This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft File: bdEoKnfiVmUBaNLlZWrvzprWouw.mft (raw, json) Hash identifier: 6YkEq+9BzSVg6cF4COHW1cO1NHvqDZagabDIoSwApnc= Subject key identifier: 9D:C2:D7:BE:50:54:20:7C:B5:6D:CD:F3:DF:9C:FE:A8:56:CD:11:D3 Authority key identifier: 6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC Certificate issuer: /CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec Certificate serial: 019B34FBC2F3773176E054FA42E0FD3EBDB0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft Manifest number: 05B8 Signing time: Fri 19 Dec 2025 05:01:13 +0000 Manifest this update: Fri 19 Dec 2025 05:01:13 +0000 Manifest next update: Sat 20 Dec 2025 05:01:13 +0000 Files and hashes: 1: bdEoKnfiVmUBaNLlZWrvzprWouw.crl (hash: 12hsoesLfPJvVex3zOzV+d5RXYvWMLCoE8glzIifcV0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:c2:f3:77:31:76:e0:54:fa:42:e0:fd:3e:bd:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec Validity Not Before: Dec 19 05:01:13 2025 GMT Not After : Dec 20 05:01:13 2025 GMT Subject: CN=9dc2d7be5054207cb56dcdf3df9cfea856cd11d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a8:aa:f3:b4:2f:49:c7:e9:66:b7:51:dd:4a: 8f:84:f7:f7:8b:22:0b:b1:fe:57:4b:82:71:19:fb: d1:bb:46:6f:93:50:2c:20:fb:2d:fb:79:ab:d1:66: e0:c3:00:bd:2c:62:26:e9:c3:6e:aa:83:60:b7:e4: 56:07:d1:f1:16:73:d7:7f:8f:1c:55:14:89:43:8c: 2e:07:e4:27:f9:54:ff:f5:08:85:08:ba:9e:31:c9: ec:5b:68:7c:a2:aa:2a:63:8b:4c:d0:7f:60:bf:5a: 67:be:ce:4e:d5:7c:34:3b:b0:9c:79:56:7a:a0:ff: 55:22:02:bd:81:26:f7:aa:73:84:0f:89:c7:0e:82: 7f:9a:81:0d:3d:a7:e9:fc:53:09:45:f5:87:b0:44: da:91:f5:7c:44:d8:af:a8:2a:bb:f1:40:24:6c:58: 8e:15:fe:b5:e6:6e:87:6b:0d:14:7a:d6:25:37:1d: 67:43:ce:77:85:d6:b9:1e:15:ae:49:e2:40:ed:82: 11:5f:b2:7b:f8:82:fb:b7:4b:84:19:64:61:4a:8c: 60:8e:9a:b7:d1:8d:00:7e:47:9f:97:84:ad:ca:19: 71:54:3a:09:38:17:0d:4d:ea:d8:43:8b:6a:e9:3f: 22:e3:78:df:5e:fa:72:46:91:8e:5d:e7:f0:93:c6: 1e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:C2:D7:BE:50:54:20:7C:B5:6D:CD:F3:DF:9C:FE:A8:56:CD:11:D3 X509v3 Authority Key Identifier: keyid:6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:36:b9:65:4a:d7:4c:15:04:74:eb:ca:45:ab:41:c5:2f:67: 24:b2:12:f5:c3:1f:aa:e7:f8:29:9a:83:4d:c7:d3:98:48:b7: f5:87:db:14:c4:84:9f:68:c0:f5:a5:0c:2f:ab:8a:28:ea:ee: ac:65:e8:9f:62:8a:7e:05:39:a2:96:fa:c1:9d:40:ba:38:69: 14:42:bb:40:fc:c5:11:40:a7:d6:c8:41:00:64:72:83:fd:93: 1c:6f:b9:1d:fe:11:9e:2e:48:17:f9:cc:06:a6:8b:8c:c3:80: cc:04:b2:9b:fe:6d:c1:48:47:c8:2c:42:11:0b:c3:b8:b3:49: 6d:ba:9b:e6:33:0c:ad:f0:cf:f5:13:05:4f:b1:82:fb:0c:49: 43:60:dc:b3:71:d1:42:f8:50:b9:1b:da:3d:6e:87:28:61:2f: b3:b7:88:3e:32:b1:e8:97:de:e2:8b:33:10:c6:15:61:c6:4e: e5:af:a6:7f:7b:64:43:47:94:49:bf:a1:da:e9:1e:a7:61:18: 93:6e:50:be:10:25:b0:e2:14:fb:c9:6a:2f:cb:af:f3:df:60: e1:54:02:80:21:1e:3f:d9:94:39:42:bc:55:a7:e1:03:99:f8: 65:05:06:a4:02:b2:19:84:88:fa:63:a1:62:53:43:d5:ff:96: 80:b9:96:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+8LzdzF24FT6QuD9Pr2wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZDEyODJhNzdlMjU2NjUwMTY4ZDJlNTY1NmFlZmNlOWFk NmEyZWMwHhcNMjUxMjE5MDUwMTEzWhcNMjUxMjIwMDUwMTEzWjAzMTEwLwYDVQQD Eyg5ZGMyZDdiZTUwNTQyMDdjYjU2ZGNkZjNkZjljZmVhODU2Y2QxMWQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6iq87QvScfpZrdR3UqPhPf3iyIL sf5XS4JxGfvRu0Zvk1AsIPst+3mr0WbgwwC9LGIm6cNuqoNgt+RWB9HxFnPXf48c VRSJQ4wuB+Qn+VT/9QiFCLqeMcnsW2h8oqoqY4tM0H9gv1pnvs5O1Xw0O7CceVZ6 oP9VIgK9gSb3qnOED4nHDoJ/moENPafp/FMJRfWHsETakfV8RNivqCq78UAkbFiO Ff615m6Haw0UetYlNx1nQ853hda5HhWuSeJA7YIRX7J7+IL7t0uEGWRhSoxgjpq3 0Y0Afkefl4StyhlxVDoJOBcNTerYQ4tq6T8i43jfXvpyRpGOXefwk8Ye8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ3C175QVCB8tW3N89+c/qhWzRHTMB8GA1UdIwQY MBaAFG3RKCp34lZlAWjS5WVq786a1qLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgt ZTAyMzNiN2M2MGFhLzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgtZTAyMzNiN2M2MGFh LzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDa5ZUrX TBUEdOvKRatBxS9nJLIS9cMfquf4KZqDTcfTmEi39YfbFMSEn2jA9aUML6uKKOru rGXon2KKfgU5opb6wZ1AujhpFEK7QPzFEUCn1shBAGRyg/2THG+5Hf4Rni5IF/nM BqaLjMOAzASym/5twUhHyCxCEQvDuLNJbbqb5jMMrfDP9RMFT7GC+wxJQ2Dcs3HR QvhQuRvaPW6HKGEvs7eIPjKx6Jfe4oszEMYVYcZO5a+mf3tkQ0eUSb+h2ukep2EY k25QvhAlsOIU+8lqL8uv899g4VQCgCEeP9mUOUK8VafhA5n4ZQUGpAKyGYSI+mOh YlND1f+WgLmWFA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:42:40 2025 by rpki-client