This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.mft File: bzHGTD5afeEED0Daj-3EfDj-Wfo.mft (raw, json) Hash identifier: 0KIf12WymK9tzjKO6GTRNb5nKZmxtUUZtj5WcZaqnPQ= Subject key identifier: 38:E7:5F:A1:82:CC:04:70:53:98:6F:2D:D0:65:12:29:3A:90:9D:48 Authority key identifier: 6F:31:C6:4C:3E:5A:7D:E1:04:0F:40:DA:8F:ED:C4:7C:38:FE:59:FA Certificate issuer: /CN=6f31c64c3e5a7de1040f40da8fedc47c38fe59fa Certificate serial: 019B1E067A049601B7F3EDA04457F0A1E315 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzHGTD5afeEED0Daj-3EfDj-Wfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.mft Manifest number: 1024 Signing time: Sun 14 Dec 2025 18:01:39 +0000 Manifest this update: Sun 14 Dec 2025 18:01:39 +0000 Manifest next update: Mon 15 Dec 2025 18:01:39 +0000 Files and hashes: 1: V-ziE9ps9Cl1x9ik1a79A00SdKk.roa (hash: vAv5TpbiymJ0TO2JtzeVr/xllon/oJLZTZGZk+qEl8o=) 2: bzHGTD5afeEED0Daj-3EfDj-Wfo.crl (hash: Y7bmKkyFy5zyocJrdTVH4GORM6FXdleWHF1qfh5Q1Hg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.mft rsync://rpki.ripe.net/repository/DEFAULT/bzHGTD5afeEED0Daj-3EfDj-Wfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 18:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:06:7a:04:96:01:b7:f3:ed:a0:44:57:f0:a1:e3:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f31c64c3e5a7de1040f40da8fedc47c38fe59fa Validity Not Before: Dec 14 18:01:39 2025 GMT Not After : Dec 15 18:01:39 2025 GMT Subject: CN=38e75fa182cc047053986f2dd06512293a909d48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:7f:78:6e:f1:ca:b5:26:c6:e8:6a:39:68:b7: cb:c0:bd:d5:1e:d5:93:d7:21:55:f3:21:db:10:9e: 0f:4c:01:5f:02:19:72:08:54:39:cc:31:19:0d:8e: 56:c8:7b:24:b5:b0:e2:02:90:fb:54:4c:84:35:4a: 7d:5b:bb:9d:47:60:1d:c0:ce:c5:a5:41:c1:0f:e7: 73:ec:29:89:64:6a:cc:2a:e4:fb:76:fa:ec:66:e9: 7f:04:30:81:fe:60:d2:bc:23:88:78:23:e6:17:e8: 72:07:73:d3:72:0b:ab:bc:30:75:85:2b:ef:f1:83: c8:bd:05:cc:07:0c:0a:c4:32:ba:3f:47:14:9e:4b: 91:4e:f7:29:da:10:5f:87:37:0a:17:e6:1a:c2:bd: 47:1f:a1:0e:a8:ce:5d:68:c5:1d:68:c3:9e:c8:28: a9:63:93:0f:a1:1b:7c:48:c0:3a:95:ef:f0:3d:ce: 25:72:11:a4:4a:0b:29:12:01:76:71:8b:26:e1:0d: 74:19:1f:fb:f5:d5:d2:02:09:6e:2c:3a:28:be:88: 2c:ca:42:a2:dc:7f:5e:f5:41:03:6c:3a:f0:ac:02: 8f:f2:6e:e0:1f:5c:01:b6:72:b9:81:8d:27:9f:e3: 52:98:34:c1:93:2f:2f:2b:67:f2:68:fb:e9:44:08: 5f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E7:5F:A1:82:CC:04:70:53:98:6F:2D:D0:65:12:29:3A:90:9D:48 X509v3 Authority Key Identifier: