This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft File: bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft (raw, json) Hash identifier: g+Mtf0QL61NWtx/55xJudXDBCkH+YoCMxV8Uf9ea9Kw= Subject key identifier: F1:DC:96:06:2A:69:4A:72:F2:28:2B:D8:3B:CA:7C:B3:37:89:77:EF Authority key identifier: 6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F Certificate issuer: /CN=6df293212d25d4863e386b9c480ddc9be738124f Certificate serial: 019B318CC729735654EFD759663DB3224AF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft Manifest number: 1715 Signing time: Thu 18 Dec 2025 13:01:08 +0000 Manifest this update: Thu 18 Dec 2025 13:01:08 +0000 Manifest next update: Fri 19 Dec 2025 13:01:08 +0000 Files and hashes: 1: HoMgEifDpVQ65AHqBFCCx_7uMoE.roa (hash: MZgT/uxhPiKd1q/F+OrFW0KnU1po9n7PWWPZxZXmYvg=) 2: bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl (hash: 3XjEwg1k3St2N0FlYQ+x8vIooAALCJgf0RulMpakqw8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:8c:c7:29:73:56:54:ef:d7:59:66:3d:b3:22:4a:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6df293212d25d4863e386b9c480ddc9be738124f Validity Not Before: Dec 18 13:01:08 2025 GMT Not After : Dec 19 13:01:08 2025 GMT Subject: CN=f1dc96062a694a72f2282bd83bca7cb3378977ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:78:94:4a:1c:91:05:6a:a0:2c:7e:1b:8f:c8: 88:8e:eb:56:3d:bb:6b:bb:6f:30:d5:ec:c9:be:ea: 9a:15:53:64:24:d9:4f:07:71:29:1f:53:52:52:e7: 1e:b2:8c:f2:57:be:0b:42:07:13:d0:3e:ce:1e:9b: 24:91:4b:4e:52:be:15:60:07:1d:2c:1b:cb:57:4d: 7b:5e:e2:09:a4:c8:5b:c0:06:46:66:50:ee:04:dd: 87:41:ba:58:89:a8:5a:79:7d:89:89:2e:f6:d0:7b: af:71:84:7b:f9:23:f7:0b:84:2e:8c:08:5c:5d:cf: cc:15:94:2f:81:44:ce:54:a1:95:fe:db:22:e5:d0: f1:be:a4:17:14:fc:31:ac:42:27:d7:da:2f:92:72: 2c:2e:89:cf:a9:d0:60:ff:2a:3b:dc:d1:fd:60:88: 32:a3:71:bc:bf:63:ce:f6:29:b0:4c:5e:8e:d5:18: 80:71:bd:b0:1b:a9:4d:b7:e4:5a:8d:19:b9:f6:07: d0:57:67:73:b3:d2:91:4b:39:41:64:71:2e:37:05: 07:6e:c0:22:6f:f1:f1:c9:56:32:a5:1c:3d:3b:eb: 85:38:65:9b:44:d3:1b:6e:ae:ea:b7:5b:68:e0:d0: 08:f2:bd:f6:fa:6d:9f:b2:06:fc:6a:cb:3b:48:f1: 04:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:DC:96:06:2A:69:4A:72:F2:28:2B:D8:3B:CA:7C:B3:37:89:77:EF X509v3 Authority Key Identifier: keyid:6D:F2:93:21:2D:25:D4:86:3E:38:6B:9C:48:0D:DC:9B:E7:38:12:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfKTIS0l1IY-OGucSA3cm-c4Ek8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aecb8a-d763-4642-8036-f400402b536c/1/bfKTIS0l1IY-OGucSA3cm-c4Ek8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:c2:ae:3d:ea:d4:5b:35:77:59:a7:c5:d7:77:45:df:b0:d0: 