This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft File: pYQcxzKsc43B4_5nwS5RBL74Y7o.mft (raw, json) Hash identifier: GQDidlWET3pxi19i6WCLuRPsvFhhhOQkGLatGcL7ZIs= Subject key identifier: C3:84:8D:07:FA:C0:AB:F7:38:4B:86:1B:F3:2F:B1:C7:F5:0B:0E:59 Authority key identifier: A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA Certificate issuer: /CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba Certificate serial: 019B6BB35313AEA951BFA2BF078A0927ADF5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft Manifest number: 0D8A Signing time: Mon 29 Dec 2025 20:01:12 +0000 Manifest this update: Mon 29 Dec 2025 20:01:12 +0000 Manifest next update: Tue 30 Dec 2025 20:01:12 +0000 Files and hashes: 1: pYQcxzKsc43B4_5nwS5RBL74Y7o.crl (hash: CPtStern9+EpDj1DVp4Z5GK1IwwXahbOTzItb5aruIo=) 2: vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa (hash: K2VF0naJWK7Qtyx/C6l0KfqLVoX8m+LdPWumnPHJSTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:b3:53:13:ae:a9:51:bf:a2:bf:07:8a:09:27:ad:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba Validity Not Before: Dec 29 20:01:12 2025 GMT Not After : Dec 30 20:01:12 2025 GMT Subject: CN=c3848d07fac0abf7384b861bf32fb1c7f50b0e59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:29:68:f9:c4:ac:18:60:49:fe:fe:8b:60:db: e4:13:7a:6c:f9:8d:2c:84:0f:41:72:b9:d9:e2:86: bb:ee:96:32:ae:5d:e5:77:7f:02:8e:eb:8b:7a:5a: fb:72:c7:81:41:6c:5c:36:89:c6:85:90:55:c3:b6: 11:3b:d0:ad:53:44:e3:01:23:71:2c:aa:9a:34:92: 41:4a:59:0f:af:14:d0:a8:56:68:c7:c5:04:d7:82: 42:8b:7e:5b:a7:1f:5c:a6:35:e9:f8:0d:16:29:8a: c8:c2:94:e3:d3:b9:34:5f:8e:0d:53:02:0d:29:e8: 94:0b:61:82:d3:cd:2b:60:62:94:e1:8c:63:09:d4: ef:5e:fd:96:48:4f:b1:9a:4c:56:1c:d5:ac:88:c2: 00:eb:f5:db:28:8f:52:e4:8e:56:1c:3f:b5:3c:bf: 94:83:2f:b8:d1:09:a8:a9:24:fa:ee:60:91:30:3d: 79:96:99:b7:7b:e4:22:5b:4b:8a:16:1f:45:cc:1d: 15:8d:9c:75:ec:25:48:a7:60:f4:f7:f8:35:dc:79: 57:5c:8e:50:25:42:17:e8:81:d0:05:b8:98:6c:6f: 00:c0:cc:87:48:15:b0:55:6a:13:15:36:f6:47:30: 23:0c:a1:35:87:3b:e0:7e:bf:32:67:60:47:20:1a: c6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:84:8D:07:FA:C0:AB:F7:38:4B:86:1B:F3:2F:B1:C7:F5:0B:0E:59 X509v3 Authority Key Identifier: keyid:A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:04:0f:c6:b8:e3:c4:a1:6e:c9:1f:df:02:42:99:5a:d0:b3: d8:ce:34:e2:d2:7e:a7:8b:12:99:37:43:27:9a:49:9a:69:88: d4:03:33:25:6b:57:d3:a5:08:c0:6c:8f:56:6e:a8:5e:0d:93: 47:84:e6:7c:84:a5:43:b2:ab:fd:5a:46:fa:0e:ab:ac:59:20: d9:a9:5c:82:7a:47:a1:80:9c:77:cf:7e:6b:be:45:3b:21:0f: c1:0d:7d:ae:88:74:99:48:7a:34:97:6f:f0:d4:f9:de:0d:bf: ad:45:5e:f9:1b:05:dd:85:f5:52:70:c7:1a:b9:ae:7b:ee:52: 38:45:3e:1d:7a:ec:9a:12:32:11:b4:41:b8:b4:ed:77:66:fb: 50:4e:84:cb:68:12:b4:98:99:eb:20:c9:bd:94:90:03:c5:74: 2b:d6:34:d9:fc:13:f5:68:1f:26:22:8a:48:bf:4e:f8:d1:31: bd:e4:9c:3b:b6:ca:77:f4:cb:82:21:ba:a6:21:69:a7:12:cb: 68:4a:55:93:a3:a5:22:4f:87:e2:80:c9:a0:e5:ea:65:ac:6c: a4:fc:60:ec:fc:45:f6:0c:15:c2:88:3c:8e:37:06:d0:3b:c1: ae:6c:43:ec:67:8c:22:ca:ba:04:e3:82:f4:d5:8f:05:a9:b3: 4c:d1:7b:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtrs1MTrqlRv6K/B4oJJ631MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1ODQxY2M3MzJhYzczOGRjMWUzZmU2N2MxMmU1MTA0YmVm ODYzYmEwHhcNMjUxMjI5MjAwMTEyWhcNMjUxMjMwMjAwMTEyWjAzMTEwLwYDVQQD EyhjMzg0OGQwN2ZhYzBhYmY3Mzg0Yjg2MWJmMzJmYjFjN2Y1MGIwZTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjylo+cSsGGBJ/v6LYNvkE3ps+Y0s hA9BcrnZ4oa77pYyrl3ld38CjuuLelr7cseBQWxcNonGhZBVw7YRO9CtU0TjASNx LKqaNJJBSlkPrxTQqFZox8UE14JCi35bpx9cpjXp+A0WKYrIwpTj07k0X44NUwIN KeiUC2GC080rYGKU4YxjCdTvXv2WSE+xmkxWHNWsiMIA6/XbKI9S5I5WHD+1PL+U gy+40QmoqST67mCRMD15lpm3e+QiW0uKFh9FzB0VjZx17CVIp2D09/g13HlXXI5Q JUIX6IHQBbiYbG8AwMyHSBWwVWoTFTb2RzAjDKE1hzvgfr8yZ2BHIBrG5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMOEjQf6wKv3OEuGG/Mvscf1Cw5ZMB8GA1UdIwQY MBaAFKWEHMcyrHONweP+Z8EuUQS++GO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQt NjY2NjBiMjIyZmIwLzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQtNjY2NjBiMjIyZmIw LzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZAQPxrjj xKFuyR/fAkKZWtCz2M404tJ+p4sSmTdDJ5pJmmmI1AMzJWtX06UIwGyPVm6oXg2T R4TmfISlQ7Kr/VpG+g6rrFkg2alcgnpHoYCcd89+a75FOyEPwQ19roh0mUh6NJdv 8NT53g2/rUVe+RsF3YX1UnDHGrmue+5SOEU+HXrsmhIyEbRBuLTtd2b7UE6Ey2gS tJiZ6yDJvZSQA8V0K9Y02fwT9WgfJiKKSL9O+NExveScO7bKd/TLgiG6piFppxLL aEpVk6OlIk+H4oDJoOXqZaxspPxg7PxF9gwVwog8jjcG0DvBrmxD7GeMIsq6BOOC 9NWPBamzTNF75Q== -----END CERTIFICATE-----Generated at Mon Dec 29 22:48:38 2025 by rpki-client