This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft File: yHX3bo-JQkeSPA4nYjTZikw-xcI.mft (raw, json) Hash identifier: HdV12KCO93QH8pDRgDKhZPHoq/1lI7wGX/zAEqmufjE= Subject key identifier: 1E:C8:88:9E:63:E0:A3:D7:1A:93:64:8C:FB:72:19:B8:1C:23:AE:24 Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2 Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2 Certificate serial: 019B3FECD1C9B0B7309BAEC76977635A45D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 08:00:43 +0000 Manifest this update: Sun 21 Dec 2025 08:00:43 +0000 Manifest next update: Mon 22 Dec 2025 08:00:43 +0000 Files and hashes: 1: FGsyv-avFXn_iimzPOzOCwcPyYs.roa (hash: x+nbArqL7XpMEWFfS8pufHXCc23im3EMURx/7GPfFLI=) 2: I709bbaWjjvBjycgl5Y9TKJLvE0.roa (hash: XtOSTkSn/jS5PlGEkzSWe5jgilvzImx3IY3GpNZBgXs=) 3: yHX3bo-JQkeSPA4nYjTZikw-xcI.crl (hash: HWG1iyHjFeVXeZJjdX2YTNCsBqvAqHF6U8gm3N4Yzvc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 08:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ec:d1:c9:b0:b7:30:9b:ae:c7:69:77:63:5a:45:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2 Validity Not Before: Dec 21 08:00:43 2025 GMT Not After : Dec 22 08:00:43 2025 GMT Subject: CN=1ec8889e63e0a3d71a93648cfb7219b81c23ae24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7c:8b:a0:03:8c:f6:74:79:99:17:6e:ec:99: ce:cb:12:bb:05:c3:3e:23:5c:c0:71:b8:89:d4:66: a1:26:13:3d:6d:7e:09:94:92:35:c6:09:54:41:11: 82:48:cc:28:44:5b:6b:77:7a:9f:c4:c3:72:e3:00: 2e:f0:92:87:52:d2:4e:b9:30:6a:5b:57:ca:e3:e8: d7:59:0f:45:81:64:56:c5:b3:3b:2f:eb:2c:de:11: 9a:1e:d0:90:8b:e5:ee:71:c4:bb:24:e2:99:57:7c: c3:e1:53:4b:21:a4:59:c8:b4:31:4c:93:a6:0a:ad: 90:87:6d:45:38:68:97:c0:07:4a:df:12:58:66:82: 35:90:5e:f0:e9:c3:b8:81:90:72:5c:28:09:1e:1e: 15:31:87:26:ef:68:b5:fe:15:7d:75:27:10:4a:7c: 99:46:7c:43:9a:7e:0f:9a:80:b1:60:af:60:08:40: 15:fe:05:f4:82:7a:16:bc:5b:16:d8:68:7f:82:51: 99:77:55:e0:eb:28:aa:fd:d8:7c:61:7e:76:f8:97: 3a:e7:a8:a5:eb:20:f0:8f:58:d2:fa:db:f3:e8:4c: 26:0a:05:f4:cd:67:14:08:fb:7f:5c:cd:98:5a:56: 20:ef:2a:02:69:0a:b4:93:5f:e4:2f:84:02:77:1b: 28:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C8:88:9E:63:E0:A3:D7:1A:93:64:8C:FB:72:19:B8:1C:23:AE:24 X509v3 Authority Key Identifier: keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:5f:56:0c:40:57:42:5e:5c:92:3e:36:13:c4:43:7c:ed:d9: ce:b0:d3:e4:30:97:f0:cc:cd:4a:e2:b0:9a:7e:6e:70:f4:d1: b8:da:47:e5:72:e0:75:00:6f:d2:28:f4:fa:ca:d5:ef:78:47: c9:0e:cc:9e:12:77:7f:63:40:ac:e4:7e:27:ad:ef:27:d8:c2: c4:32:c7:c1:97:4c:6b:ec:38:a0:e9:6c:00:ac:50:15:86:34: 14:dd:af:0f:04:a6:2a:7e:e3:23:8f:ce:f7:93:64:04:08:4f: be:bf:7c:63:8d:19:c5:62:c9:0c:d5:00:9f:a3:e5:59:bf:f4: 39:cf:0c:ed:db:89:18:b9:70:83:c0:34:77:84:52:11:50:fe: 6d:12:44:ae:cd:ef:00:96:2a:c2:5b:f1:c4:a4:b0:5f:81:4d: 9c:26:18:b9:6a:e4:ce:5e:59:12:db:8b:a9:09:7b:77:a6:c7: 7d:4d:a6:f2:c4:da:a5:c0:8c:6f:5f:53:bc:f7:14:e7:fb:05: 1a:ee:37:f6:dc:b8:2d:0a:55:51:20:d4:e9:cb:e2:b3:91:4b: 63:b3:9c:22:50:99:de:db:1e:d5:34:10:91:7b:8d:84:11:5a: 12:53:23:68:6c:41:f4:46:f9:e8:12:6c:5b:0c:93:f7:b6:6e: 6f:ef:9f:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7NHJsLcwm67HaXdjWkXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz ZWM1YzIwHhcNMjUxMjIxMDgwMDQzWhcNMjUxMjIyMDgwMDQzWjAzMTEwLwYDVQQD EygxZWM4ODg5ZTYzZTBhM2Q3MWE5MzY0OGNmYjcyMTliODFjMjNhZTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3yLoAOM9nR5mRdu7JnOyxK7BcM+ I1zAcbiJ1GahJhM9bX4JlJI1xglUQRGCSMwoRFtrd3qfxMNy4wAu8JKHUtJOuTBq W1fK4+jXWQ9FgWRWxbM7L+ss3hGaHtCQi+XuccS7JOKZV3zD4VNLIaRZyLQxTJOm Cq2Qh21FOGiXwAdK3xJYZoI1kF7w6cO4gZByXCgJHh4VMYcm72i1/hV9dScQSnyZ RnxDmn4PmoCxYK9gCEAV/gX0gnoWvFsW2Gh/glGZd1Xg6yiq/dh8YX52+Jc656il 6yDwj1jS+tvz6EwmCgX0zWcUCPt/XM2YWlYg7yoCaQq0k1/kL4QCdxsoLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7IiJ5j4KPXGpNkjPtyGbgcI64kMB8GA1UdIwQY MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt MzA1NjU4ZjkxNjM1LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1 LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALl9WDEBX Ql5ckj42E8RDfO3ZzrDT5DCX8MzNSuKwmn5ucPTRuNpH5XLgdQBv0ij0+srV73hH yQ7MnhJ3f2NArOR+J63vJ9jCxDLHwZdMa+w4oOlsAKxQFYY0FN2vDwSmKn7jI4/O 95NkBAhPvr98Y40ZxWLJDNUAn6PlWb/0Oc8M7duJGLlwg8A0d4RSEVD+bRJErs3v AJYqwlvxxKSwX4FNnCYYuWrkzl5ZEtuLqQl7d6bHfU2m8sTapcCMb19TvPcU5/sF Gu439ty4LQpVUSDU6cvis5FLY7OcIlCZ3tse1TQQkXuNhBFaElMjaGxB9Eb56BJs WwyT97Zub++fXQ== -----END CERTIFICATE-----Generated at Sun Dec 21 14:40:52 2025 by rpki-client