This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft File: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft (raw, json) Hash identifier: Ke7cuYij5Dx0LvYUs1MJg5exbDoXNxQAvfto0VHyO4M= Subject key identifier: E1:F4:E1:56:5B:42:A9:F1:E5:2E:92:C4:03:50:CB:09:7A:19:1D:99 Authority key identifier: CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D Certificate issuer: /CN=cbb525e263a95b1652064bdff8964d4bf62b533d Certificate serial: 019B3DC74E892024AB554A159E986F3C38D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft Manifest number: 043C Signing time: Sat 20 Dec 2025 22:00:30 +0000 Manifest this update: Sat 20 Dec 2025 22:00:30 +0000 Manifest next update: Sun 21 Dec 2025 22:00:30 +0000 Files and hashes: 1: q6cfXUDveWHdgQWTYKqVwvvOAe0.roa (hash: BJPMM6GNYN6IqCj9i2G5fXzbZjuTVnz0OtAPd8t+eZk=) 2: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl (hash: naE7CluAqPYKfjy2lCLac5BdHNc3B0duNUAyoJijRI0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:4e:89:20:24:ab:55:4a:15:9e:98:6f:3c:38:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbb525e263a95b1652064bdff8964d4bf62b533d Validity Not Before: Dec 20 22:00:30 2025 GMT Not After : Dec 21 22:00:30 2025 GMT Subject: CN=e1f4e1565b42a9f1e52e92c40350cb097a191d99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c9:ce:e0:97:86:96:aa:e5:31:2a:01:ba:44: 78:6e:47:6b:48:c3:b9:ac:e7:4c:c4:0c:7d:51:3f: e6:1b:ce:40:33:bb:42:ef:85:9c:44:d1:5b:52:95: 27:7d:fa:c9:a4:cb:19:5d:1a:7c:42:6f:9a:6b:a9: dc:26:89:11:b0:47:96:94:50:7f:7d:55:c8:ab:99: 57:1c:9c:47:5a:34:c8:86:ed:fe:3e:b1:fe:8e:9b: 9c:b4:8c:7c:a2:8f:29:65:f2:46:86:2a:d9:fe:a1: cb:3d:6f:b1:1a:56:da:43:17:14:2a:41:cb:ef:74: d1:62:8f:61:ba:4f:9b:53:24:0a:d4:81:fe:ce:09: 68:89:2e:c8:7d:20:ac:f5:3b:67:de:d2:61:42:2b: b7:b8:2f:54:38:f5:91:b2:63:0f:01:5c:f1:f9:44: 84:63:64:5d:cb:2c:a6:d2:b2:c0:a6:6f:67:98:13: 4e:17:01:2c:0a:7c:ae:1c:43:fe:36:6e:32:8a:d4: 49:5b:8c:5d:2f:24:cc:2a:13:45:93:49:36:ce:41: 0f:36:a5:97:15:10:d9:22:91:2f:b3:cb:c2:b9:28: d6:cd:0f:32:19:eb:27:6c:bd:36:0d:92:84:3b:00: 30:bc:c0:c0:c2:59:9e:c7:7c:30:43:3d:35:15:4e: 22:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:F4:E1:56:5B:42:A9:F1:E5:2E:92:C4:03:50:CB:09:7A:19:1D:99 X509v3 Authority Key Identifier: keyid:CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:69:ec:94:33:17:17:13:ba:09:5d:30:a8:1e:8b:d4:bb:96: ec:91:e8:9f:66:5f:14:46:00:8f:22:96:7e:1d:f3:8e:29:b8: c7:dd:c2:ce:9f:cd:4a:ab:ff:e3:b9:0f:61:7f:54:ec:b4:7d: 32:14:2a:b0:b0:d4:6f:61:e9:0e:37:57:f9:01:5a:37:db:bd: 80:25:dc:10:ae:4d:73:64:e1:a6:09:bb:6c:63:21:f5:57:39: c3:60:1f:b1:30:0c:14:1c:bc:e8:74:d4:14:17:82:18:35:46: 43:35:04:8f:c6:fe:3e:a7:e0:d7:87:f6:ac:e2:73:ca:b2:f3: 01:c7:74:8d:e3:eb:1e:db:a2:db:65:16:84:23:f5:ff:4c:0e: 54:8f:47:8d:15:69:79:43:aa:3f:13:dc:6b:b6:52:42:47:75: fb:c0:63:e8:7e:ae:13:73:f4:01:2f:d3:f7:03:17:92:71:d9: 65:f4:90:5b:a9:cf:03:36:bc:8b:dd:ff:bd:63:34:ac:b4:08: 16:c5:7a:42:8c:52:d7:b7:71:88:1f:01:24:51:e0:ea:b6:69: 13:5c:5b:c5:e6:06:4a:9a:26:86:14:32:df:52:69:be:dd:c1: 0c:41:24:06:13:5b:39:a5:0e:36:a1:52:9c:21:68:ad:6f:78: 7a:76:8a:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x06JICSrVUoVnphvPDjTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYjUyNWUyNjNhOTViMTY1MjA2NGJkZmY4OTY0ZDRiZjYy YjUzM2QwHhcNMjUxMjIwMjIwMDMwWhcNMjUxMjIxMjIwMDMwWjAzMTEwLwYDVQQD EyhlMWY0ZTE1NjViNDJhOWYxZTUyZTkyYzQwMzUwY2IwOTdhMTkxZDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8nO4JeGlqrlMSoBukR4bkdrSMO5 rOdMxAx9UT/mG85AM7tC74WcRNFbUpUnffrJpMsZXRp8Qm+aa6ncJokRsEeWlFB/ fVXIq5lXHJxHWjTIhu3+PrH+jpuctIx8oo8pZfJGhirZ/qHLPW+xGlbaQxcUKkHL 73TRYo9huk+bUyQK1IH+zgloiS7IfSCs9Ttn3tJhQiu3uC9UOPWRsmMPAVzx+USE Y2Rdyyym0rLApm9nmBNOFwEsCnyuHEP+Nm4yitRJW4xdLyTMKhNFk0k2zkEPNqWX FRDZIpEvs8vCuSjWzQ8yGesnbL02DZKEOwAwvMDAwlmex3wwQz01FU4iDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOH04VZbQqnx5S6SxANQywl6GR2ZMB8GA1UdIwQY MBaAFMu1JeJjqVsWUgZL3/iWTUv2K1M9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQt Yjg5ZGM0ZmQ2ZWUwLzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQtYjg5ZGM0ZmQ2ZWUw LzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmnslDMX FxO6CV0wqB6L1LuW7JHon2ZfFEYAjyKWfh3zjim4x93Czp/NSqv/47kPYX9U7LR9 MhQqsLDUb2HpDjdX+QFaN9u9gCXcEK5Nc2Thpgm7bGMh9Vc5w2AfsTAMFBy86HTU FBeCGDVGQzUEj8b+Pqfg14f2rOJzyrLzAcd0jePrHtui22UWhCP1/0wOVI9HjRVp eUOqPxPca7ZSQkd1+8Bj6H6uE3P0AS/T9wMXknHZZfSQW6nPAza8i93/vWM0rLQI FsV6QoxS17dxiB8BJFHg6rZpE1xbxeYGSpomhhQy31Jpvt3BDEEkBhNbOaUONqFS nCForW94enaKAw== -----END CERTIFICATE-----Generated at Sat Dec 20 23:36:14 2025 by rpki-client