This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json) Hash identifier: ClnJLw4QlmGZ7DvfNDFDRo0G4qjMiSIarV8rtRwmu+w= Subject key identifier: D9:CD:23:73:3C:2F:96:AD:E7:98:BA:71:30:57:4B:04:92:6F:9F:64 Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Certificate serial: 019B5A519AB1454C703E0360738482A89BA7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft Manifest number: 07D7 Signing time: Fri 26 Dec 2025 11:00:56 +0000 Manifest this update: Fri 26 Dec 2025 11:00:56 +0000 Manifest next update: Sat 27 Dec 2025 11:00:56 +0000 Files and hashes: 1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: KeKILVXggq6ctJKFPcvcKMXWNWYlKvSWIgFtyvC93K8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:9a:b1:45:4c:70:3e:03:60:73:84:82:a8:9b:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f Validity Not Before: Dec 26 11:00:56 2025 GMT Not After : Dec 27 11:00:56 2025 GMT Subject: CN=d9cd23733c2f96ade798ba7130574b04926f9f64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:0a:c0:ba:89:d6:5b:8f:18:c1:f8:61:79:90: 4e:31:5f:90:c0:5c:67:3d:f5:de:87:fa:1d:a9:08: 0c:4c:b2:73:61:4b:31:fa:35:7a:3f:27:f0:19:7e: ad:d2:cc:09:c8:ec:f6:0f:09:aa:4e:7a:cf:30:34: e9:78:54:5b:09:6f:cc:07:0b:15:9f:45:46:a9:8f: e8:82:42:a6:ac:f6:bd:28:3b:05:3d:d4:9e:19:91: 83:72:68:e1:6a:52:05:d2:80:e6:56:1e:34:06:b5: e2:bd:67:8d:9f:41:9f:9c:46:57:28:1a:23:ae:db: 97:35:57:a7:e9:33:e1:03:86:f2:07:03:42:84:20: b2:51:1d:52:32:a8:d1:0a:c4:0b:d1:50:47:3a:99: a7:35:60:57:d7:c2:52:26:ce:00:63:7f:f1:b2:58: 70:d0:e6:54:fc:9f:6b:8a:be:a6:eb:f2:ca:af:8b: 09:c0:01:53:4a:3f:c2:35:8f:ec:f1:a7:fd:dd:0d: 0d:dd:3d:38:61:dc:9d:f4:5a:c4:c4:47:8a:96:1f: 6a:11:12:c2:88:dc:7c:a0:e5:3d:f0:d3:0d:65:be: 8c:63:10:5f:48:d5:b9:c0:50:f0:7e:2a:fb:f7:17: 76:d6:4d:3a:44:d4:dc:b2:73:e6:57:f0:cf:b5:d1: a8:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:CD:23:73:3C:2F:96:AD:E7:98:BA:71:30:57:4B:04:92:6F:9F:64 X509v3 Authority Key Identifier: keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:77:ea:2f:86:18:c2:0d:99:4f:34:cc:58:95:a7:62:f2:15: f8:17:27:cd:8e:cd:31:d6:09:d8:a5:fc:27:19:9a:7e:38:6a: c8:6c:35:8b:48:5c:95:1b:7f:76:bb:82:d6:20:02:13:4f:57: 96:92:0b:2c:f3:42:f3:fa:66:c0:57:76:f2:be:d4:5a:15:bf: 5d:84:af:59:52:35:7e:b4:7c:5f:55:e7:7e:1d:44:c7:27:15: 7c:ea:30:c5:12:93:5a:b0:b8:c2:48:d3:88:a7:d7:d7:21:d8: d7:31:be:83:08:a2:67:43:4a:05:27:b0:6d:b4:5f:d3:05:98: b4:49:f3:7c:58:2b:dd:0b:f3:20:0a:b4:1e:ce:46:bf:12:d8: 99:72:92:e3:7e:72:7f:e2:4e:10:f0:fc:25:30:ac:8b:32:6f: a6:41:7c:a1:d1:26:89:10:77:e9:2c:e6:40:7f:86:31:59:cf: bc:f4:e3:c6:78:51:aa:78:be:5d:1f:87:a6:f0:ac:2d:0b:e0: 0f:99:75:c1:27:45:e7:e9:7a:2f:e1:b7:fc:7d:e5:9f:82:50: 9e:1b:23:d4:43:3d:28:d5:30:28:e7:33:1f:32:f7:24:dd:cc: 02:e7:76:ab:87:fc:a0:a5:7d:35:57:2c:64:09:9d:0f:9d:47: ae:6b:e1:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUZqxRUxwPgNgc4SCqJunMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5 MDUxOGYwHhcNMjUxMjI2MTEwMDU2WhcNMjUxMjI3MTEwMDU2WjAzMTEwLwYDVQQD EyhkOWNkMjM3MzNjMmY5NmFkZTc5OGJhNzEzMDU3NGIwNDkyNmY5ZjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlArAuonWW48YwfhheZBOMV+QwFxn PfXeh/odqQgMTLJzYUsx+jV6PyfwGX6t0swJyOz2DwmqTnrPMDTpeFRbCW/MBwsV n0VGqY/ogkKmrPa9KDsFPdSeGZGDcmjhalIF0oDmVh40BrXivWeNn0GfnEZXKBoj rtuXNVen6TPhA4byBwNChCCyUR1SMqjRCsQL0VBHOpmnNWBX18JSJs4AY3/xslhw 0OZU/J9rir6m6/LKr4sJwAFTSj/CNY/s8af93Q0N3T04Ydyd9FrExEeKlh9qERLC iNx8oOU98NMNZb6MYxBfSNW5wFDwfir79xd21k06RNTcsnPmV/DPtdGo2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNnNI3M8L5at55i6cTBXSwSSb59kMB8GA1UdIwQY MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABnfqL4YY wg2ZTzTMWJWnYvIV+BcnzY7NMdYJ2KX8JxmafjhqyGw1i0hclRt/druC1iACE09X lpILLPNC8/pmwFd28r7UWhW/XYSvWVI1frR8X1Xnfh1ExycVfOowxRKTWrC4wkjT iKfX1yHY1zG+gwiiZ0NKBSewbbRf0wWYtEnzfFgr3QvzIAq0Hs5GvxLYmXKS435y f+JOEPD8JTCsizJvpkF8odEmiRB36SzmQH+GMVnPvPTjxnhRqni+XR+HpvCsLQvg D5l1wSdF5+l6L+G3/H3ln4JQnhsj1EM9KNUwKOczHzL3JN3MAud2q4f8oKV9NVcs ZAmdD51Hrmvhxg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:18 2025 by rpki-client