This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft File: y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json) Hash identifier: K+Sde2vtFOhEn+A5mAlBtc/C8wadSH/gn0X3zhkkXvQ= Subject key identifier: 7D:FC:D9:BC:4A:D1:71:4F:A0:2F:F7:52:62:64:C5:08:F5:3F:7F:17 Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21 Certificate issuer: /CN=cbf9cd243ced6937b6bea57102814ff9ba426621 Certificate serial: 019B3CEC8CE161FA8E406A9C69D5B5019B3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft Manifest number: 1785 Signing time: Sat 20 Dec 2025 18:01:34 +0000 Manifest this update: Sat 20 Dec 2025 18:01:34 +0000 Manifest next update: Sun 21 Dec 2025 18:01:34 +0000 Files and hashes: 1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: ME/MWuvgdusuTEmYibcLuJiDoBbi8rXHDEwU7cVZnTc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:8c:e1:61:fa:8e:40:6a:9c:69:d5:b5:01:9b:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621 Validity Not Before: Dec 20 18:01:34 2025 GMT Not After : Dec 21 18:01:34 2025 GMT Subject: CN=7dfcd9bc4ad1714fa02ff7526264c508f53f7f17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ae:35:6d:ce:42:ca:11:ed:6b:25:cd:86:22: 5a:96:12:53:85:1b:ff:de:47:ac:e8:0a:04:39:be: 09:bd:8f:b5:9e:7e:21:c7:08:50:26:e5:5c:64:c3: 3d:2a:3d:b5:63:41:ad:65:f2:ce:1e:82:81:64:20: 3a:48:22:9b:80:28:63:75:4e:a8:3e:d7:7a:f8:2b: cb:54:a1:14:3b:2f:4d:8a:e7:d3:98:aa:59:e8:e7: fe:fa:6c:3b:a7:b3:32:01:92:0b:85:8e:c3:98:c2: 70:a6:a8:58:af:5d:ed:16:80:2c:04:7e:38:10:f1: 14:16:7b:0c:a0:fc:51:75:94:f9:1f:79:aa:7d:43: a5:c5:16:a2:41:6b:53:b9:25:67:76:8a:a8:49:f9: 93:67:c6:bf:ce:59:21:43:2e:ca:33:df:03:23:55: 12:4f:f1:f9:a8:15:90:d8:a1:29:a1:f5:91:ab:ff: ab:8a:c2:5a:65:78:ae:d9:bf:eb:3b:bd:55:41:59: c8:b2:7b:e1:a8:35:11:e0:a0:c2:08:96:d7:35:68: ff:43:54:ae:e0:d2:01:1b:c8:1d:f3:01:8f:04:b6: 6a:de:ed:9c:3b:cd:fd:c2:1f:bf:78:e6:67:ba:84: e1:85:ab:45:ab:9c:d9:4b:b7:5a:fe:8f:21:b4:58: 22:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:FC:D9:BC:4A:D1:71:4F:A0:2F:F7:52:62:64:C5:08:F5:3F:7F:17 X509v3 Authority Key Identifier: keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:cd:c9:0f:ed:2c:e8:bc:5d:69:b1:4f:21:5d:84:7c:f7:6b: f3:6a:5b:9d:be:d0:0f:47:64:ea:28:2f:87:dd:10:30:05:e0: 07:92:f9:39:a0:85:06:f7:49:ee:49:8e:fe:11:d7:86:e3:0d: 05:9c:7e:e3:a9:78:4d:f2:4c:1e:3f:79:27:73:37:a5:7e:b6: e3:a9:2d:94:3c:75:95:a6:d9:62:d5:79:34:7e:6f:c7:b0:3c: 43:3f:3d:5c:64:1e:dc:e1:4d:b9:a7:9b:20:23:82:17:fe:31: 8b:ff:d2:89:e1:2c:32:6f:e7:6b:c3:d9:dc:bd:4a:97:23:d8: 74:81:7b:ea:26:c1:da:77:ca:ef:41:14:20:5b:d3:8d:46:5e: a7:fc:26:ce:8f:75:27:0f:a9:a1:a0:14:a1:aa:62:c2:b7:6b: d2:0a:70:52:d1:b9:b6:92:6f:79:2c:a5:5f:93:41:00:99:ab: 21:1c:5d:82:27:24:e0:fe:38:8a:69:78:89:6f:3c:9f:87:38: ea:58:c1:98:34:42:6c:04:46:fa:a3:7f:4b:f1:fe:69:ed:5f: ff:e0:c4:f8:e4:58:b0:5e:ed:f9:22:25:11:a8:3b:8b:7c:22: 31:ee:31:88:00:e2:11:05:c9:82:67:c7:34:3b:5d:5a:40:9c: 05:44:cf:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87IzhYfqOQGqcadW1AZs+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0 MjY2MjEwHhcNMjUxMjIwMTgwMTM0WhcNMjUxMjIxMTgwMTM0WjAzMTEwLwYDVQQD Eyg3ZGZjZDliYzRhZDE3MTRmYTAyZmY3NTI2MjY0YzUwOGY1M2Y3ZjE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK41bc5CyhHtayXNhiJalhJThRv/ 3kes6AoEOb4JvY+1nn4hxwhQJuVcZMM9Kj21Y0GtZfLOHoKBZCA6SCKbgChjdU6o Ptd6+CvLVKEUOy9NiufTmKpZ6Of++mw7p7MyAZILhY7DmMJwpqhYr13tFoAsBH44 EPEUFnsMoPxRdZT5H3mqfUOlxRaiQWtTuSVndoqoSfmTZ8a/zlkhQy7KM98DI1US T/H5qBWQ2KEpofWRq/+risJaZXiu2b/rO71VQVnIsnvhqDUR4KDCCJbXNWj/Q1Su 4NIBG8gd8wGPBLZq3u2cO839wh+/eOZnuoThhatFq5zZS7da/o8htFgitwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH382bxK0XFPoC/3UmJkxQj1P38XMB8GA1UdIwQY MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcc3JD+0s 6LxdabFPIV2EfPdr82pbnb7QD0dk6igvh90QMAXgB5L5OaCFBvdJ7kmO/hHXhuMN BZx+46l4TfJMHj95J3M3pX6246ktlDx1labZYtV5NH5vx7A8Qz89XGQe3OFNuaeb ICOCF/4xi//SieEsMm/na8PZ3L1KlyPYdIF76ibB2nfK70EUIFvTjUZep/wmzo91 Jw+poaAUoapiwrdr0gpwUtG5tpJveSylX5NBAJmrIRxdgick4P44iml4iW88n4c4 6ljBmDRCbARG+qN/S/H+ae1f/+DE+ORYsF7t+SIlEag7i3wiMe4xiADiEQXJgmfH NDtdWkCcBUTPLA== -----END CERTIFICATE-----Generated at Sat Dec 20 22:04:41 2025 by rpki-client