This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft File: pYQcxzKsc43B4_5nwS5RBL74Y7o.mft (raw, json) Hash identifier: Souvb8xkbiN3wZ+aQV2qrQ7skKR74wpuks65HkfybM4= Subject key identifier: E6:33:F6:5D:70:53:C3:75:36:A7:32:81:8D:61:6A:A2:0B:E7:1D:1C Authority key identifier: A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA Certificate issuer: /CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba Certificate serial: 019B586324AB9773DCFFF65F0F14F5A85388 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft Manifest number: 0D80 Signing time: Fri 26 Dec 2025 02:00:50 +0000 Manifest this update: Fri 26 Dec 2025 02:00:50 +0000 Manifest next update: Sat 27 Dec 2025 02:00:50 +0000 Files and hashes: 1: pYQcxzKsc43B4_5nwS5RBL74Y7o.crl (hash: Xu17K7KZAP+xKRJhTpAphptPiAW/EHnQvsZWMVi7MgI=) 2: vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa (hash: K2VF0naJWK7Qtyx/C6l0KfqLVoX8m+LdPWumnPHJSTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 02:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:63:24:ab:97:73:dc:ff:f6:5f:0f:14:f5:a8:53:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba Validity Not Before: Dec 26 02:00:50 2025 GMT Not After : Dec 27 02:00:50 2025 GMT Subject: CN=e633f65d7053c37536a732818d616aa20be71d1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d6:00:f9:1b:93:6a:9b:88:a0:1e:19:d4:13: 44:99:6e:77:89:6e:4e:3f:fe:4b:75:bd:95:e7:28: d4:91:cd:3a:51:31:5c:91:99:8d:c1:4d:24:96:19: ee:b5:60:65:ab:1d:66:4f:71:39:5b:c3:1b:6c:71: a5:17:4d:eb:11:48:71:6c:4a:e4:8e:74:65:40:e4: 99:5d:ea:e4:ba:7c:f6:77:bd:de:29:8c:04:ee:12: e3:ef:f2:41:7f:84:69:c4:db:e5:16:bb:5d:ef:82: 2c:78:a6:c2:16:e0:e1:b6:8a:7e:89:37:64:ac:31: 57:20:35:3a:f3:cf:18:16:e0:b9:84:46:1b:a2:b9: 78:d3:7b:32:3e:7f:35:8b:a4:01:a9:72:0f:e4:e0: d6:81:02:be:3e:42:71:69:9c:7e:ac:3c:bc:6f:3e: 6d:ab:64:88:6e:7c:15:4c:65:c4:9c:e1:4c:35:07: bc:15:3b:3a:d6:1c:fb:f4:9c:c0:44:08:bf:71:66: 35:8d:25:66:4d:f6:bd:f2:14:38:a0:9d:da:e2:37: 7f:5e:bf:ba:50:df:3c:47:ec:df:75:82:d5:ab:ca: 79:7a:7c:62:08:8c:13:1c:6f:38:b7:db:46:5f:bf: 4d:be:72:bf:de:d1:4f:9a:87:80:6e:05:cb:82:13: 99:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:33:F6:5D:70:53:C3:75:36:A7:32:81:8D:61:6A:A2:0B:E7:1D:1C X509v3 Authority Key Identifier: keyid:A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:c4:aa:ac:3f:ca:66:18:f4:a4:64:a6:53:ec:79:e7:0e:74: e3:96:01:60:e4:96:18:0b:43:42:00:ba:a0:ad:b7:09:a2:38: b6:95:47:ee:65:08:10:d3:0f:1d:f9:ef:23:76:14:03:e2:1d: 40:2e:03:66:47:6a:8b:d0:e8:d7:0a:dc:39:99:60:cd:37:52: cf:8f:86:ec:2c:74:3b:a3:14:f4:fc:32:ef:b8:21:01:01:3a: 65:08:fc:2d:69:cd:65:f4:cd:7e:24:ef:35:1d:6d:53:2d:37: aa:3d:cb:73:f3:1f:6b:e0:35:88:0f:3e:d3:55:1a:d6:69:45: c6:b0:e5:ad:43:6a:44:05:e8:05:c3:e5:94:32:5b:b2:29:66: 72:f6:02:63:9e:0f:16:ab:47:54:5d:9a:ad:2f:e9:1e:35:0b: d6:5b:07:d0:e2:6e:0f:f1:80:ae:de:51:96:ed:f4:f3:cf:a6: 7b:59:00:7b:f2:3d:1f:72:af:ec:a7:b5:b2:e2:62:ab:fd:81: 3b:e0:8a:e3:f9:12:4a:99:9e:b6:49:9e:ce:81:ee:de:ef:f6: 9e:69:c3:f3:c2:5a:11:91:57:76:1d:7b:93:f8:ec:28:7e:e1: 58:b2:d8:72:92:9c:21:1e:27:08:47:72:e4:39:80:7c:e3:3a: de:dc:eb:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtYYySrl3Pc//ZfDxT1qFOIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1ODQxY2M3MzJhYzczOGRjMWUzZmU2N2MxMmU1MTA0YmVm ODYzYmEwHhcNMjUxMjI2MDIwMDUwWhcNMjUxMjI3MDIwMDUwWjAzMTEwLwYDVQQD EyhlNjMzZjY1ZDcwNTNjMzc1MzZhNzMyODE4ZDYxNmFhMjBiZTcxZDFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9YA+RuTapuIoB4Z1BNEmW53iW5O P/5Ldb2V5yjUkc06UTFckZmNwU0klhnutWBlqx1mT3E5W8MbbHGlF03rEUhxbErk jnRlQOSZXerkunz2d73eKYwE7hLj7/JBf4RpxNvlFrtd74IseKbCFuDhtop+iTdk rDFXIDU6888YFuC5hEYborl403syPn81i6QBqXIP5ODWgQK+PkJxaZx+rDy8bz5t q2SIbnwVTGXEnOFMNQe8FTs61hz79JzARAi/cWY1jSVmTfa98hQ4oJ3a4jd/Xr+6 UN88R+zfdYLVq8p5enxiCIwTHG84t9tGX79NvnK/3tFPmoeAbgXLghOZbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOYz9l1wU8N1NqcygY1haqIL5x0cMB8GA1UdIwQY MBaAFKWEHMcyrHONweP+Z8EuUQS++GO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQt NjY2NjBiMjIyZmIwLzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQtNjY2NjBiMjIyZmIw LzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI8SqrD/K Zhj0pGSmU+x55w5045YBYOSWGAtDQgC6oK23CaI4tpVH7mUIENMPHfnvI3YUA+Id QC4DZkdqi9Do1wrcOZlgzTdSz4+G7Cx0O6MU9Pwy77ghAQE6ZQj8LWnNZfTNfiTv NR1tUy03qj3Lc/Mfa+A1iA8+01Ua1mlFxrDlrUNqRAXoBcPllDJbsilmcvYCY54P FqtHVF2arS/pHjUL1lsH0OJuD/GArt5Rlu3088+me1kAe/I9H3Kv7Ke1suJiq/2B O+CK4/kSSpmetkmezoHu3u/2nmnD88JaEZFXdh17k/jsKH7hWLLYcpKcIR4nCEdy 5DmAfOM63tzrUA== -----END CERTIFICATE-----Generated at Fri Dec 26 09:31:21 2025 by rpki-client