This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.mft File: bzOv1B6gEvsoA8cnRSPI7D8mExE.mft (raw, json) Hash identifier: OJG4fqWcVcXXkMHcARTMOIXDZ6iqdWqHoE/1+khyPeg= Subject key identifier: 0B:F5:06:39:B8:7B:33:CE:4D:72:9E:B9:D8:7D:B1:4F:97:11:2E:06 Authority key identifier: 6F:33:AF:D4:1E:A0:12:FB:28:03:C7:27:45:23:C8:EC:3F:26:13:11 Certificate issuer: /CN=6f33afd41ea012fb2803c7274523c8ec3f261311 Certificate serial: 019B10B820CE69E8F527C83A0A8833BCEAB5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzOv1B6gEvsoA8cnRSPI7D8mExE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.mft Manifest number: 1771 Signing time: Fri 12 Dec 2025 04:01:00 +0000 Manifest this update: Fri 12 Dec 2025 04:01:00 +0000 Manifest next update: Sat 13 Dec 2025 04:01:00 +0000 Files and hashes: 1: bzOv1B6gEvsoA8cnRSPI7D8mExE.crl (hash: iLlSPHc8PROpfM/P5y7W+1t/eScNkNQhQ9+WkoWTUkg=) 2: v8tpm7-4VwDQ4BW9MfFdtqRUZ9c.roa (hash: Xcaj7PWNKHBPkwnwanmCNYJ/FSFogXNO8sh3nrmk3Ek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.crl rsync://rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.mft rsync://rpki.ripe.net/repository/DEFAULT/bzOv1B6gEvsoA8cnRSPI7D8mExE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 04:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:b8:20:ce:69:e8:f5:27:c8:3a:0a:88:33:bc:ea:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f33afd41ea012fb2803c7274523c8ec3f261311 Validity Not Before: Dec 12 04:01:00 2025 GMT Not After : Dec 13 04:01:00 2025 GMT Subject: CN=0bf50639b87b33ce4d729eb9d87db14f97112e06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d5:a7:6b:74:59:90:b4:c4:15:34:5a:93:af: d6:e5:6b:86:69:5f:4c:d0:1f:e0:b7:18:72:b3:d4: cc:fb:49:72:f2:33:00:a4:0e:0a:b3:ec:e8:57:f0: 00:cc:1c:fc:77:45:c8:7d:45:07:36:cc:e5:14:6f: 0d:b6:5c:af:70:2e:6f:e0:18:83:89:91:c4:27:bf: ef:2e:d0:10:da:e9:c4:42:fd:33:d1:d3:d7:2b:f9: a7:15:77:a4:5c:5a:37:ec:f9:c3:d1:2d:33:73:23: 26:16:9e:07:01:a9:a8:8a:87:75:30:1c:f4:bf:a0: bd:7a:b2:b0:c3:23:92:d1:b9:a7:ca:0c:94:2b:25: 78:8f:65:17:ee:31:21:58:bd:26:48:23:4f:e5:bc: d9:17:df:25:9e:e5:d1:e4:e4:fa:5a:2c:af:7f:95: dc:86:86:18:56:94:c6:6d:de:9a:6e:9d:af:dc:3f: 02:c2:ed:eb:bd:ec:38:46:86:22:13:ab:28:a1:2f: 3e:53:f1:ac:91:49:0a:5f:77:77:9f:33:51:25:49: af:12:51:39:8f:fe:82:42:3b:66:d1:ea:28:9c:64: d7:e2:09:60:14:c0:e9:83:b4:54:66:37:df:8e:cd: e2:7f:ff:0a:0d:6f:a2:fc:bb:6a:81:65:a8:c0:34: 29:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:F5:06:39:B8:7B:33:CE:4D:72:9E:B9:D8:7D:B1:4F:97:11:2E:06 X509v3 Authority Key Identifier: