This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft File: BkizODOZAP9_O1myRtJNJofGNnw.mft (raw, json) Hash identifier: Rm/5xRBAgARbq4OKzVKuB+LMCGA+lXhFlnGqNs+HnbY= Subject key identifier: 31:1B:9B:9A:10:84:EF:9F:5C:43:7D:E9:D4:7D:3F:46:DB:DB:E4:38 Authority key identifier: 06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C Certificate issuer: /CN=0648b338339900ff7f3b59b246d24d2687c6367c Certificate serial: 019B4815889C87068D4E81671847E79872E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft Manifest number: 030D Signing time: Mon 22 Dec 2025 22:02:09 +0000 Manifest this update: Mon 22 Dec 2025 22:02:09 +0000 Manifest next update: Tue 23 Dec 2025 22:02:09 +0000 Files and hashes: 1: BkizODOZAP9_O1myRtJNJofGNnw.crl (hash: Cn5fzx9WnU2Db19nvYzkVrF68iIF7EECv6XQGFkYGI8=) 2: pO5jZKPZtKc7LFh2B3gUF2ssV3Y.roa (hash: rDX32rjjFQPeFJLlsJ7HQ9El7VqEOXBlwYtku8n7ZJg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:88:9c:87:06:8d:4e:81:67:18:47:e7:98:72:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0648b338339900ff7f3b59b246d24d2687c6367c Validity Not Before: Dec 22 22:02:09 2025 GMT Not After : Dec 23 22:02:09 2025 GMT Subject: CN=311b9b9a1084ef9f5c437de9d47d3f46dbdbe438 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:32:40:0b:73:c9:04:07:7b:3d:f4:d2:4f:50: aa:99:8e:bf:50:17:03:a7:87:09:c7:64:32:45:b4: cc:86:fa:38:12:e7:d6:4e:09:8f:b4:2d:b5:df:28: 32:37:00:1c:af:63:4d:8e:06:db:48:09:57:c6:83: 4a:8f:82:9f:74:e6:4c:fd:df:cb:e4:68:c9:cb:fd: 3b:fe:42:a4:d5:3e:e2:96:94:4e:1b:7c:f0:81:22: 1a:a4:c7:26:c6:e2:45:19:a7:de:02:06:e4:ab:6c: 49:5a:3d:70:e7:75:1b:83:a1:79:3b:f2:63:81:32: 56:f5:81:5f:c7:6a:57:30:b1:10:4a:07:ed:7c:d0: da:3c:4f:82:fc:1c:9a:40:95:4a:df:33:85:5f:e1: 12:09:b5:26:6f:31:c9:b5:e1:7b:82:3c:be:86:2c: a5:65:c1:27:b6:2a:f9:10:d0:76:73:cf:61:87:e6: d6:9f:2c:b6:fb:2a:35:d6:27:22:7d:73:5c:c4:f4: ad:c7:30:70:14:05:ce:69:ae:68:f1:dc:94:57:e4: 31:ac:7d:f6:5d:36:d3:0b:7e:9d:ae:1d:79:aa:20: bc:28:17:17:02:53:4a:c8:0f:ef:b6:55:25:94:83: fd:5b:7b:94:d4:34:f0:ce:77:7b:bd:1f:61:90:02: 1c:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:1B:9B:9A:10:84:EF:9F:5C:43:7D:E9:D4:7D:3F:46:DB:DB:E4:38 X509v3 Authority Key Identifier: keyid:06:48:B3:38:33:99:00:FF:7F:3B:59:B2:46:D2:4D:26:87:C6:36:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkizODOZAP9_O1myRtJNJofGNnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/33a037-0675-48f8-925d-0d918eedc26f/1/BkizODOZAP9_O1myRtJNJofGNnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:b2:0c:d8:29:5e:f8:ac:cc:82:5f:12:d7:4e:ed:72:c4:99: 