This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft File: hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json) Hash identifier: tnqq1ohNtAEca36R3Vn6dD3XzD2TPQ8BMf29BI8cn54= Subject key identifier: 8A:57:A3:64:64:DA:4E:77:B7:9C:04:F8:A5:0B:63:5E:33:AC:71:D2 Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9 Certificate issuer: /CN=872caae9f0fb79dec6844beace8c221cef4d32c9 Certificate serial: 019B7480CE830C69F0B23D405062BC20DA1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft Manifest number: 122D Signing time: Wed 31 Dec 2025 13:02:37 +0000 Manifest this update: Wed 31 Dec 2025 13:02:37 +0000 Manifest next update: Thu 01 Jan 2026 13:02:37 +0000 Files and hashes: 1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: Ig6bphoqtZcZoyrMnNqanwlK6PgrMPLZ3hPJciZ4qvg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 13:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:74:80:ce:83:0c:69:f0:b2:3d:40:50:62:bc:20:da:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9 Validity Not Before: Dec 31 13:02:37 2025 GMT Not After : Jan 1 13:02:37 2026 GMT Subject: CN=8a57a36464da4e77b79c04f8a50b635e33ac71d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:de:e2:2f:c1:58:6c:53:b1:37:ec:a3:5a:3d: 3a:b6:55:87:ce:60:50:cd:4a:11:49:6b:9d:bc:4b: c5:20:b0:c7:8c:1c:5d:b6:d8:15:da:3b:bb:d3:f5: 70:4e:e7:5b:86:19:04:44:5f:71:53:22:fe:39:9e: 68:8e:5b:b3:fa:0e:ad:1e:ca:59:23:e4:79:fe:0f: 82:b9:3b:b2:f0:be:87:5e:2b:ff:45:08:d7:34:9d: ef:b5:a1:9e:40:e9:c8:76:e8:13:7d:ad:8b:b1:f2: 36:a8:3a:1c:75:2f:e5:be:d9:ba:b4:30:1d:15:8d: f2:64:28:49:d8:a0:98:4e:57:a2:1d:9e:88:bc:db: 69:5c:da:76:a5:ee:51:3b:77:5b:3d:72:ae:61:7f: 0e:8f:54:9d:f7:0e:5b:f9:ef:57:91:20:0a:f9:09: eb:24:0f:b8:79:ca:c9:af:08:e1:bd:a3:19:ad:90: 35:24:2d:c1:ee:ed:e5:d0:c3:0c:c0:28:e7:30:1f: 0a:90:a2:75:0c:93:0a:95:11:20:ff:09:9c:b4:ed: db:b9:50:d2:4f:c1:2f:9c:e4:29:76:52:cd:f4:d8: 5e:4d:49:24:46:6c:80:9e:cb:3b:cd:51:1a:05:7d: c9:55:0d:90:a5:63:45:5f:79:43:0b:07:5d:10:84: 3d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:57:A3:64:64:DA:4E:77:B7:9C:04:F8:A5:0B:63:5E:33:AC:71:D2 X509v3 Authority Key Identifier: keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:a0:9c:f3:86:af:76:d6:1f:00:95:b5:b3:f5:26:66:ea:ea: bb:ec:ed:bf:7c:3c:71:8a:62:fd:ce:00:62:8b:96:ba:09:9c: 7e:cd:12:e5:1d:0e:0f:f8:19:0f:70:f7:4d:21:bb:a0:a0:b3: e0:48:87:6d:12:f9:a6:34:92:63:a8:59:7b:6b:16:25:89:43: e0:14:7b:c5:0d:de:55:ba:dd:c1:ab:ab:13:02:14:84:8a:23: 1e:be:ba:35:10:24:c1:e8:b1:69:83:29:4f:93:cf:ee:d4:53: 34:11:68:50:f9:7f:9c:47:9f:cb:f9:0b:99:ea:fb:db:f4:46: b8:fb:ad:af:c0:a6:40:58:a6:63:6d:1c:c1:c7:b0:ab:cc:6b: 5a:a9:07:94:70:3e:0f:26:cc:61:4c:7f:fc:40:53:37:06:a5: c7:bf:ea:95:43:e9:f0:aa:3e:ca:10:a6:9a:4c:00:c6:82:c1: 24:6a:4a:cc:38:82:a0:5b:30:b4:7b:b7:76:79:9c:8d:bb:f0: 9b:3d:3a:c8:5c:43:fa:4c:ff:a0:a3:3f:1f:c4:a4:70:58:13: 70:01:b9:d6:94:c9:37:ba:54:f0:b6:c8:ab:af:e3:fe:06:c1: 62:dc:cc:c2:30:1e:c6:70:c6:f5:0c:65:54:62:00:d8:f9:e9: 99:76:31:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt0gM6DDGnwsj1AUGK8INofMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0 ZDMyYzkwHhcNMjUxMjMxMTMwMjM3WhcNMjYwMTAxMTMwMjM3WjAzMTEwLwYDVQQD Eyg4YTU3YTM2NDY0ZGE0ZTc3Yjc5YzA0ZjhhNTBiNjM1ZTMzYWM3MWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt7iL8FYbFOxN+yjWj06tlWHzmBQ zUoRSWudvEvFILDHjBxdttgV2ju70/VwTudbhhkERF9xUyL+OZ5ojluz+g6tHspZ I+R5/g+CuTuy8L6HXiv/RQjXNJ3vtaGeQOnIdugTfa2LsfI2qDocdS/lvtm6tDAd FY3yZChJ2KCYTleiHZ6IvNtpXNp2pe5RO3dbPXKuYX8Oj1Sd9w5b+e9XkSAK+Qnr JA+4ecrJrwjhvaMZrZA1JC3B7u3l0MMMwCjnMB8KkKJ1DJMKlREg/wmctO3buVDS T8EvnOQpdlLN9NheTUkkRmyAnss7zVEaBX3JVQ2QpWNFX3lDCwddEIQ9mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIpXo2Rk2k53t5wE+KULY14zrHHSMB8GA1UdIwQY MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3 LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm6Cc84av dtYfAJW1s/UmZurqu+ztv3w8cYpi/c4AYouWugmcfs0S5R0OD/gZD3D3TSG7oKCz 4EiHbRL5pjSSY6hZe2sWJYlD4BR7xQ3eVbrdwaurEwIUhIojHr66NRAkweixaYMp T5PP7tRTNBFoUPl/nEefy/kLmer72/RGuPutr8CmQFimY20cwcewq8xrWqkHlHA+ DybMYUx//EBTNwalx7/qlUPp8Ko+yhCmmkwAxoLBJGpKzDiCoFswtHu3dnmcjbvw mz06yFxD+kz/oKM/H8SkcFgTcAG51pTJN7pU8LbIq6/j/gbBYtzMwjAexnDG9Qxl VGIA2PnpmXYxjQ== -----END CERTIFICATE-----Generated at Wed Dec 31 21:46:33 2025 by rpki-client