This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft File: bhWkM20vXhvWBzfelXlomSp0cOk.mft (raw, json) Hash identifier: 9yEj7w4biEnDHTYfZP/sqmQyMc4K/TmFN5gT0/wR5Lo= Subject key identifier: BF:D3:B5:2F:C0:52:D8:6A:7D:52:C5:AD:68:F7:C9:9F:91:45:D9:2B Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9 Certificate issuer: /CN=6e15a4336d2f5e1bd60737de957968992a7470e9 Certificate serial: 019B4D3AF829FE6C0368DA0A9B13D7A4F49D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft Manifest number: 1791 Signing time: Tue 23 Dec 2025 22:01:08 +0000 Manifest this update: Tue 23 Dec 2025 22:01:08 +0000 Manifest next update: Wed 24 Dec 2025 22:01:08 +0000 Files and hashes: 1: bhWkM20vXhvWBzfelXlomSp0cOk.crl (hash: OaboBdOoXmVlnrjWarM+TcH4urWH/vgM/d5x5lH5rl4=) 2: zgsEDv3otZRAtHyWvGAv7rzQjXg.roa (hash: ZyzEtsDUzNfUy6YLDq0VYYYmMcE0twVe+0tLjGTigwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 19:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:3a:f8:29:fe:6c:03:68:da:0a:9b:13:d7:a4:f4:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9 Validity Not Before: Dec 23 22:01:08 2025 GMT Not After : Dec 24 22:01:08 2025 GMT Subject: CN=bfd3b52fc052d86a7d52c5ad68f7c99f9145d92b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:0f:85:ec:5e:33:cf:2b:50:4f:70:5a:4b:1f: bd:0f:c0:42:8e:fc:dc:fb:59:5a:65:0e:77:a8:e0: 76:55:12:6c:66:38:c8:ae:a2:ba:96:c0:83:5e:30: 7b:f2:60:c0:98:d4:8d:6b:68:33:cd:3a:34:fe:17: 7f:ea:b1:ac:35:1a:2e:50:82:a7:2c:dc:d8:d1:63: c4:71:69:b5:89:76:62:01:8a:d4:a2:b3:a6:d5:e0: 6f:26:87:0c:61:f3:4d:7c:f5:d6:ea:1d:79:f8:14: 6a:49:8d:9b:4d:86:ce:8c:92:9d:c3:59:e2:9c:39: e5:22:e8:5b:af:55:1f:d9:40:18:45:3d:90:f8:0c: c7:5b:23:ea:dd:07:04:ee:aa:10:fe:28:6f:c8:8e: 69:06:23:08:d8:a1:02:bf:18:dc:cb:5b:0a:1b:ec: 37:86:01:04:db:62:ad:29:b3:35:b9:8c:06:bb:25: f3:39:6a:79:33:87:b7:38:89:93:0d:6f:1c:84:73: 82:bb:44:ac:48:5b:62:6e:f6:7b:ca:08:1d:85:12: b2:1f:05:e3:a4:ac:a9:75:ef:e5:4d:2f:8d:e9:81: 5c:06:ec:1b:c4:93:45:9b:2c:25:0d:a4:66:66:dd: 94:1b:33:6f:31:98:3c:b6:a5:35:ab:66:a8:31:cd: 00:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:D3:B5:2F:C0:52:D8:6A:7D:52:C5:AD:68:F7:C9:9F:91:45:D9:2B X509v3 Authority Key Identifier: keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:7e:ab:81:ea:cf:5e:e5:c8:96:23:bc:8a:c3:36:6d:d0:07: 1a:1b:ef:91:6d:d9:c9:ce:fe:38:78:35:e1:45:84:48:8b:ae: f5:69:ae:87:b3:32:14:9b:58:0a:2c:a6:40:11:d5:d3:90:09: 5f:3a:9b:c6:9d:ad:30:9f:6c:0c:9b:fe:96:f8:e1:cf:33:c4: ee:8b:f0:6b:f6:73:3d:d9:ba:10:83:f8:2f:06:e6:40:12:6f: 01:56:8a:91:c0:fc:12:c6:7c:a0:a5:e8:4c:07:db:a9:18:56: bd:7a:97:e9:d0:07:f8:eb:4e:35:d0:f6:a2:b6:a4:67:c3:be: bf:a7:26:47:01:24:dc:02:cd:af:c3:88:30:28:79:dc:0c:10: 8a:cf:81:fc:1d:b7:f2:5a:92:78:d2:4f:65:65:c9:a7:94:2c: 2f:a4:11:b1:3b:fd:12:0e:84:2e:53:a3:cc:b6:b0:a4:0e:5e: 89:30:c5:e5:b7:19:d5:54:86:be:40:3f:4e:63:09:a3:e5:51: 4b:52:e5:c5:80:39:0f:07:ff:47:03:66:d6:a0:c9:c8:0b:76: 14:2f:8f:45:5e:dd:41:44:10:9c:1c:01:9b:7e:fa:ca:b7:1c: 84:1a:c3:dc:3f:77:4b:95:e2:33:63:d7:a2:02:6a:5e:15:af: 9d:49:d4:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtNOvgp/mwDaNoKmxPXpPSdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3 NDcwZTkwHhcNMjUxMjIzMjIwMTA4WhcNMjUxMjI0MjIwMTA4WjAzMTEwLwYDVQQD EyhiZmQzYjUyZmMwNTJkODZhN2Q1MmM1YWQ2OGY3Yzk5ZjkxNDVkOTJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA+F7F4zzytQT3BaSx+9D8BCjvzc +1laZQ53qOB2VRJsZjjIrqK6lsCDXjB78mDAmNSNa2gzzTo0/hd/6rGsNRouUIKn LNzY0WPEcWm1iXZiAYrUorOm1eBvJocMYfNNfPXW6h15+BRqSY2bTYbOjJKdw1ni nDnlIuhbr1Uf2UAYRT2Q+AzHWyPq3QcE7qoQ/ihvyI5pBiMI2KECvxjcy1sKG+w3 hgEE22KtKbM1uYwGuyXzOWp5M4e3OImTDW8chHOCu0SsSFtibvZ7yggdhRKyHwXj pKypde/lTS+N6YFcBuwbxJNFmywlDaRmZt2UGzNvMZg8tqU1q2aoMc0AxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/TtS/AUthqfVLFrWj3yZ+RRdkrMB8GA1UdIwQY MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt OGQ1MjQ2YTIwMjQ1LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1 LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOH6rgerP XuXIliO8isM2bdAHGhvvkW3Zyc7+OHg14UWESIuu9Wmuh7MyFJtYCiymQBHV05AJ Xzqbxp2tMJ9sDJv+lvjhzzPE7ovwa/ZzPdm6EIP4LwbmQBJvAVaKkcD8EsZ8oKXo TAfbqRhWvXqX6dAH+OtONdD2orakZ8O+v6cmRwEk3ALNr8OIMCh53AwQis+B/B23 8lqSeNJPZWXJp5QsL6QRsTv9Eg6ELlOjzLawpA5eiTDF5bcZ1VSGvkA/TmMJo+VR S1LlxYA5Dwf/RwNm1qDJyAt2FC+PRV7dQUQQnBwBm376yrcchBrD3D93S5XiM2PX ogJqXhWvnUnULA== -----END CERTIFICATE-----Generated at Wed Dec 24 02:19:38 2025 by rpki-client