This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft File: bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json) Hash identifier: 2Q8FW4ipiPiUal5ROAY9Wcbf1BWbMBJMXuJ1PhgtraI= Subject key identifier: C8:0F:38:2E:71:1C:A6:7A:BE:49:CA:B1:DF:0A:97:62:1F:06:3F:C2 Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C Certificate issuer: /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c Certificate serial: 019B4A028A0CA2B13F7431AB366FFAE3BB9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft Manifest number: 05AE Signing time: Tue 23 Dec 2025 07:00:38 +0000 Manifest this update: Tue 23 Dec 2025 07:00:38 +0000 Manifest next update: Wed 24 Dec 2025 07:00:38 +0000 Files and hashes: 1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: 4qiKAYSW1bdVP0b/CwKAN82YivcchSZsXfGetwQPVyc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:02:8a:0c:a2:b1:3f:74:31:ab:36:6f:fa:e3:bb:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c Validity Not Before: Dec 23 07:00:38 2025 GMT Not After : Dec 24 07:00:38 2025 GMT Subject: CN=c80f382e711ca67abe49cab1df0a97621f063fc2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:04:35:d9:34:ab:17:d2:ca:4b:3a:b1:cb:94: 0a:3c:77:59:52:87:04:1a:5d:a1:1b:be:84:3e:47: 66:04:f7:c0:78:e5:f4:2d:37:54:73:0e:19:fa:25: 7e:4d:5c:ad:70:24:71:66:76:dc:aa:da:62:97:70: c1:07:6c:05:f2:81:1b:52:21:34:64:75:dc:2b:b1: c8:2c:d8:26:f6:8c:92:7a:8f:b3:ac:52:46:b4:69: 11:a6:b5:f9:7f:47:09:bb:35:b5:15:6f:2a:fe:a4: b8:dd:23:e4:7b:e2:a0:f8:dd:10:3d:a7:79:43:a7: db:8d:d5:68:af:d1:53:63:3d:12:19:63:a2:b7:02: 65:ef:62:6f:a8:e5:77:10:0a:20:7a:a4:f8:3f:c2: 60:ea:7f:b7:86:59:df:df:20:cd:c0:63:d7:0b:b1: 39:08:ee:de:c8:23:ad:75:81:94:88:b9:58:13:bc: bb:77:10:cd:fb:ad:e4:38:bf:4c:4e:40:ab:16:21: 09:90:e3:e1:57:a2:c6:aa:a5:8a:fa:77:64:36:61: a1:84:ff:68:40:57:42:07:f7:80:00:75:0d:0e:a4: 05:46:a6:7f:6b:20:d5:5c:de:3a:d0:82:75:ff:b0: e5:ed:8c:ce:b9:06:5a:05:fb:4b:0f:21:20:64:ac: 79:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:0F:38:2E:71:1C:A6:7A:BE:49:CA:B1:DF:0A:97:62:1F:06:3F:C2 X509v3 Authority Key Identifier: keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:16:df:0f:64:dd:82:13:03:10:bf:63:07:a1:3d:ce:cf:83: 79:d1:9f:8c:2b:f3:80:88:f2:5e:43:2a:c8:8f:d6:3e:58:4a: c8:32:cb:b1:0e:a2:57:a1:77:c9:3f:6d:ab:5c:08:35:49:12: 3f:e9:e1:c3:78:23:4d:52:c4:51:4c:f4:cc:15:7b:85:ed:d6: 6c:b7:69:d2:2d:38:9f:14:0d:8a:65:d8:7a:8c:20:40:b4:90: 0b:e0:92:20:00:62:49:6a:c9:68:52:9d:66:8e:e3:25:48:4b: d7:51:cf:1e:3f:d7:e5:da:1a:bb:46:dd:b4:a6:72:47:8d:d8: 55:9a:af:a3:6b:f0:e4:ff:d1:5f:49:64:b6:e5:b8:bf:c3:c7: 88:32:b5:0f:b9:13:3d:ac:9a:9a:a8:40:d9:54:90:bb:bb:b9: c1:c7:c6:1c:74:5c:6d:7e:df:67:89:73:62:37:20:64:05:76: af:6f:c5:fb:72:55:db:62:b9:58:2a:b1:0e:c5:b0:df:49:c2: 14:11:f8:18:ad:19:fe:08:9e:35:99:dc:eb:69:eb:13:3e:25: c0:0a:3e:64:44:c7:80:eb:29:ba:13:90:92:ef:40:f9:f4:27: 51:bd:88:2c:96:ed:67:d7:4a:02:50:2f:5b:28:2b:17:8f:bd: 3a:de:28:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKAooMorE/dDGrNm/647ubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0 MmRmMWMwHhcNMjUxMjIzMDcwMDM4WhcNMjUxMjI0MDcwMDM4WjAzMTEwLwYDVQQD EyhjODBmMzgyZTcxMWNhNjdhYmU0OWNhYjFkZjBhOTc2MjFmMDYzZmMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwQ12TSrF9LKSzqxy5QKPHdZUocE Gl2hG76EPkdmBPfAeOX0LTdUcw4Z+iV+TVytcCRxZnbcqtpil3DBB2wF8oEbUiE0 ZHXcK7HILNgm9oySeo+zrFJGtGkRprX5f0cJuzW1FW8q/qS43SPke+Kg+N0QPad5 Q6fbjdVor9FTYz0SGWOitwJl72JvqOV3EAogeqT4P8Jg6n+3hlnf3yDNwGPXC7E5 CO7eyCOtdYGUiLlYE7y7dxDN+63kOL9MTkCrFiEJkOPhV6LGqqWK+ndkNmGhhP9o QFdCB/eAAHUNDqQFRqZ/ayDVXN460IJ1/7Dl7YzOuQZaBftLDyEgZKx5DwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMgPOC5xHKZ6vknKsd8Kl2IfBj/CMB8GA1UdIwQY MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0 LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATRbfD2Td ghMDEL9jB6E9zs+DedGfjCvzgIjyXkMqyI/WPlhKyDLLsQ6iV6F3yT9tq1wINUkS P+nhw3gjTVLEUUz0zBV7he3WbLdp0i04nxQNimXYeowgQLSQC+CSIABiSWrJaFKd Zo7jJUhL11HPHj/X5doau0bdtKZyR43YVZqvo2vw5P/RX0lktuW4v8PHiDK1D7kT PayamqhA2VSQu7u5wcfGHHRcbX7fZ4lzYjcgZAV2r2/F+3JV22K5WCqxDsWw30nC FBH4GK0Z/gieNZnc62nrEz4lwAo+ZETHgOspuhOQku9A+fQnUb2ILJbtZ9dKAlAv WygrF4+9Ot4ohQ== -----END CERTIFICATE-----Generated at Tue Dec 23 16:45:13 2025 by rpki-client