This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft File: y-lwmA1WXMdK2ylKpox7BvUTKJA.mft (raw, json) Hash identifier: vatwEjwHyAq6Rb3jGtqzal6l93M+WKg1P5rCjeWAIdM= Subject key identifier: AC:C2:C8:4C:08:A2:C0:5F:4A:94:B2:CB:A9:5C:8F:9A:03:71:FF:24 Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90 Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890 Certificate serial: 019B533CC4D0DDA0A1052627DA450F026554 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft Manifest number: 0A9F Signing time: Thu 25 Dec 2025 02:00:49 +0000 Manifest this update: Thu 25 Dec 2025 02:00:49 +0000 Manifest next update: Fri 26 Dec 2025 02:00:49 +0000 Files and hashes: 1: w3_nPHf7a07mKfqvAI84MjCWgdc.roa (hash: zETLR/82/cCeh7r1wtGHL+Bc+UNE2hnrIZTGYx5oKPQ=) 2: y-lwmA1WXMdK2ylKpox7BvUTKJA.crl (hash: c4fkfVjKGJ7dnU+xgWNj97oA3ObFkmFziAXdLNhN0L0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:3c:c4:d0:dd:a0:a1:05:26:27:da:45:0f:02:65:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890 Validity Not Before: Dec 25 02:00:49 2025 GMT Not After : Dec 26 02:00:49 2025 GMT Subject: CN=acc2c84c08a2c05f4a94b2cba95c8f9a0371ff24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3d:9d:69:85:16:8e:c8:8a:12:e2:b9:2a:33: f0:23:39:fa:e4:07:ed:b4:cc:a9:a5:38:e6:c0:8b: 52:9a:15:de:ca:83:28:97:76:f3:31:91:0a:7a:89: a8:6b:11:7b:64:da:90:78:c4:24:ff:a3:2c:12:7b: 9e:68:65:87:e3:8f:b4:1a:17:a2:b1:fb:b0:d6:c4: e6:31:80:36:75:02:16:f2:6f:7f:6c:65:19:26:d3: d6:a3:26:70:a2:01:3a:03:af:fa:51:6c:b2:73:4c: f8:12:c1:d4:24:65:ac:f2:07:80:05:54:07:a6:ee: b5:ba:4a:d2:18:77:21:1c:67:ab:99:e6:4a:46:b3: bf:a8:7a:37:f3:53:b5:39:28:69:a4:ad:e8:6d:52: 28:b5:94:6b:c9:98:77:26:3c:12:89:2d:67:37:73: eb:74:43:32:8f:10:61:6a:ae:bc:ab:9e:24:33:22: 13:95:ff:c9:a2:2b:5e:6a:b4:6c:1d:19:9c:2b:a3: 95:4d:c0:50:d3:c0:3e:cf:b1:cd:2d:28:40:7b:9b: 50:f4:26:5a:78:be:33:b6:e9:36:88:f8:f1:9c:44: f4:78:ee:97:d4:4b:e2:dd:ce:d7:4f:f1:12:9c:1e: 0f:ce:0b:15:fc:97:28:40:8b:f8:e3:2f:8a:5d:37: d4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:C2:C8:4C:08:A2:C0:5F:4A:94:B2:CB:A9:5C:8F:9A:03:71:FF:24 X509v3 Authority Key Identifier: keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:94:33:19:0f:de:1a:21:8d:00:cf:b0:f5:f0:a8:91:65:5f: 5b:17:97:04:03:a6:f4:e4:89:b9:16:52:35:98:e2:fc:a1:47: 69:72:d0:90:81:db:9d:76:bb:b5:36:bc:1c:18:9e:9d:87:5e: 28:55:1c:30:04:6c:f4:bc:6d:2c:ff:ed:4b:e8:ed:cf:d6:0f: 21:ff:1f:e1:30:39:67:23:db:20:00:ed:bf:c7:61:26:eb:75: d7:9a:00:8e:19:1c:f4:8f:ab:b8:af:f5:11:9c:50:2c:d7:82: b9:43:80:cb:8a:10:8e:3a:f9:3e:ba:87:6c:36:ac:3a:44:25: 86:2a:b1:f9:3c:87:cb:96:d7:90:ce:58:56:4a:10:ac:c1:7a: c1:00:76:ed:84:e1:aa:b6:fe:1d:e7:f7:d0:bd:ed:27:2f:e2: d5:82:e6:76:5d:53:0a:c7:29:a1:9a:08:5a:0f:ca:34:b2:b2: 51:ad:d2:a7:c1:1f:ad:49:78:31:36:0d:f0:f5:0f:6b:54:0d: 48:53:aa:a7:b5:7f:c2:95:55:80:db:1f:df:8b:85:90:05:f9: c6:74:ba:c3:8c:46:aa:ba:22:e2:c2:89:53:eb:1e:c7:76:8f: cb:5c:a4:5c:8e:f4:2a:69:4b:1c:d8:17:9e:3a:b7:13:2d:1c: 92:9a:f3:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTPMTQ3aChBSYn2kUPAmVUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx MzI4OTAwHhcNMjUxMjI1MDIwMDQ5WhcNMjUxMjI2MDIwMDQ5WjAzMTEwLwYDVQQD EyhhY2MyYzg0YzA4YTJjMDVmNGE5NGIyY2JhOTVjOGY5YTAzNzFmZjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD2daYUWjsiKEuK5KjPwIzn65Aft tMyppTjmwItSmhXeyoMol3bzMZEKeomoaxF7ZNqQeMQk/6MsEnueaGWH44+0Ghei sfuw1sTmMYA2dQIW8m9/bGUZJtPWoyZwogE6A6/6UWyyc0z4EsHUJGWs8geABVQH pu61ukrSGHchHGermeZKRrO/qHo381O1OShppK3obVIotZRryZh3JjwSiS1nN3Pr dEMyjxBhaq68q54kMyITlf/JoitearRsHRmcK6OVTcBQ08A+z7HNLShAe5tQ9CZa eL4ztuk2iPjxnET0eO6X1Evi3c7XT/ESnB4PzgsV/JcoQIv44y+KXTfU2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKzCyEwIosBfSpSyy6lcj5oDcf8kMB8GA1UdIwQY MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt NzU2YTA4YTRhZGRhLzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjpQzGQ/e GiGNAM+w9fCokWVfWxeXBAOm9OSJuRZSNZji/KFHaXLQkIHbnXa7tTa8HBienYde KFUcMARs9LxtLP/tS+jtz9YPIf8f4TA5ZyPbIADtv8dhJut115oAjhkc9I+ruK/1 EZxQLNeCuUOAy4oQjjr5PrqHbDasOkQlhiqx+TyHy5bXkM5YVkoQrMF6wQB27YTh qrb+Hef30L3tJy/i1YLmdl1TCscpoZoIWg/KNLKyUa3Sp8EfrUl4MTYN8PUPa1QN SFOqp7V/wpVVgNsf34uFkAX5xnS6w4xGqroi4sKJU+sex3aPy1ykXI70KmlLHNgX njq3Ey0ckprztw== -----END CERTIFICATE-----Generated at Thu Dec 25 03:27:42 2025 by rpki-client