This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft File: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json) Hash identifier: PqI9U+TUtLXNZUTzxIjNmnR70H4tZ8chyHxRVTqzVhE= Subject key identifier: 40:4F:B2:FF:20:D8:4C:B3:2C:DC:A2:8E:FB:24:54:ED:D1:C9:47:DB Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 Certificate issuer: /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Certificate serial: 019B5D53173D0D593862C46F8AC5349C5C09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft Manifest number: 1795 Signing time: Sat 27 Dec 2025 01:01:24 +0000 Manifest this update: Sat 27 Dec 2025 01:01:24 +0000 Manifest next update: Sun 28 Dec 2025 01:01:24 +0000 Files and hashes: 1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: UC4nMVNAU8HLJWmmdlwhUByB6h9i0h3Cy4P55AmYJ3U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:53:17:3d:0d:59:38:62:c4:6f:8a:c5:34:9c:5c:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Validity Not Before: Dec 27 01:01:24 2025 GMT Not After : Dec 28 01:01:24 2025 GMT Subject: CN=404fb2ff20d84cb32cdca28efb2454edd1c947db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:dd:88:e8:0c:8e:04:94:98:ef:48:0a:f0:13: ac:ad:60:85:05:68:5b:c6:d3:08:35:30:7d:16:7f: 9f:ba:af:ac:db:06:ce:40:d3:83:62:36:61:16:8f: 22:70:0b:35:12:74:0a:e2:c9:fa:6b:fa:a0:87:3a: ac:fd:9b:c4:cb:b8:62:ef:d4:3f:de:b3:ab:02:f1: 46:0d:17:1d:0a:6d:3a:73:99:03:88:7d:b5:70:1e: 85:42:f6:98:d4:fe:4a:ca:11:b6:44:20:bf:af:ef: b2:8a:ef:22:28:ae:69:42:0b:09:d4:55:9f:00:43: ea:6b:ab:fc:61:1c:5b:ea:62:de:0f:92:e7:69:24: 6a:74:8f:79:77:ca:f7:f0:d2:cb:b7:05:44:26:a2: 4d:2e:e4:9f:a4:78:68:7c:c0:f9:43:b5:d8:da:0d: c9:47:56:43:0e:bf:1d:e5:00:03:72:1f:24:95:f1: 16:0d:b1:74:5d:5e:33:e3:85:b3:e9:59:15:9a:cf: a6:ec:21:7c:28:d6:a2:a7:61:dc:1f:d1:6a:5b:0a: c5:9f:1d:e2:e2:aa:4b:7c:5c:b9:13:6c:9e:82:c4: 41:30:20:b7:dd:d6:03:dd:68:b9:4f:2a:ce:25:29: 2e:ac:23:3d:92:25:1c:51:92:13:85:b7:3c:a1:5a: a7:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:4F:B2:FF:20:D8:4C:B3:2C:DC:A2:8E:FB:24:54:ED:D1:C9:47:DB X509v3 Authority Key Identifier: keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:6d:89:88:53:3d:b8:ec:ce:ab:ac:9b:56:70:52:5b:1a:59: a7:e4:73:14:77:11:a2:d0:c8:32:f7:6f:cc:ef:d9:48:5e:de: 4e:63:10:b5:df:ab:e0:3f:27:ee:fc:2d:88:72:01:9e:2d:88: e4:4b:47:fd:37:72:73:80:2a:d4:c6:97:83:c8:bb:19:02:4e: 49:e3:23:6a:ab:37:9c:12:2f:7b:0e:3a:ab:05:1f:b5:ff:65: 1a:93:c4:92:4f:ee:f9:f1:e7:4f:0b:4a:c8:04:04:72:76:ee: 7a:d4:27:73:8a:79:cd:44:6f:9c:84:a4:7d:b2:ed:64:f8:47: 2f:de:c4:4a:60:bf:ce:ef:83:37:2e:cf:ff:c6:f0:1b:d6:cb: bd:28:c8:be:ed:0e:25:4c:d8:0e:32:0f:05:6a:9a:d1:49:0b: b0:39:4a:57:b1:66:55:9d:92:a0:26:bb:f8:c5:33:ea:7a:b0: 36:20:b5:5d:13:62:30:60:6e:ee:b8:53:5e:3f:85:da:d8:5c: 51:3a:b0:7b:43:b4:47:8d:1e:ed:7f:37:66:9f:3c:84:7d:c2: 27:13:bf:51:72:9b:dd:15:8c:1e:08:39:65:86:ac:8c:63:8a: a9:35:4e:1c:69:57:bd:5d:ea:22:ff:62:24:a5:75:e2:3e:49: 3e:e1:bd:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUxc9DVk4YsRvisU0nFwJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy OGE5NDIwHhcNMjUxMjI3MDEwMTI0WhcNMjUxMjI4MDEwMTI0WjAzMTEwLwYDVQQD Eyg0MDRmYjJmZjIwZDg0Y2IzMmNkY2EyOGVmYjI0NTRlZGQxYzk0N2RiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN2I6AyOBJSY70gK8BOsrWCFBWhb xtMINTB9Fn+fuq+s2wbOQNODYjZhFo8icAs1EnQK4sn6a/qghzqs/ZvEy7hi79Q/ 3rOrAvFGDRcdCm06c5kDiH21cB6FQvaY1P5KyhG2RCC/r++yiu8iKK5pQgsJ1FWf AEPqa6v8YRxb6mLeD5LnaSRqdI95d8r38NLLtwVEJqJNLuSfpHhofMD5Q7XY2g3J R1ZDDr8d5QADch8klfEWDbF0XV4z44Wz6VkVms+m7CF8KNaip2HcH9FqWwrFnx3i 4qpLfFy5E2yegsRBMCC33dYD3Wi5TyrOJSkurCM9kiUcUZIThbc8oVqn1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEBPsv8g2EyzLNyijvskVO3RyUfbMB8GA1UdIwQY MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIm2JiFM9 uOzOq6ybVnBSWxpZp+RzFHcRotDIMvdvzO/ZSF7eTmMQtd+r4D8n7vwtiHIBni2I 5EtH/Tdyc4Aq1MaXg8i7GQJOSeMjaqs3nBIvew46qwUftf9lGpPEkk/u+fHnTwtK yAQEcnbuetQnc4p5zURvnISkfbLtZPhHL97ESmC/zu+DNy7P/8bwG9bLvSjIvu0O JUzYDjIPBWqa0UkLsDlKV7FmVZ2SoCa7+MUz6nqwNiC1XRNiMGBu7rhTXj+F2thc UTqwe0O0R40e7X83Zp88hH3CJxO/UXKb3RWMHgg5ZYasjGOKqTVOHGlXvV3qIv9i JKV14j5JPuG9RA== -----END CERTIFICATE-----Generated at Sat Dec 27 07:08:42 2025 by rpki-client