This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft File: BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft (raw, json) Hash identifier: lBj/yLqBLB0A8owdCeTBmNcNhyZ7jBCMBwbTKmQQIFM= Subject key identifier: D7:06:18:1D:6E:1C:55:20:09:CA:9D:A8:3F:E0:A2:47:4E:AB:89:1C Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Certificate serial: 019B31FA9ACBA48EC4CB326ABBBE7BE8DD41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft Manifest number: 0C67 Signing time: Thu 18 Dec 2025 15:01:05 +0000 Manifest this update: Thu 18 Dec 2025 15:01:05 +0000 Manifest next update: Fri 19 Dec 2025 15:01:05 +0000 Files and hashes: 1: BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl (hash: Nw1le2l9pT0XE6m2zXaWEacgj9eiP0T2ngpRDlYyWdQ=) 2: dShe1ipT6-Y_-edVr4eNtxtPKAo.roa (hash: 34QucPlafnV+iMZk3j4FDiUJFtGuS1f17YL6xBvVoIo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 15:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:9a:cb:a4:8e:c4:cb:32:6a:bb:be:7b:e8:dd:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Validity Not Before: Dec 18 15:01:05 2025 GMT Not After : Dec 19 15:01:05 2025 GMT Subject: CN=d706181d6e1c552009ca9da83fe0a2474eab891c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:92:ee:23:2f:61:0f:64:7b:65:2f:30:f3:fe: c6:35:13:c0:b3:97:7d:4d:f6:5c:b6:83:93:7e:35: 4a:2b:47:f3:de:0b:32:b4:78:ed:10:1b:c0:5b:02: b7:30:b6:44:a6:ca:21:ae:f4:91:4c:b9:13:5f:4f: 0b:5d:3e:98:48:8d:69:55:52:00:28:87:67:64:6d: be:69:88:c9:21:2f:48:d5:93:1a:00:e5:cb:70:95: 12:c2:34:24:e7:0f:61:0d:c1:ad:9d:78:d5:26:2b: 17:45:2e:61:2f:3a:f2:6d:a7:aa:44:2b:a0:75:56: 9a:90:d3:e8:a6:32:91:d7:07:9f:21:28:9c:0f:7c: c6:84:28:a2:3b:ef:f6:fd:e6:55:d8:bc:24:57:88: 72:33:25:39:de:1d:bc:9e:b8:61:90:e5:13:fd:29: 6d:99:bc:1a:03:e0:ff:2f:fe:ec:ce:58:a4:40:29: 2d:e9:42:cb:44:62:c0:7f:33:44:68:92:94:af:4d: b3:91:c1:ca:c9:a0:c4:03:fb:27:65:54:a8:8f:07: 30:cf:9b:38:90:78:91:50:c2:1d:c2:da:79:8e:24: 52:a3:96:da:d9:f5:ad:73:b2:9f:3b:b9:08:27:e7: f7:ac:2a:3c:18:1c:e4:24:c4:15:29:60:51:9c:21: 98:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:06:18:1D:6E:1C:55:20:09:CA:9D:A8:3F:E0:A2:47:4E:AB:89:1C X509v3 Authority Key Identifier: keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:d8:e0:50:8d:3e:ff:a0:ed:37:2c:a5:0d:c0:95:a8:76:17: f3:e7:46:05:8a:e5:a6:0a:84:1f:af:e6:7c:e1:c5:7d:66:4c: ef:a6:b6:f0:df:07:26:6f:1d:6e:0c:ce:b1:bc:ef:77:36:ff: 28:71:04:b0:c7:df:7e:c1:37:ff:86:f5:20:d5:d6:f3:a4:30: 4a:f0:0e:0d:da:10:7c:65:ee:63:8a:27:f6:81:c6:47:9d:82: 0a:7c:74:e1:7d:79:29:5e:88:76:15:50:bb:a4:26:f3:47:80: 5d:9a:0c:c7:83:32:72:e6:56:01:24:c4:3a:f2:0e:19:ac:cc: 78:46:96:5e:b1:fa:ba:77:89:6e:80:c8:5a:cc:b0:bd:18:37: 16:06:31:c2:83:22:b5:7c:50:e6:72:1a:06:7a:5f:d3:66:7e: 5d:13:a6:6e:ca:a1:5f:e8:d4:3d:9b:05:a8:84:24:6b:6c:bf: b5:33:0d:22:51:cf:a4:08:af:bc:b1:c4:57:65:21:c5:8c:38: 58:8e:d9:d7:fc:b8:64:15:12:0c:f9:48:b2:8e:58:51:c1:f7: 9d:46:45:37:dc:54:8d:c1:0a:14:49:22:93:b8:63:de:8f:cc: a9:4a:69:4b:6c:f9:a1:92:66:08:9b:ee:19:a7:cc:c6:8f:83: 49:b1:de:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+prLpI7EyzJqu7576N1BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi ZmExNGEwHhcNMjUxMjE4MTUwMTA1WhcNMjUxMjE5MTUwMTA1WjAzMTEwLwYDVQQD EyhkNzA2MTgxZDZlMWM1NTIwMDljYTlkYTgzZmUwYTI0NzRlYWI4OTFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05LuIy9hD2R7ZS8w8/7GNRPAs5d9 TfZctoOTfjVKK0fz3gsytHjtEBvAWwK3MLZEpsohrvSRTLkTX08LXT6YSI1pVVIA KIdnZG2+aYjJIS9I1ZMaAOXLcJUSwjQk5w9hDcGtnXjVJisXRS5hLzrybaeqRCug dVaakNPopjKR1wefISicD3zGhCiiO+/2/eZV2LwkV4hyMyU53h28nrhhkOUT/Slt mbwaA+D/L/7szlikQCkt6ULLRGLAfzNEaJKUr02zkcHKyaDEA/snZVSojwcwz5s4 kHiRUMIdwtp5jiRSo5ba2fWtc7KfO7kIJ+f3rCo8GBzkJMQVKWBRnCGYQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNcGGB1uHFUgCcqdqD/gokdOq4kcMB8GA1UdIwQY MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt ZThkMTkyOTYzOTVjLzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUdjgUI0+ /6DtNyylDcCVqHYX8+dGBYrlpgqEH6/mfOHFfWZM76a28N8HJm8dbgzOsbzvdzb/ KHEEsMfffsE3/4b1INXW86QwSvAODdoQfGXuY4on9oHGR52CCnx04X15KV6IdhVQ u6Qm80eAXZoMx4MycuZWASTEOvIOGazMeEaWXrH6uneJboDIWsywvRg3FgYxwoMi tXxQ5nIaBnpf02Z+XROmbsqhX+jUPZsFqIQka2y/tTMNIlHPpAivvLHEV2UhxYw4 WI7Z1/y4ZBUSDPlIso5YUcH3nUZFN9xUjcEKFEkik7hj3o/MqUppS2z5oZJmCJvu GafMxo+DSbHe9A== -----END CERTIFICATE-----Generated at Thu Dec 18 23:33:17 2025 by rpki-client