This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft File: 9naIfyLs2o0HSBWgvPkfr4GUKr0.mft (raw, json) Hash identifier: mvWkTdO+UNRGMCth801IE30LrvZKek9jWW2lfpnfGKA= Subject key identifier: 20:AE:D8:49:90:84:FC:F6:BF:3A:00:BE:32:83:8E:1F:32:0D:39:DC Authority key identifier: F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD Certificate issuer: /CN=f676887f22ecda8d074815a0bcf91faf81942abd Certificate serial: 019B5C76A8F247416A7A9916A4C513CF1BCE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft Manifest number: 0A63 Signing time: Fri 26 Dec 2025 21:00:38 +0000 Manifest this update: Fri 26 Dec 2025 21:00:38 +0000 Manifest next update: Sat 27 Dec 2025 21:00:38 +0000 Files and hashes: 1: 1--aJOHbG2HarYQRIFHME9kGdrI8.roa (hash: e0PFqEIF1I8KQrFh+AG+JLWzJuU3cKKiEgrK5TdCBkw=) 2: 9naIfyLs2o0HSBWgvPkfr4GUKr0.crl (hash: ZgAaiwm0sLASV6jfNWH8x5tyyHCsl8DNk7QrjTAIjE8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:76:a8:f2:47:41:6a:7a:99:16:a4:c5:13:cf:1b:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f676887f22ecda8d074815a0bcf91faf81942abd Validity Not Before: Dec 26 21:00:38 2025 GMT Not After : Dec 27 21:00:38 2025 GMT Subject: CN=20aed8499084fcf6bf3a00be32838e1f320d39dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:51:6c:87:03:0d:a8:e2:31:93:3c:ae:54:b7: 21:e9:49:04:80:e7:0c:1a:e1:9b:4d:df:91:59:d9: a5:58:fd:6b:71:2a:6d:2c:4b:5b:11:6d:31:03:1a: 4a:a8:d7:3a:9b:a9:da:c0:ac:90:b1:a4:48:32:18: 87:eb:b1:2a:d2:db:35:0f:52:d1:c0:57:7e:13:a3: 71:a2:59:de:16:e0:45:4f:e8:32:09:3e:c6:35:10: a6:ec:77:c7:db:17:e8:60:8b:fa:a1:5f:47:43:33: dc:bf:6b:49:95:d7:44:c3:ba:9d:63:b6:7c:ee:10: ff:b3:f7:00:f1:d2:25:79:85:8e:44:95:4a:73:a0: bc:27:a7:7b:ac:6d:0a:67:d5:7e:19:fd:a9:5c:d2: 5e:39:eb:b3:c1:49:d6:eb:fb:2a:49:06:1e:85:78: 3e:c6:9c:25:5d:f7:4b:d8:46:f0:91:d5:ce:53:ca: 87:fa:06:1a:b5:2c:c9:5e:63:9d:57:5c:1b:43:fd: af:a1:dd:ac:5c:6a:a2:f3:fd:72:b1:15:51:54:73: 1e:2c:64:d8:0e:66:f1:86:2f:d4:7c:2c:74:a7:30: aa:34:d5:05:e9:4f:41:13:1f:5d:f0:ac:8c:fb:58: 6e:43:52:c2:9c:6d:f1:41:e3:c1:1c:2b:e8:c5:14: e5:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:AE:D8:49:90:84:FC:F6:BF:3A:00:BE:32:83:8E:1F:32:0D:39:DC X509v3 Authority Key Identifier: keyid:F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:29:56:c0:48:07:b1:1d:b3:1a:33:7c:38:f5:07:23:33:f4: a6:a6:b1:7c:87:db:02:aa:ac:36:3d:68:89:f3:83:e8:58:ed: 7b:2a:4b:ae:ac:b9:70:67:e8:d4:08:e0:b7:48:a0:05:39:53: b8:0c:05:de:be:80:a1:b6:e8:d7:82:b1:a4:f7:f8:69:a8:a5: 11:eb:66:31:29:ce:ed:8e:10:be:17:0a:57:c4:d4:6f:06:8a: 3a:28:35:45:95:69:f3:0c:7b:2c:32:ca:56:1a:64:ba:de:06: 1e:d4:71:00:90:92:02:74:6c:2c:9c:94:3c:b7:7e:a0:14:9f: 72:01:e2:b9:92:24:16:d2:d2:29:0b:22:7c:b2:af:63:af:75: 58:3c:a4:ff:dd:41:06:bd:cd:33:32:fb:2c:41:87:63:88:7e: 57:b9:ef:54:5d:29:14:17:b7:17:5d:cf:fd:1e:50:ee:98:3b: 9f:93:55:e3:0f:f1:a0:04:43:d8:a1:d3:18:76:8c:d8:3f:48: 40:e1:d0:fd:d1:12:20:78:9e:e8:75:83:b9:34:81:4d:4c:12: 96:b5:50:0d:b9:d8:18:3d:5f:31:fb:cb:e7:74:ff:21:cf:81: 39:8b:70:61:33:8c:82:ac:52:e6:7b:62:5c:dc:b7:59:ad:04: 4f:89:d6:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcdqjyR0FqepkWpMUTzxvOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY2NzY4ODdmMjJlY2RhOGQwNzQ4MTVhMGJjZjkxZmFmODE5 NDJhYmQwHhcNMjUxMjI2MjEwMDM4WhcNMjUxMjI3MjEwMDM4WjAzMTEwLwYDVQQD EygyMGFlZDg0OTkwODRmY2Y2YmYzYTAwYmUzMjgzOGUxZjMyMGQzOWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVFshwMNqOIxkzyuVLch6UkEgOcM GuGbTd+RWdmlWP1rcSptLEtbEW0xAxpKqNc6m6nawKyQsaRIMhiH67Eq0ts1D1LR wFd+E6NxolneFuBFT+gyCT7GNRCm7HfH2xfoYIv6oV9HQzPcv2tJlddEw7qdY7Z8 7hD/s/cA8dIleYWORJVKc6C8J6d7rG0KZ9V+Gf2pXNJeOeuzwUnW6/sqSQYehXg+ xpwlXfdL2EbwkdXOU8qH+gYatSzJXmOdV1wbQ/2vod2sXGqi8/1ysRVRVHMeLGTY Dmbxhi/UfCx0pzCqNNUF6U9BEx9d8KyM+1huQ1LCnG3xQePBHCvoxRTlrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCCu2EmQhPz2vzoAvjKDjh8yDTncMB8GA1UdIwQY MBaAFPZ2iH8i7NqNB0gVoLz5H6+BlCq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEt Y2QyZGNiMzU1NjU1LzEvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEtY2QyZGNiMzU1NjU1 LzEvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADSlWwEgH sR2zGjN8OPUHIzP0pqaxfIfbAqqsNj1oifOD6FjteypLrqy5cGfo1Ajgt0igBTlT uAwF3r6Aobbo14KxpPf4aailEetmMSnO7Y4QvhcKV8TUbwaKOig1RZVp8wx7LDLK Vhpkut4GHtRxAJCSAnRsLJyUPLd+oBSfcgHiuZIkFtLSKQsifLKvY691WDyk/91B Br3NMzL7LEGHY4h+V7nvVF0pFBe3F13P/R5Q7pg7n5NV4w/xoARD2KHTGHaM2D9I QOHQ/dESIHie6HWDuTSBTUwSlrVQDbnYGD1fMfvL53T/Ic+BOYtwYTOMgqxS5nti XNy3Wa0ET4nW9Q== -----END CERTIFICATE-----Generated at Sat Dec 27 04:51:13 2025 by rpki-client