4d:02:8c:c5:62:b4:44:e7:32:d0:cf:77:61:62:7e:c7:d7:e5: 0e:ac:65:63:47:eb:b0:a2:e6:7b:f9:02:6e:d8:37:a2:88:96: 51:d7:09:41:86:61:ad:4b:90:a5:21:29:51:0f:6e:d8:00:11: a9:84:bc:f9:07:dd:aa:94:3e:df:8f:a4:f8:33:88:26:cc:b9: 08:50:c6:e0:1b:e9:04:6e:bf:65:e5:23:36:3f:a1:23:e4:6c: f3:87:f7:b1:eb:45:07:9c:69:8a:53:22:0e:bf:11:2a:18:50: 6c:41:1e:8c:87:ab:fd:df:45:ae:b8:95:24:10:2d:b9:3d:83: fd:a5:f4:52:9c:91:34:19:4e:41:a9:5d:d3:ec:e3:29:86:bf: c8:d7:14:9a:04:82:3e:df:d7:eb:f5:0c:23:a9:cc:75:5f:7f: bb:ac:44:da:64:b6:23:e6:1a:3e:f9:78:01:d5:ff:a3:ff:16: 14:9b:83:f8:5f:29:33:a0:88:de:7d:6c:ce:57:10:60:49:e3: 2c:0b:a2:ea:e5:ba:d4:f7:77:1d:44:ee:ee:1b:4e:1a:fc:07: 62:76:96:8f:c3:2b:e3:1e:b4:76:86:3d:dc:84:63:29:c1:b6: 5a:a0:ec:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxjMcpc1ZU79dZZj2zIkrxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZjI5MzIxMmQyNWQ0ODYzZTM4NmI5YzQ4MGRkYzliZTcz ODEyNGYwHhcNMjUxMjE4MTMwMTA4WhcNMjUxMjE5MTMwMTA4WjAzMTEwLwYDVQQD EyhmMWRjOTYwNjJhNjk0YTcyZjIyODJiZDgzYmNhN2NiMzM3ODk3N2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3iUShyRBWqgLH4bj8iIjutWPbtr u28w1ezJvuqaFVNkJNlPB3EpH1NSUucesozyV74LQgcT0D7OHpskkUtOUr4VYAcd LBvLV017XuIJpMhbwAZGZlDuBN2HQbpYiahaeX2JiS720HuvcYR7+SP3C4QujAhc Xc/MFZQvgUTOVKGV/tsi5dDxvqQXFPwxrEIn19ovknIsLonPqdBg/yo73NH9YIgy o3G8v2PO9imwTF6O1RiAcb2wG6lNt+RajRm59gfQV2dzs9KRSzlBZHEuNwUHbsAi b/HxyVYypRw9O+uFOGWbRNMbbq7qt1to4NAI8r32+m2fsgb8ass7SPEEPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPHclgYqaUpy8igr2DvKfLM3iXfvMB8GA1UdIwQY MBaAFG3ykyEtJdSGPjhrnEgN3JvnOBJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYt ZjQwMDQwMmI1MzZjLzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9hZWNiOGEtZDc2My00NjQyLTgwMzYtZjQwMDQwMmI1MzZj LzEvYmZLVElTMGwxSVktT0d1Y1NBM2NtLWM0RWs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWcKuPerU WzV3WafF13dF37DQTQKMxWK0ROcy0M93YWJ+x9flDqxlY0frsKLme/kCbtg3ooiW UdcJQYZhrUuQpSEpUQ9u2AARqYS8+QfdqpQ+34+k+DOIJsy5CFDG4BvpBG6/ZeUj Nj+hI+Rs84f3setFB5xpilMiDr8RKhhQbEEejIer/d9FrriVJBAtuT2D/aX0UpyR NBlOQald0+zjKYa/yNcUmgSCPt/X6/UMI6nMdV9/u6xE2mS2I+YaPvl4AdX/o/8W FJuD+F8pM6CI3n1szlcQYEnjLAui6uW61Pd3HUTu7htOGvwHYnaWj8Mr4x60doY9 3IRjKcG2WqDsJw== -----END CERTIFICATE-----Generated at Thu Dec 18 22:51:15 2025 by rpki-client