This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft File: bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json) Hash identifier: S2L+t7eVZJzZdcqEP9Vu9T8dca0djL95yovjdglRBPQ= Subject key identifier: 94:6A:C2:47:97:86:04:E6:05:39:67:FF:13:35:E2:1B:91:6C:46:E5 Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC Certificate issuer: /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc Certificate serial: 019B42B74284264627D1F4B199DE24093EE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft Manifest number: 0687 Signing time: Sun 21 Dec 2025 21:01:04 +0000 Manifest this update: Sun 21 Dec 2025 21:01:04 +0000 Manifest next update: Mon 22 Dec 2025 21:01:04 +0000 Files and hashes: 1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: nzEYM01o+CXznw/xfnIu7ZGLUOToXEBNcLtPT+m9TOo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:42:84:26:46:27:d1:f4:b1:99:de:24:09:3e:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc Validity Not Before: Dec 21 21:01:04 2025 GMT Not After : Dec 22 21:01:04 2025 GMT Subject: CN=946ac247978604e6053967ff1335e21b916c46e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:7d:55:a7:a2:5e:83:dc:13:fe:ea:c5:19:bf: 5f:3f:e2:07:6d:91:c3:44:56:48:44:a6:b7:bc:12: 16:4e:6b:70:f8:9f:21:61:6f:a4:4a:49:31:ac:6b: ed:64:37:ac:e4:69:be:4f:99:89:5d:52:1b:75:5e: 91:70:79:e9:1b:57:e1:e4:29:c3:31:d0:7e:63:49: e6:f4:3f:9a:f3:17:e9:7c:78:c5:10:fd:97:16:6f: 5b:e1:6c:a0:25:36:1d:42:ad:2e:99:d5:11:65:64: 16:92:d6:5d:9b:a0:95:40:b2:62:ad:a8:9d:16:c7: ff:f9:e9:ba:42:ba:dc:e7:22:8a:fc:db:c2:b7:55: 5f:db:68:a7:88:6e:39:5a:79:85:7e:7f:fd:f5:9f: dc:65:b9:79:9b:02:2c:e2:1f:55:23:a0:83:ba:7d: 1f:88:0b:af:46:82:69:59:3b:73:8c:7a:c5:b6:14: 26:74:25:9a:43:ac:a6:2d:b4:2e:cb:57:02:46:ba: 4e:d9:b4:23:d3:ff:88:64:8c:fd:56:ae:e8:fe:9e: cb:ef:c0:3f:f5:8c:36:2b:f2:9c:f5:01:60:bd:5f: 31:40:2e:50:ff:5e:ff:29:c5:a8:13:2a:2f:47:fe: 1d:db:c5:c6:07:33:8c:ae:1e:83:22:a0:cc:a6:7e: 9f:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:6A:C2:47:97:86:04:E6:05:39:67:FF:13:35:E2:1B:91:6C:46:E5 X509v3 Authority Key Identifier: keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:5f:cb:bc:ea:2f:09:52:21:13:3e:9c:dc:9c:b8:5e:8b:21: 49:3c:bc:5f:49:a0:04:38:7c:d1:df:60:ac:51:38:29:fc:4a: 8d:e1:d6:ac:e0:80:e3:9c:23:0e:a5:1c:7b:bc:ba:bd:93:27: fb:52:5e:e3:e2:7c:c5:8f:4b:4f:79:3b:5f:89:ce:82:60:ff: 23:38:dd:d4:8d:0a:16:75:13:7c:c9:50:13:ba:b6:51:07:c3: 8f:8b:a3:93:00:1c:f2:ea:be:c6:5e:db:4b:c3:ed:ef:7d:d0: ca:84:c4:fa:df:5d:20:0f:3f:d2:a6:06:fe:f8:18:07:a6:0b: 57:a2:1d:c8:fc:bf:9d:9f:bb:2a:cc:f4:df:bc:36:44:4b:09: 23:9b:e9:02:38:98:7f:6f:63:17:65:a7:2e:eb:be:9b:18:9c: 86:96:ce:0a:aa:62:28:e2:9c:d3:00:a9:92:0a:5d:3f:95:55: a8:6c:6e:98:a8:8f:ac:ff:be:80:de:4b:f1:1c:64:1c:d8:2d: 6a:c1:66:07:a4:73:c9:10:64:e2:5d:63:0a:49:19:28:3a:42: a4:fd:a1:32:27:9d:ea:c0:3d:42:bf:29:69:0d:3f:c3:62:b0: 63:26:68:fe:b0:6f:30:d5:44:5a:d4:d3:f9:48:19:29:ca:59: 99:d0:9c:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt0KEJkYn0fSxmd4kCT7gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh ZGUyY2MwHhcNMjUxMjIxMjEwMTA0WhcNMjUxMjIyMjEwMTA0WjAzMTEwLwYDVQQD Eyg5NDZhYzI0Nzk3ODYwNGU2MDUzOTY3ZmYxMzM1ZTIxYjkxNmM0NmU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0X1Vp6Jeg9wT/urFGb9fP+IHbZHD RFZIRKa3vBIWTmtw+J8hYW+kSkkxrGvtZDes5Gm+T5mJXVIbdV6RcHnpG1fh5CnD MdB+Y0nm9D+a8xfpfHjFEP2XFm9b4WygJTYdQq0umdURZWQWktZdm6CVQLJiraid Fsf/+em6Qrrc5yKK/NvCt1Vf22iniG45WnmFfn/99Z/cZbl5mwIs4h9VI6CDun0f iAuvRoJpWTtzjHrFthQmdCWaQ6ymLbQuy1cCRrpO2bQj0/+IZIz9Vq7o/p7L78A/ 9Yw2K/Kc9QFgvV8xQC5Q/17/KcWoEyovR/4d28XGBzOMrh6DIqDMpn6fXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJRqwkeXhgTmBTln/xM14huRbEblMB8GA1UdIwQY MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfF/LvOov CVIhEz6c3Jy4XoshSTy8X0mgBDh80d9grFE4KfxKjeHWrOCA45wjDqUce7y6vZMn +1Je4+J8xY9LT3k7X4nOgmD/Izjd1I0KFnUTfMlQE7q2UQfDj4ujkwAc8uq+xl7b S8Pt733QyoTE+t9dIA8/0qYG/vgYB6YLV6IdyPy/nZ+7Ksz037w2REsJI5vpAjiY f29jF2WnLuu+mxichpbOCqpiKOKc0wCpkgpdP5VVqGxumKiPrP++gN5L8RxkHNgt asFmB6RzyRBk4l1jCkkZKDpCpP2hMied6sA9Qr8paQ0/w2KwYyZo/rBvMNVEWtTT +UgZKcpZmdCcpA== -----END CERTIFICATE-----Generated at Mon Dec 22 04:02:03 2025 by rpki-client