keyid:6F:31:C6:4C:3E:5A:7D:E1:04:0F:40:DA:8F:ED:C4:7C:38:FE:59:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzHGTD5afeEED0Daj-3EfDj-Wfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/8ed382-3097-413e-b6a2-b080a3451c7f/1/bzHGTD5afeEED0Daj-3EfDj-Wfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:14:bb:f0:e2:33:b1:05:b8:3c:73:37:53:28:3a:a0:b6:b5: 87:56:96:56:b2:5b:ac:08:7c:4c:b5:d1:ef:22:e5:3a:89:ba: e8:8d:cf:09:15:22:4d:b8:03:46:d0:e3:d4:bb:c0:3c:9f:c0: 24:41:7b:e9:02:db:94:dd:52:e7:a5:53:96:9b:f4:d4:5f:d7: c9:b5:ff:f2:a2:68:e3:1d:ec:cc:87:eb:63:10:e2:ce:30:64: a9:bc:c8:4b:9a:3f:04:54:cf:41:9b:3c:4a:b5:88:a9:0a:fa: 55:1a:d6:11:a0:4d:fb:b0:aa:68:38:62:5f:41:df:c8:c6:e4: 20:7a:e6:10:ff:76:7b:e4:e5:7d:a9:e3:aa:74:51:b8:6d:76: 27:09:fd:bf:b3:26:16:6b:17:23:ff:af:25:8b:b4:31:0c:ed: 95:56:5e:9b:55:5a:f7:40:e8:bd:b2:f4:66:a1:93:1c:b2:d7: 49:2e:3d:2a:f7:f6:91:3a:9a:09:3d:0f:af:e1:f1:fa:c9:54: c6:dc:8b:db:cf:c9:75:ed:d3:e5:17:f3:4a:0e:4b:0f:29:b0: bd:a7:40:95:a7:3a:d6:ba:0e:e1:9d:a6:21:9e:a0:e1:38:91: 8c:34:05:50:e5:ce:91:dd:e7:cb:e0:b3:1e:90:5d:cb:9e:bc: f6:c9:83:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZseBnoElgG38+2gRFfwoeMVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzFjNjRjM2U1YTdkZTEwNDBmNDBkYThmZWRjNDdjMzhm ZTU5ZmEwHhcNMjUxMjE0MTgwMTM5WhcNMjUxMjE1MTgwMTM5WjAzMTEwLwYDVQQD EygzOGU3NWZhMTgyY2MwNDcwNTM5ODZmMmRkMDY1MTIyOTNhOTA5ZDQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH94bvHKtSbG6Go5aLfLwL3VHtWT 1yFV8yHbEJ4PTAFfAhlyCFQ5zDEZDY5WyHsktbDiApD7VEyENUp9W7udR2AdwM7F pUHBD+dz7CmJZGrMKuT7dvrsZul/BDCB/mDSvCOIeCPmF+hyB3PTcgurvDB1hSvv 8YPIvQXMBwwKxDK6P0cUnkuRTvcp2hBfhzcKF+Yawr1HH6EOqM5daMUdaMOeyCip Y5MPoRt8SMA6le/wPc4lchGkSgspEgF2cYsm4Q10GR/79dXSAgluLDoovogsykKi 3H9e9UEDbDrwrAKP8m7gH1wBtnK5gY0nn+NSmDTBky8vK2fyaPvpRAhfqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDjnX6GCzARwU5hvLdBlEik6kJ1IMB8GA1UdIwQY MBaAFG8xxkw+Wn3hBA9A2o/txHw4/ln6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnpIR1RENWFmZUVFRDBEYWotM0VmRGotV2ZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi84ZWQzODItMzA5Ny00MTNlLWI2YTIt YjA4MGEzNDUxYzdmLzEvYnpIR1RENWFmZUVFRDBEYWotM0VmRGotV2ZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi84ZWQzODItMzA5Ny00MTNlLWI2YTItYjA4MGEzNDUxYzdm LzEvYnpIR1RENWFmZUVFRDBEYWotM0VmRGotV2ZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBS78OIz sQW4PHM3Uyg6oLa1h1aWVrJbrAh8TLXR7yLlOom66I3PCRUiTbgDRtDj1LvAPJ/A JEF76QLblN1S56VTlpv01F/XybX/8qJo4x3szIfrYxDizjBkqbzIS5o/BFTPQZs8 SrWIqQr6VRrWEaBN+7CqaDhiX0HfyMbkIHrmEP92e+TlfanjqnRRuG12Jwn9v7Mm FmsXI/+vJYu0MQztlVZem1Va90DovbL0ZqGTHLLXSS49Kvf2kTqaCT0Pr+Hx+slU xtyL28/Jde3T5RfzSg5LDymwvadAlac61roO4Z2mIZ6g4TiRjDQFUOXOkd3ny+Cz HpBdy5689smDPQ== -----END CERTIFICATE-----Generated at Mon Dec 15 04:52:22 2025 by rpki-client