89:7b:46:2e:cd:bb:3f:82:c1:83:85:85:9d:c7:35:01:32:cb: e7:b7:cc:3f:2b:f5:27:b2:f1:91:f5:f7:ab:09:8f:52:5f:15: 9f:3b:7c:e5:ee:83:f5:b3:f6:18:69:b6:2a:c1:73:92:d1:98: 49:ff:1b:96:2b:cc:3b:9a:d6:3a:eb:a8:48:19:7b:57:02:a4: 60:26:25:70:09:40:a3:21:8f:dc:f1:3b:3a:f8:a5:2a:46:9d: da:91:0d:7c:c4:6a:99:1c:63:56:f6:1e:c1:31:73:a5:fc:3d: 5b:61:20:46:45:d0:d2:21:eb:35:c9:7b:ed:48:2f:3e:c2:fe: 55:86:8c:fc:ed:17:99:16:4a:ba:24:18:aa:24:2d:77:d6:3f: 85:07:bb:e7:2a:70:25:01:46:36:b9:4e:3b:c0:03:ee:26:d8: 68:27:2f:8d:ae:59:a3:c5:bd:b0:c6:e2:91:f1:41:a4:8e:bf: 6c:d1:81:f8:cb:3c:d2:5b:42:70:61:8c:15:45:7a:0d:d7:6b: 4e:70:14:a5:67:84:7f:d1:8f:bb:02:6b:97:32:4f:c5:2c:6e: d5:84:7e:b0:65:f0:6a:0a:09:3b:a0:20:20:6d:a3:31:39:f0: 98:12:d2:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFYichwaNToFnGEfnmHLhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA2NDhiMzM4MzM5OTAwZmY3ZjNiNTliMjQ2ZDI0ZDI2ODdj NjM2N2MwHhcNMjUxMjIyMjIwMjA5WhcNMjUxMjIzMjIwMjA5WjAzMTEwLwYDVQQD EygzMTFiOWI5YTEwODRlZjlmNWM0MzdkZTlkNDdkM2Y0NmRiZGJlNDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTJAC3PJBAd7PfTST1CqmY6/UBcD p4cJx2QyRbTMhvo4EufWTgmPtC213ygyNwAcr2NNjgbbSAlXxoNKj4KfdOZM/d/L 5GjJy/07/kKk1T7ilpROG3zwgSIapMcmxuJFGafeAgbkq2xJWj1w53Ubg6F5O/Jj gTJW9YFfx2pXMLEQSgftfNDaPE+C/ByaQJVK3zOFX+ESCbUmbzHJteF7gjy+hiyl ZcEntir5ENB2c89hh+bWnyy2+yo11icifXNcxPStxzBwFAXOaa5o8dyUV+QxrH32 XTbTC36drh15qiC8KBcXAlNKyA/vtlUllIP9W3uU1DTwznd7vR9hkAIcLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDEbm5oQhO+fXEN96dR9P0bb2+Q4MB8GA1UdIwQY MBaAFAZIszgzmQD/fztZskbSTSaHxjZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQt MGQ5MThlZWRjMjZmLzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8zM2EwMzctMDY3NS00OGY4LTkyNWQtMGQ5MThlZWRjMjZm LzEvQmtpek9ET1pBUDlfTzFteVJ0Sk5Kb2ZHTm53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbIM2Cle +KzMgl8S107tcsSZiXtGLs27P4LBg4WFncc1ATLL57fMPyv1J7LxkfX3qwmPUl8V nzt85e6D9bP2GGm2KsFzktGYSf8blivMO5rWOuuoSBl7VwKkYCYlcAlAoyGP3PE7 OvilKkad2pENfMRqmRxjVvYewTFzpfw9W2EgRkXQ0iHrNcl77UgvPsL+VYaM/O0X mRZKuiQYqiQtd9Y/hQe75ypwJQFGNrlOO8AD7ibYaCcvja5Zo8W9sMbikfFBpI6/ bNGB+Ms80ltCcGGMFUV6DddrTnAUpWeEf9GPuwJrlzJPxSxu1YR+sGXwagoJO6Ag IG2jMTnwmBLSEQ== -----END CERTIFICATE-----Generated at Tue Dec 23 03:49:21 2025 by rpki-client