This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft File: y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json) Hash identifier: +U7Fdkp0h+/ao9pzaPdiPQI5UHzN7ehnCrA8VyGDpNE= Subject key identifier: BB:5B:2F:18:A8:64:78:BF:FA:1A:E7:BD:2A:40:54:57:80:97:5D:C4 Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D Certificate issuer: /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d Certificate serial: 019B5486644BC643B3A19434E55AECF4186E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft Manifest number: 0E3C Signing time: Thu 25 Dec 2025 08:00:52 +0000 Manifest this update: Thu 25 Dec 2025 08:00:52 +0000 Manifest next update: Fri 26 Dec 2025 08:00:52 +0000 Files and hashes: 1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: i5gU3MTGJtZT2nItrfIsq2h2Fk3sEHzI6E2M8TbJwfI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:86:64:4b:c6:43:b3:a1:94:34:e5:5a:ec:f4:18:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d Validity Not Before: Dec 25 08:00:52 2025 GMT Not After : Dec 26 08:00:52 2025 GMT Subject: CN=bb5b2f18a86478bffa1ae7bd2a40545780975dc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:09:bd:67:ed:41:51:65:5d:25:28:93:9e:e7: 0a:f2:73:24:d1:a8:ee:48:47:34:74:fa:7e:a8:9c: 1e:36:fc:6b:af:b8:d4:b5:d0:4e:24:cd:f3:65:90: 94:16:52:ef:5d:a8:ed:40:8d:19:f6:60:62:6f:af: 1f:07:14:52:9e:bd:84:05:2a:1d:ef:da:5b:8e:66: 86:c7:9a:11:fb:bf:ac:7b:3d:7e:15:4e:22:20:3a: 61:5e:98:cb:9a:8c:d0:54:92:fa:63:d9:c2:a7:76: df:3d:a4:c1:fe:3d:28:8f:bb:54:14:32:81:15:ca: d3:1c:67:41:d1:79:9b:ee:c4:76:2d:4f:26:71:f5: a1:1c:f1:c9:68:b9:0f:99:b7:68:63:33:a7:41:45: 76:1c:51:c7:ba:0c:0c:e8:04:75:b5:ab:0f:dd:79: 0b:80:fc:a5:0f:6e:a3:d0:5e:b9:7c:30:b1:de:d2: bf:eb:be:04:82:b2:cb:37:24:89:38:08:60:72:de: 22:7c:0e:c0:29:75:07:c8:b2:53:89:0b:3c:65:24: cb:9d:f6:e5:10:c5:1e:67:26:94:67:77:91:de:e7: 32:9c:be:a8:b7:23:34:90:49:ab:05:bc:d4:d2:99: b4:e2:ff:ef:7e:2c:72:41:2e:92:47:da:15:ab:1c: 86:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:5B:2F:18:A8:64:78:BF:FA:1A:E7:BD:2A:40:54:57:80:97:5D:C4 X509v3 Authority Key Identifier: keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:86:0d:30:83:35:33:28:3b:f2:76:41:3b:ec:18:47:02:87: 6b:70:a0:51:2b:1b:cc:7f:06:78:23:b4:52:f0:66:7d:5f:90: e0:e0:3d:b3:76:88:af:6e:b4:b9:7c:d9:09:38:3c:64:4e:ae: ef:24:45:4d:24:c0:c3:b2:08:73:6a:30:d3:86:54:9f:8d:13: e4:f4:da:cb:e3:18:45:7f:b1:d1:fd:49:84:6a:7b:c7:52:35: ea:b2:4f:4a:b4:c5:0e:b4:a4:92:dc:f1:cd:ec:68:0a:ba:7d: 4d:b0:c0:41:fb:c3:ca:61:6f:57:bb:26:0c:b5:1c:d2:e4:7c: 3c:06:02:81:77:64:f2:30:29:4b:5c:4c:88:97:ac:50:97:90: a1:2a:e6:a5:85:84:01:9b:25:28:70:9e:e4:3d:fc:79:ff:ee: 3f:7f:50:0c:ce:1e:3c:e2:30:a8:02:74:ff:f7:d0:09:1a:5d: ac:cd:c8:c2:6a:61:39:31:69:e5:87:f8:fb:9f:74:cd:a2:ae: b0:be:c2:6f:48:b7:94:6f:cd:16:ca:cd:02:38:53:24:91:4c: 43:d7:ad:1e:3f:56:cc:de:d6:20:9e:c8:66:42:25:d3:67:fa: 8f:39:31:9c:2b:a5:d1:5f:97:51:8e:47:07:b2:2d:a7:8f:82: 62:0e:48:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUhmRLxkOzoZQ05Vrs9BhuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0 ZDI2M2QwHhcNMjUxMjI1MDgwMDUyWhcNMjUxMjI2MDgwMDUyWjAzMTEwLwYDVQQD EyhiYjViMmYxOGE4NjQ3OGJmZmExYWU3YmQyYTQwNTQ1NzgwOTc1ZGM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowm9Z+1BUWVdJSiTnucK8nMk0aju SEc0dPp+qJweNvxrr7jUtdBOJM3zZZCUFlLvXajtQI0Z9mBib68fBxRSnr2EBSod 79pbjmaGx5oR+7+sez1+FU4iIDphXpjLmozQVJL6Y9nCp3bfPaTB/j0oj7tUFDKB FcrTHGdB0Xmb7sR2LU8mcfWhHPHJaLkPmbdoYzOnQUV2HFHHugwM6AR1tasP3XkL gPylD26j0F65fDCx3tK/674EgrLLNySJOAhgct4ifA7AKXUHyLJTiQs8ZSTLnfbl EMUeZyaUZ3eR3ucynL6otyM0kEmrBbzU0pm04v/vfixyQS6SR9oVqxyG8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLtbLxioZHi/+hrnvSpAVFeAl13EMB8GA1UdIwQY MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZoYNMIM1 Myg78nZBO+wYRwKHa3CgUSsbzH8GeCO0UvBmfV+Q4OA9s3aIr260uXzZCTg8ZE6u 7yRFTSTAw7IIc2ow04ZUn40T5PTay+MYRX+x0f1JhGp7x1I16rJPSrTFDrSkktzx zexoCrp9TbDAQfvDymFvV7smDLUc0uR8PAYCgXdk8jApS1xMiJesUJeQoSrmpYWE AZslKHCe5D38ef/uP39QDM4ePOIwqAJ0//fQCRpdrM3IwmphOTFp5Yf4+590zaKu sL7Cb0i3lG/NFsrNAjhTJJFMQ9etHj9WzN7WIJ7IZkIl02f6jzkxnCul0V+XUY5H B7Itp4+CYg5I3w== -----END CERTIFICATE-----Generated at Thu Dec 25 13:11:20 2025 by rpki-client