This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft File: bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json) Hash identifier: vtFlXn1TEFKVjqe1Cy5rOOfFhrNsgI9uUghaBBF0m0Q= Subject key identifier: B7:12:89:D6:88:FD:39:60:C5:6F:33:0B:0A:33:F8:DC:7F:16:3C:97 Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 Certificate issuer: /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Certificate serial: 019B59777BADF543D7CCB27B75809A4AEAD2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft Manifest number: 1795 Signing time: Fri 26 Dec 2025 07:02:41 +0000 Manifest this update: Fri 26 Dec 2025 07:02:41 +0000 Manifest next update: Sat 27 Dec 2025 07:02:41 +0000 Files and hashes: 1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: flNq4dAEukVc9xtvHbo7uTbpvUhsSM7xq3nhOuQu97U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:7b:ad:f5:43:d7:cc:b2:7b:75:80:9a:4a:ea:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360 Validity Not Before: Dec 26 07:02:41 2025 GMT Not After : Dec 27 07:02:41 2025 GMT Subject: CN=b71289d688fd3960c56f330b0a33f8dc7f163c97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:9a:7e:a8:3f:16:f8:a8:c6:f8:e8:bd:92:d5: ac:05:cb:61:89:de:87:28:4a:76:60:99:29:3a:a7: 64:8f:a6:4b:02:e6:ca:05:83:81:b0:66:30:55:5a: db:43:92:d7:25:19:39:1f:4d:b2:97:0d:4e:d0:9c: 81:a8:20:67:a8:19:7b:3a:b5:77:73:6e:e2:0b:4d: b7:0b:1d:20:af:4c:bc:f7:73:c9:b6:48:ee:60:f0: dc:eb:f1:f0:1b:56:ec:02:33:a9:45:63:ba:9d:15: 74:a4:9c:9b:fb:70:bb:96:2e:56:78:a0:97:7f:0b: d1:91:94:b6:e8:6a:51:0b:31:9f:3e:7d:70:3b:90: 24:77:4e:04:13:4f:29:35:5d:03:95:54:a0:e5:24: ed:cc:f8:f4:40:1c:30:85:97:15:b8:81:98:d5:ee: bf:ef:6b:af:fb:1d:bc:ec:a9:96:90:9e:9e:30:7f: 1f:da:59:88:d3:6b:5a:7a:f0:db:4d:1c:0f:05:e5: ea:42:30:e3:9e:78:8a:8b:0d:dd:9a:e1:b6:89:40: 04:0a:de:de:32:05:0e:6c:df:ae:f9:68:35:1c:c6: 15:70:55:6b:ee:da:23:e5:03:11:91:8a:a9:7a:b7: 19:ca:dc:eb:c5:0b:6a:a9:9e:65:f1:0a:2a:d3:d8: fd:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:12:89:D6:88:FD:39:60:C5:6F:33:0B:0A:33:F8:DC:7F:16:3C:97 X509v3 Authority Key Identifier: keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:21:17:87:cd:4e:a5:d2:17:cc:bd:7d:4c:db:db:7c:37:44: bf:b3:be:f3:36:c9:73:a1:b3:d7:0a:8e:12:b4:ea:dd:d5:f3: fb:3c:98:1e:58:92:ee:d9:06:e2:2b:bc:3f:07:98:ef:7c:97: 97:da:1f:77:7d:9c:cf:f7:54:23:86:89:13:4f:ad:d9:14:92: fb:1e:c9:80:f4:19:2f:07:d6:76:88:10:52:85:e6:91:f7:72: 03:56:9b:de:90:46:f8:7f:d6:3e:65:c3:c7:bf:f5:46:b8:7e: 71:fe:f0:e1:1b:db:a7:f8:80:fb:ea:cb:21:5a:3f:1e:93:9c: a2:ba:a5:64:76:80:03:70:ba:0f:85:9f:25:7e:ae:f9:b0:6d: d5:52:f6:70:cb:f8:55:37:10:c6:96:1a:4a:e5:b9:65:47:26: ce:c9:b7:16:af:3c:c1:34:83:01:8b:60:f7:7e:f4:a8:7c:42: 53:f2:4b:c0:18:7b:2a:a0:0f:94:d0:b1:1f:a8:49:43:17:75: b4:29:21:73:81:d8:a0:8d:40:f5:9b:a0:76:d3:2b:39:e5:48: a8:cb:d7:22:d3:ae:39:43:65:eb:aa:91:fe:ed:91:bf:20:eb: 2a:33:0d:11:e3:bf:e2:23:52:bf:0a:11:fd:a1:35:b8:43:58: bf:bd:66:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd3ut9UPXzLJ7dYCaSurSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5 YmQzNjAwHhcNMjUxMjI2MDcwMjQxWhcNMjUxMjI3MDcwMjQxWjAzMTEwLwYDVQQD EyhiNzEyODlkNjg4ZmQzOTYwYzU2ZjMzMGIwYTMzZjhkYzdmMTYzYzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZp+qD8W+KjG+Oi9ktWsBcthid6H KEp2YJkpOqdkj6ZLAubKBYOBsGYwVVrbQ5LXJRk5H02ylw1O0JyBqCBnqBl7OrV3 c27iC023Cx0gr0y893PJtkjuYPDc6/HwG1bsAjOpRWO6nRV0pJyb+3C7li5WeKCX fwvRkZS26GpRCzGfPn1wO5Akd04EE08pNV0DlVSg5STtzPj0QBwwhZcVuIGY1e6/ 72uv+x287KmWkJ6eMH8f2lmI02taevDbTRwPBeXqQjDjnniKiw3dmuG2iUAECt7e MgUObN+u+Wg1HMYVcFVr7toj5QMRkYqpercZytzrxQtqqZ5l8Qoq09j94QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLcSidaI/TlgxW8zCwoz+Nx/FjyXMB8GA1UdIwQY MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfSEXh81O pdIXzL19TNvbfDdEv7O+8zbJc6Gz1wqOErTq3dXz+zyYHliS7tkG4iu8PweY73yX l9ofd32cz/dUI4aJE0+t2RSS+x7JgPQZLwfWdogQUoXmkfdyA1ab3pBG+H/WPmXD x7/1Rrh+cf7w4Rvbp/iA++rLIVo/HpOcorqlZHaAA3C6D4WfJX6u+bBt1VL2cMv4 VTcQxpYaSuW5ZUcmzsm3Fq88wTSDAYtg9370qHxCU/JLwBh7KqAPlNCxH6hJQxd1 tCkhc4HYoI1A9ZugdtMrOeVIqMvXItOuOUNl66qR/u2RvyDrKjMNEeO/4iNSvwoR /aE1uENYv71m8w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:19:44 2025 by rpki-client