keyid:6F:33:AF:D4:1E:A0:12:FB:28:03:C7:27:45:23:C8:EC:3F:26:13:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzOv1B6gEvsoA8cnRSPI7D8mExE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9eaf7f-ab00-42b2-9ce2-b3580994a3b1/1/bzOv1B6gEvsoA8cnRSPI7D8mExE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:56:9e:fb:08:26:42:96:0d:94:85:2e:c2:76:c2:94:9a:86: ba:3b:a6:21:7e:0c:89:32:24:b5:50:9e:9a:0f:b5:a2:26:9b: f3:2c:c7:01:83:da:a5:76:bd:fe:80:cc:ea:26:bd:59:fe:71: 54:3d:a0:0f:55:c6:1d:74:55:6f:5e:7e:85:f1:ac:e9:12:59: fb:45:9e:61:6b:00:1f:b4:3b:c1:36:e3:3d:f9:53:23:5a:af: d7:a6:5c:40:ee:97:80:0d:36:ed:7a:69:ad:b8:23:6a:db:27: 97:3d:39:59:3b:5b:f3:15:2c:06:70:fe:7e:76:aa:04:c2:34: a5:2f:a4:c8:d2:0a:44:30:f4:00:f1:24:f6:0a:36:4c:d2:4f: 5b:72:09:d5:3e:df:f8:7b:ac:28:92:f4:16:7b:9d:9d:a5:39: b0:6f:31:57:43:05:33:77:0e:88:d9:b3:71:b4:c6:8f:7b:56: f4:50:84:bc:2b:57:bb:5e:99:74:b4:78:18:c7:a8:47:93:ef: 1a:21:91:f1:91:fa:6b:11:c6:bb:7b:ae:63:63:ad:ba:00:a8: 72:9b:2c:9c:2e:e0:70:9d:88:e2:40:3c:9e:6a:e6:db:15:a8: 8e:8d:36:27:15:02:15:a2:3f:72:01:aa:81:85:39:f6:be:73: 91:cc:5b:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQuCDOaej1J8g6CogzvOq1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmMzNhZmQ0MWVhMDEyZmIyODAzYzcyNzQ1MjNjOGVjM2Yy NjEzMTEwHhcNMjUxMjEyMDQwMTAwWhcNMjUxMjEzMDQwMTAwWjAzMTEwLwYDVQQD EygwYmY1MDYzOWI4N2IzM2NlNGQ3MjllYjlkODdkYjE0Zjk3MTEyZTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptWna3RZkLTEFTRak6/W5WuGaV9M 0B/gtxhys9TM+0ly8jMApA4Ks+zoV/AAzBz8d0XIfUUHNszlFG8NtlyvcC5v4BiD iZHEJ7/vLtAQ2unEQv0z0dPXK/mnFXekXFo37PnD0S0zcyMmFp4HAamoiod1MBz0 v6C9erKwwyOS0bmnygyUKyV4j2UX7jEhWL0mSCNP5bzZF98lnuXR5OT6Wiyvf5Xc hoYYVpTGbd6abp2v3D8Cwu3rvew4RoYiE6sooS8+U/GskUkKX3d3nzNRJUmvElE5 j/6CQjtm0eoonGTX4glgFMDpg7RUZjffjs3if/8KDW+i/LtqgWWowDQpjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAv1Bjm4ezPOTXKeudh9sU+XES4GMB8GA1UdIwQY MBaAFG8zr9QeoBL7KAPHJ0UjyOw/JhMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYnpPdjFCNmdFdnNvQThjblJTUEk3RDhtRXhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZWFmN2YtYWIwMC00MmIyLTljZTIt YjM1ODA5OTRhM2IxLzEvYnpPdjFCNmdFdnNvQThjblJTUEk3RDhtRXhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS85ZWFmN2YtYWIwMC00MmIyLTljZTItYjM1ODA5OTRhM2Ix LzEvYnpPdjFCNmdFdnNvQThjblJTUEk3RDhtRXhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1ae+wgm QpYNlIUuwnbClJqGujumIX4MiTIktVCemg+1oiab8yzHAYPapXa9/oDM6ia9Wf5x VD2gD1XGHXRVb15+hfGs6RJZ+0WeYWsAH7Q7wTbjPflTI1qv16ZcQO6XgA027Xpp rbgjatsnlz05WTtb8xUsBnD+fnaqBMI0pS+kyNIKRDD0APEk9go2TNJPW3IJ1T7f +HusKJL0FnudnaU5sG8xV0MFM3cOiNmzcbTGj3tW9FCEvCtXu16ZdLR4GMeoR5Pv GiGR8ZH6axHGu3uuY2OtugCocpssnC7gcJ2I4kA8nmrm2xWojo02JxUCFaI/cgGq gYU59r5zkcxbng== -----END CERTIFICATE-----Generated at Fri Dec 12 13:57:48 2025 by rpki-client