This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft File: BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft (raw, json) Hash identifier: sfrp5MlLdKh851RGllZkErBVyDGf7YIb3fQWC3cKIGQ= Subject key identifier: A5:42:8C:C4:89:BC:A3:48:F2:D3:E4:AE:C3:94:4E:D3:5E:49:DA:A9 Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Certificate serial: 019B33E925FDACC4187AC53FBF7B592B6645 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft Manifest number: 0C68 Signing time: Fri 19 Dec 2025 00:01:16 +0000 Manifest this update: Fri 19 Dec 2025 00:01:16 +0000 Manifest next update: Sat 20 Dec 2025 00:01:16 +0000 Files and hashes: 1: BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl (hash: FRZJKYph1uw7RhIyIOpi6WfA5R+UVNbk/ktIsbt0CnQ=) 2: dShe1ipT6-Y_-edVr4eNtxtPKAo.roa (hash: 34QucPlafnV+iMZk3j4FDiUJFtGuS1f17YL6xBvVoIo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e9:25:fd:ac:c4:18:7a:c5:3f:bf:7b:59:2b:66:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a Validity Not Before: Dec 19 00:01:16 2025 GMT Not After : Dec 20 00:01:16 2025 GMT Subject: CN=a5428cc489bca348f2d3e4aec3944ed35e49daa9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:f7:36:65:f3:df:5b:ba:93:f3:d5:05:9c: 81:4d:08:85:43:51:d0:b3:f7:8c:75:d4:4d:4f:0a: e3:05:e3:f6:3c:82:60:70:a3:3e:4b:ef:90:e1:2f: bb:5a:0b:97:b2:2e:96:3c:41:d8:cd:f3:10:23:bc: e0:29:34:7f:1c:71:fa:ca:ec:9b:58:b3:94:66:9e: 1a:8c:f1:b1:e0:dd:93:fe:e1:3b:c2:fa:20:e5:0f: cf:08:8f:5c:07:5f:0d:15:dd:53:3c:c0:e4:dc:42: b5:25:8c:37:0a:6e:79:40:b1:1b:83:c0:1c:64:1b: 05:e6:dd:59:77:dd:74:12:b7:a9:1a:85:fd:d2:d1: 7e:02:6d:5f:ce:32:e7:90:b1:49:24:10:93:ca:b9: e8:e0:cd:dd:6e:89:1e:09:21:f9:1b:d4:60:21:75: 01:55:b5:9b:7e:ec:84:2a:a0:ac:49:0e:05:e6:65: 39:64:af:15:23:f2:b2:04:81:c9:d4:09:ea:93:54: b6:fc:a1:08:eb:d4:9f:62:95:45:8e:fe:81:88:2c: 64:3f:54:6a:36:54:89:7c:08:1d:8c:28:97:c6:1c: c0:1d:0f:9c:4c:77:c7:db:ed:c0:02:9d:5c:90:8c: 6c:af:56:8e:fb:fc:df:13:28:b1:87:04:27:d1:80: 6f:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:42:8C:C4:89:BC:A3:48:F2:D3:E4:AE:C3:94:4E:D3:5E:49:DA:A9 X509v3 Authority Key Identifier: keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:4a:61:95:c4:f9:6e:d1:6e:83:f7:3a:d3:09:95:e4:0c:37: 5e:79:3b:a7:69:6d:ab:6a:f3:01:41:09:44:48:c1:9d:19:10: 9a:d6:7b:97:71:e8:3d:d4:ee:66:0a:d5:09:95:d3:9e:77:0e: 54:23:68:f3:f3:29:b7:6f:9c:80:ae:db:6a:69:5a:0f:b3:8f: 36:e3:47:91:f7:7d:fe:b6:92:21:70:1e:a4:f1:51:86:1d:72: b8:8d:c0:63:53:fa:c0:9a:aa:46:e1:f0:ce:68:8e:d2:bd:db: 8b:8c:ef:44:ae:97:10:8b:f5:20:26:b8:af:c7:94:bf:c8:69: 88:ab:1d:92:c2:52:ad:58:d7:6b:4f:3c:90:ad:d7:f8:6a:60: c6:81:a9:48:f6:d7:98:11:e4:55:3c:bd:08:d4:f2:22:b8:bf: 0e:16:68:43:43:3a:96:30:ac:58:b9:90:e9:c5:63:03:1d:03: d5:d4:68:61:2d:88:a1:bf:d1:d6:28:d7:f8:37:ac:ea:0c:bb: a6:71:8f:c4:0e:f6:db:aa:6a:cd:10:99:ef:ff:86:79:88:10: a7:89:f4:18:07:f6:ea:58:d4:d9:51:22:4a:4f:b8:74:f1:da: 60:66:e5:9e:38:c2:72:56:f7:d5:09:c3:2c:a9:07:e6:1a:53: da:3e:57:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6SX9rMQYesU/v3tZK2ZFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi ZmExNGEwHhcNMjUxMjE5MDAwMTE2WhcNMjUxMjIwMDAwMTE2WjAzMTEwLwYDVQQD EyhhNTQyOGNjNDg5YmNhMzQ4ZjJkM2U0YWVjMzk0NGVkMzVlNDlkYWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEX3NmXz31u6k/PVBZyBTQiFQ1HQ s/eMddRNTwrjBeP2PIJgcKM+S++Q4S+7WguXsi6WPEHYzfMQI7zgKTR/HHH6yuyb WLOUZp4ajPGx4N2T/uE7wvog5Q/PCI9cB18NFd1TPMDk3EK1JYw3Cm55QLEbg8Ac ZBsF5t1Zd910ErepGoX90tF+Am1fzjLnkLFJJBCTyrno4M3dbokeCSH5G9RgIXUB VbWbfuyEKqCsSQ4F5mU5ZK8VI/KyBIHJ1Anqk1S2/KEI69SfYpVFjv6BiCxkP1Rq NlSJfAgdjCiXxhzAHQ+cTHfH2+3AAp1ckIxsr1aO+/zfEyixhwQn0YBvvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKVCjMSJvKNI8tPkrsOUTtNeSdqpMB8GA1UdIwQY MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt ZThkMTkyOTYzOTVjLzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYEphlcT5 btFug/c60wmV5Aw3Xnk7p2ltq2rzAUEJREjBnRkQmtZ7l3HoPdTuZgrVCZXTnncO VCNo8/Mpt2+cgK7bamlaD7OPNuNHkfd9/raSIXAepPFRhh1yuI3AY1P6wJqqRuHw zmiO0r3bi4zvRK6XEIv1ICa4r8eUv8hpiKsdksJSrVjXa088kK3X+GpgxoGpSPbX mBHkVTy9CNTyIri/DhZoQ0M6ljCsWLmQ6cVjAx0D1dRoYS2Iob/R1ijX+Des6gy7 pnGPxA7226pqzRCZ7/+GeYgQp4n0GAf26ljU2VEiSk+4dPHaYGblnjjCclb31QnD LKkH5hpT2j5XfA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:46:25 2025 by rpki-client