This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft File: y1eZ2NBfSgIAEdyoAxdivqASJV0.mft (raw, json) Hash identifier: FQzyomQdybyRnBOoHe8RGAQQbtU+pKjCg+xHtpdAUEM= Subject key identifier: D2:6C:C1:02:CB:21:AE:61:89:0B:6C:20:A2:63:9B:56:46:6A:F1:74 Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d Certificate serial: 019B2A409E725B5082C8A3CB051A257215DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft Manifest number: 0CF2 Signing time: Wed 17 Dec 2025 03:00:36 +0000 Manifest this update: Wed 17 Dec 2025 03:00:36 +0000 Manifest next update: Thu 18 Dec 2025 03:00:36 +0000 Files and hashes: 1: FXCR9Lc6KgRx_HPpZhjXnE6ILJY.roa (hash: TawwcEelbsmmDw/jX+MvcIQud2NnCnis9eNEGbrjubs=) 2: y1eZ2NBfSgIAEdyoAxdivqASJV0.crl (hash: Ne0iABPdPRZpZXeDZ9vT5ZMsQjNEAA+RyG6fDCYShAI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 03:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2a:40:9e:72:5b:50:82:c8:a3:cb:05:1a:25:72:15:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d Validity Not Before: Dec 17 03:00:36 2025 GMT Not After : Dec 18 03:00:36 2025 GMT Subject: CN=d26cc102cb21ae61890b6c20a2639b56466af174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fb:f4:0e:00:e8:12:b1:65:06:f5:f5:70:d4: de:9b:e6:27:ba:a8:69:0a:99:65:47:c4:ac:a0:6e: e3:04:13:b0:38:1a:ce:f8:52:cd:83:ac:af:56:cf: 9a:b3:12:9a:39:18:f1:33:de:8d:7b:c0:f1:75:74: 52:03:1f:06:bc:df:ad:2d:f3:f6:61:f1:36:62:11: f8:d2:d0:eb:6e:0f:8b:49:72:99:b2:58:7b:39:b8: d7:54:9d:32:06:15:20:c4:e9:9b:97:a3:47:bb:d5: e4:95:42:b8:02:fa:6d:30:2c:d4:8d:97:6d:ee:07: cc:d1:2c:98:07:2c:1a:fd:86:6b:2c:ca:be:46:08: 72:ae:87:b6:81:e6:43:ff:9d:43:a1:a4:ae:d8:eb: 59:ea:2c:ac:25:48:e9:5b:07:5e:08:10:31:0b:c7: 58:7c:69:1d:5c:17:40:1c:6e:5f:f4:11:c2:b1:dc: f0:b5:25:81:71:09:f0:35:ba:e8:9f:c2:cd:40:8d: 20:f9:ef:95:7e:4c:2a:1c:56:8a:8b:aa:71:e3:47: 92:ea:93:c4:df:94:b0:85:76:c5:7e:7f:5a:a7:2c: cd:68:1a:9e:cf:17:b1:62:25:7c:3f:a2:66:75:5c: 86:e5:28:c2:46:a7:33:26:0b:4a:1c:e3:d6:45:12: 91:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:6C:C1:02:CB:21:AE:61:89:0B:6C:20:A2:63:9B:56:46:6A:F1:74 X509v3 Authority Key Identifier: keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:57:c2:bc:73:6a:67:95:19:08:aa:ad:af:a1:e1:3f:4d:6c: e3:c5:a7:19:7e:07:3e:a9:c8:4d:ec:50:13:4f:cf:03:f5:02: d4:d5:d5:ac:66:05:fd:d3:e2:ee:27:b7:2b:22:92:0a:11:ae: 43:df:13:5d:b7:0d:24:cf:31:c2:92:0c:74:f5:ac:88:bc:8a: 52:c8:af:f8:d7:70:96:c1:26:51:86:62:56:9b:eb:cb:35:ef: ef:39:9c:24:da:3e:e9:d1:0e:0e:e5:79:1c:19:7f:f9:24:5d: 3c:a5:e1:e2:35:06:1b:f4:ec:b5:9e:e8:e0:34:b7:2e:17:d6: f6:b4:8c:19:a8:a8:2b:ac:d6:83:2f:6a:c2:e8:59:91:97:35: 7a:35:83:6d:8d:39:3a:e5:96:45:b9:f9:20:d8:a4:e9:92:f1: b2:dc:f4:27:05:c2:04:e4:85:27:4a:61:ff:98:45:a8:0c:5d: c6:00:12:7f:dc:f4:9f:56:4d:18:61:a5:b0:be:a3:e0:9b:90: e2:78:92:ea:dc:e8:01:7f:66:d2:d3:a3:e1:76:6d:52:58:43: 26:4e:1a:0d:4d:61:4f:90:d4:ab:a1:e4:e1:35:d8:0d:f7:21: b1:ae:30:7c:bb:13:78:c6:96:8a:c8:6d:b7:16:c6:be:b7:4b: 38:97:39:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsqQJ5yW1CCyKPLBRolchXfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx MjI1NWQwHhcNMjUxMjE3MDMwMDM2WhcNMjUxMjE4MDMwMDM2WjAzMTEwLwYDVQQD EyhkMjZjYzEwMmNiMjFhZTYxODkwYjZjMjBhMjYzOWI1NjQ2NmFmMTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/v0DgDoErFlBvX1cNTem+Ynuqhp CpllR8SsoG7jBBOwOBrO+FLNg6yvVs+asxKaORjxM96Ne8DxdXRSAx8GvN+tLfP2 YfE2YhH40tDrbg+LSXKZslh7ObjXVJ0yBhUgxOmbl6NHu9XklUK4AvptMCzUjZdt 7gfM0SyYBywa/YZrLMq+Rghyroe2geZD/51DoaSu2OtZ6iysJUjpWwdeCBAxC8dY fGkdXBdAHG5f9BHCsdzwtSWBcQnwNbron8LNQI0g+e+VfkwqHFaKi6px40eS6pPE 35SwhXbFfn9apyzNaBqezxexYiV8P6JmdVyG5SjCRqczJgtKHOPWRRKRKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNJswQLLIa5hiQtsIKJjm1ZGavF0MB8GA1UdIwQY MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt NWM2MDJmZGU5NjNiLzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE1fCvHNq Z5UZCKqtr6HhP01s48WnGX4HPqnITexQE0/PA/UC1NXVrGYF/dPi7ie3KyKSChGu Q98TXbcNJM8xwpIMdPWsiLyKUsiv+NdwlsEmUYZiVpvryzXv7zmcJNo+6dEODuV5 HBl/+SRdPKXh4jUGG/TstZ7o4DS3LhfW9rSMGaioK6zWgy9qwuhZkZc1ejWDbY05 OuWWRbn5INik6ZLxstz0JwXCBOSFJ0ph/5hFqAxdxgASf9z0n1ZNGGGlsL6j4JuQ 4niS6tzoAX9m0tOj4XZtUlhDJk4aDU1hT5DUq6Hk4TXYDfchsa4wfLsTeMaWisht txbGvrdLOJc5bQ== -----END CERTIFICATE-----Generated at Wed Dec 17 09:51:34 2025 by rpki-client