This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft File: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json) Hash identifier: iJxErL1xky4RIH89FMNZIvhIUTExffG9NYIPn/gm6i4= Subject key identifier: D8:AE:AA:81:43:1E:04:59:F4:6A:86:EF:72:02:0A:98:82:14:4C:10 Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD Certificate issuer: /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd Certificate serial: 019B59E3B88C0C59C1D19654154A9569E33E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft Manifest number: 1793 Signing time: Fri 26 Dec 2025 09:00:54 +0000 Manifest this update: Fri 26 Dec 2025 09:00:54 +0000 Manifest next update: Sat 27 Dec 2025 09:00:54 +0000 Files and hashes: 1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: 1CR/2AVaGX+O9wwt4KrBGXDl9/+Fc3CRAOOZb/CYwog=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:b8:8c:0c:59:c1:d1:96:54:15:4a:95:69:e3:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd Validity Not Before: Dec 26 09:00:54 2025 GMT Not After : Dec 27 09:00:54 2025 GMT Subject: CN=d8aeaa81431e0459f46a86ef72020a9882144c10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3c:21:2e:d7:89:be:0b:7d:c4:ab:a1:be:4b: 66:c8:a0:ff:4e:db:a9:af:87:93:fc:5b:bb:03:79: 0c:f8:1e:e6:8c:88:c8:1d:68:d6:35:8b:bd:1b:03: 0d:75:f3:4a:6e:ac:6a:3f:2e:c6:c8:e6:64:4a:2a: 9b:c4:70:b9:fc:6f:aa:e2:aa:02:ab:f8:69:06:60: e2:38:3b:86:7f:04:a2:f8:b0:74:9b:96:f6:3a:91: 8b:f3:c4:e8:f0:0c:bb:70:b4:93:4b:83:bb:71:ce: 86:fb:8c:87:89:b9:c1:71:61:23:99:7c:b3:88:c7: d9:dc:d3:58:59:92:af:2c:82:4b:9f:f1:3b:c0:b3: fd:2a:ac:db:bd:dc:18:ee:1b:fc:16:66:10:59:bc: 8b:2b:54:c1:fc:41:82:bd:7e:6f:bc:7b:d0:3c:dd: 60:fa:76:9e:1e:53:81:98:50:24:1f:00:ca:a4:76: 83:c3:3f:7a:ab:df:53:b8:61:be:53:91:66:09:b6: 4e:b8:fe:ce:c1:a3:c6:ca:f4:ce:6c:81:d1:6f:e4: b4:d3:a7:c5:60:e1:45:ba:e2:90:c6:dd:61:4e:6e: 2d:cd:24:86:34:6b:0e:30:aa:8b:91:4a:02:7b:b1: a7:01:5e:6b:d9:34:41:95:d4:37:ed:41:db:33:60: 96:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:AE:AA:81:43:1E:04:59:F4:6A:86:EF:72:02:0A:98:82:14:4C:10 X509v3 Authority Key Identifier: keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:20:a7:1e:fb:b0:da:8a:e8:84:b0:43:88:47:89:d6:1e:46: 2f:07:98:47:d8:48:1e:24:63:85:3e:22:06:c7:7f:69:87:e9: 12:83:cf:c7:3b:c1:aa:e6:e6:7a:dd:08:d8:91:c6:7b:24:a4: 93:e1:1e:b2:b4:90:f4:ce:a8:cb:2d:e7:32:a6:cc:12:13:81: 68:e1:40:32:32:c6:83:44:a2:d3:f3:29:82:f3:0b:f4:c9:af: 7c:fb:06:fa:bd:cf:b0:b3:7e:cc:5b:17:0f:12:cc:b2:94:6b: 2a:10:32:90:74:c9:dd:ac:46:ad:dd:f4:c8:c5:68:3f:23:88: 72:2f:05:22:a4:84:c6:6c:e9:e9:fb:38:76:34:0b:1c:f3:c5: b7:cc:c7:b6:8b:60:77:32:39:ad:dd:a2:99:35:a4:0d:74:3b: b8:3b:3f:fd:8f:3b:6a:d1:1c:d6:81:ea:bf:b2:d9:92:2d:86: 85:6d:a0:24:2e:48:b9:a4:5e:bd:10:d1:4a:fb:ef:15:f3:c9: e7:d3:cb:56:68:20:3e:0c:7e:e7:b7:2d:ff:39:e4:c0:f6:eb: d5:d8:c8:4c:55:c2:dc:26:ae:9b:f2:2d:57:39:3b:49:f0:f3: 65:4b:99:83:38:91:11:bf:ac:12:da:d5:62:fe:47:7a:9c:88: 28:68:81:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ47iMDFnB0ZZUFUqVaeM+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1 MGU0YmQwHhcNMjUxMjI2MDkwMDU0WhcNMjUxMjI3MDkwMDU0WjAzMTEwLwYDVQQD EyhkOGFlYWE4MTQzMWUwNDU5ZjQ2YTg2ZWY3MjAyMGE5ODgyMTQ0YzEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TwhLteJvgt9xKuhvktmyKD/Ttup r4eT/Fu7A3kM+B7mjIjIHWjWNYu9GwMNdfNKbqxqPy7GyOZkSiqbxHC5/G+q4qoC q/hpBmDiODuGfwSi+LB0m5b2OpGL88To8Ay7cLSTS4O7cc6G+4yHibnBcWEjmXyz iMfZ3NNYWZKvLIJLn/E7wLP9KqzbvdwY7hv8FmYQWbyLK1TB/EGCvX5vvHvQPN1g +naeHlOBmFAkHwDKpHaDwz96q99TuGG+U5FmCbZOuP7OwaPGyvTObIHRb+S006fF YOFFuuKQxt1hTm4tzSSGNGsOMKqLkUoCe7GnAV5r2TRBldQ37UHbM2CWKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNiuqoFDHgRZ9GqG73ICCpiCFEwQMB8GA1UdIwQY MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4 LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhiCnHvuw 2orohLBDiEeJ1h5GLweYR9hIHiRjhT4iBsd/aYfpEoPPxzvBqubmet0I2JHGeySk k+EesrSQ9M6oyy3nMqbMEhOBaOFAMjLGg0Si0/MpgvML9MmvfPsG+r3PsLN+zFsX DxLMspRrKhAykHTJ3axGrd30yMVoPyOIci8FIqSExmzp6fs4djQLHPPFt8zHtotg dzI5rd2imTWkDXQ7uDs//Y87atEc1oHqv7LZki2GhW2gJC5IuaRevRDRSvvvFfPJ 59PLVmggPgx+57ct/znkwPbr1djITFXC3Caum/ItVzk7SfDzZUuZgziREb+sEtrV Yv5HepyIKGiBtg== -----END CERTIFICATE-----Generated at Fri Dec 26 15:55:53 2025 by rpki-client