:ae:7d:e0:5b:26:86:02:a5:d3:af: 16:46:8b:75:11:2e:1c:7a:57:1c:3d:24:82:65:01:bf:f2:cc: a9:9f:c8:1b:bb:ec:f7:75:53:6e:9c:1a:23:64:16:0a:e6:57: 36:04:de:cc:ee:23:ef:5c:63:a7:f6:3b:ca:2d:e5:a4:50:6a: 03:3b:b6:16:80:f7:bc:12:6d:76:47:64:85:fa:db:f0:b3:3c: a7:62:ca:5b:74:ea:43:a1:bb:98:d3:8e:04:f3:fd:cf:7a:98: 32:39:0c:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1444VhM7iyQw0z2CM7VVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw ZTE4MGQwHhcNMjUxMjE4MTkwMjI1WhcNMjUxMjE5MTkwMjI1WjAzMTEwLwYDVQQD EyhjZTQyZmQ3Mjg5N2ZiMDAzNGU2NGQyZDM1MTk1OTQwMWViZWU2MjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq2dvmEap8yLkQfIMijJEzeTai8o vUvwAXDQ+kNniYCmikAvaBkBctZgO0UWFbyVExep8zsTBbOKvCZo9s3B7k17+YNp dKumP086SxadmguUKeq8STrMTRWmFNbDpLyD3WyE9qJmPkJJerdT8XzasNur2QmI /ypzlwqwP/fiBpHIXtS1DCa/O03MSsXtV5ey9wVryIEsgsKfisvcJ0wfeId3CW4k UH8zmEwoYesF6joK68H9bEOTuGKn8jAn8gVAw2eikPI5nYoN7pJnisMZCuLrCAqA HBMdK2Rdl+X5hqTc+hWgnKE9WBqz9brh4+auBPmlPAkLeSdOwJpXNuNpRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM5C/XKJf7ADTmTS01GVlAHr7mJZMB8GA1UdIwQY MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfnFJA68 zU9ioBEj6POuMWs7psDCoVCmqmei2uoOToKjycjqGrK8GM8VMTO/9LyI5SwSvtpm klb/o6z5EMhcILlREUMDgGNtru1kduoJES7kvQyzFa5Su+cp6fZA8TJq7CUnWgD4 j+t18RNno/qyqxoXo/N70xoL2X/w9jpM27AB4HMKVJPavAGcQSBNn3i36tpgQJ1j uk2ufeBbJoYCpdOvFkaLdREuHHpXHD0kgmUBv/LMqZ/IG7vs93VTbpwaI2QWCuZX NgTezO4j71xjp/Y7yi3lpFBqAzu2FoD3vBJtdkdkhfrb8LM8p2LKW3TqQ6G7mNOO BPP9z3qYMjkM6Q== -----END CERTIFICATE-----Generated at Fri Dec 19 00:11:38 2025 by rpki-client