This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft File: rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft (raw, json) Hash identifier: FPuOf/yek5B24/5GFo1y8YtU9YNvRIDhLnXFAUPQpvc= Subject key identifier: E9:F3:FB:BC:E3:CF:B9:4D:F9:45:7B:43:78:AA:46:3B:61:A1:37:D5 Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C Certificate issuer: /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c Certificate serial: 019B2FD4F8B22E3B7DBEA11FB7A854985E6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft Manifest number: 1788 Signing time: Thu 18 Dec 2025 05:00:44 +0000 Manifest this update: Thu 18 Dec 2025 05:00:44 +0000 Manifest next update: Fri 19 Dec 2025 05:00:44 +0000 Files and hashes: 1: G67im2f6_ZhJBmi9qes0fIWNsWo.roa (hash: rcGVW1BtLRG5wqd17uLZEGASDvopWpXiN4N5Gl4c/9Y=) 2: rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl (hash: us/559UjcH5GomP8MnD0qHq/+/qM//t8kbhQnpRChIM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d4:f8:b2:2e:3b:7d:be:a1:1f:b7:a8:54:98:5e:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c Validity Not Before: Dec 18 05:00:44 2025 GMT Not After : Dec 19 05:00:44 2025 GMT Subject: CN=e9f3fbbce3cfb94df9457b4378aa463b61a137d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d5:0a:42:59:f4:55:27:41:ac:59:dd:3b:06: e1:33:cc:33:7d:40:f7:5e:ea:66:1c:d3:ae:fe:33: 21:8d:83:c8:8e:91:3b:12:92:17:63:e8:76:a3:7a: c6:fc:e4:54:33:f4:e6:1c:2a:7e:fc:15:b0:44:31: 1f:00:1a:6f:fe:53:4f:2e:5d:46:71:21:e4:71:c3: d8:7f:9e:5d:cc:cc:e2:53:6d:ab:3e:a9:56:5f:8a: 70:97:5b:43:ac:1a:e6:c1:c6:30:0a:a1:0e:e5:62: bd:4b:6b:65:f6:d7:3d:e5:87:46:68:33:d8:e5:d7: 79:4b:93:bc:7a:ff:70:59:68:d8:d5:0e:83:8e:28: 33:7b:f0:9d:01:f0:cb:60:79:58:f8:33:9a:7f:92: cc:dc:26:a9:69:55:e1:5d:d2:a6:e7:52:0e:80:b4: b9:c4:a7:3a:2f:e7:b6:56:d2:78:98:1c:03:01:e9: c0:ff:0b:0a:49:88:61:ec:47:37:19:2d:70:45:19: 34:5d:2b:3d:f8:7a:ce:e5:5c:a8:e9:e6:86:2f:79: 36:77:06:98:a6:f5:22:c8:e0:a2:e9:2d:56:26:63: 1c:17:f7:96:0f:43:be:e3:e2:cc:1f:4b:18:42:56: 9e:75:01:c4:89:6f:be:8d:8b:14:18:65:18:2e:5b: 25:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:F3:FB:BC:E3:CF:B9:4D:F9:45:7B:43:78:AA:46:3B:61:A1:37:D5 X509v3 Authority Key Identifier: keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:26:ae:2b:31:e6:19:c8:83:49:2f:69:a7:f3:e2:5c:0b:9a: 63:6f:41:55:7e:c6:28:db:70:4e:65:07:60:c5:1f:96:7d:c7: 85:9b:d7:a4:98:56:d6:8a:25:9b:00:95:56:53:61:82:ab:89: e3:e0:e2:81:71:02:17:26:2e:76:b2:8c:9f:a7:e4:43:84:23: 8b:98:14:4c:82:b3:aa:b4:08:76:c6:7c:ae:06:d3:a4:c6:02: ce:d0:c8:dc:c8:2f:75:eb:80:b7:51:15:9d:a7:fb:d8:18:b0: 00:77:d0:79:53:96:47:9b:43:e5:38:16:1d:73:2b:09:34:34: 32:0f:2d:4e:1b:77:97:d7:cd:81:d8:93:69:c7:2a:d4:4e:b1: c9:57:fb:9f:ce:13:82:57:09:28:e8:1c:6b:e5:9b:e7:f4:de: 5a:7b:32:ed:46:62:03:cc:99:05:f6:0d:c7:a4:17:a4:40:21: e5:bc:14:de:ec:00:39:0e:51:76:e0:96:92:ba:88:9f:6a:56: 31:49:66:db:92:fe:3a:7b:ce:fb:ef:85:41:2a:2c:03:55:fd: 39:c1:0b:1c:c1:4c:19:4e:6a:08:94:7b:09:cf:03:31:77:55: 86:69:1d:ef:ab:ff:61:36:fc:d0:ca:36:fd:12:b1:bb:5b:6f: c3:d0:45:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1PiyLjt9vqEft6hUmF5rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2 Yjc3NGMwHhcNMjUxMjE4MDUwMDQ0WhcNMjUxMjE5MDUwMDQ0WjAzMTEwLwYDVQQD EyhlOWYzZmJiY2UzY2ZiOTRkZjk0NTdiNDM3OGFhNDYzYjYxYTEzN2Q1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytUKQln0VSdBrFndOwbhM8wzfUD3 XupmHNOu/jMhjYPIjpE7EpIXY+h2o3rG/ORUM/TmHCp+/BWwRDEfABpv/lNPLl1G cSHkccPYf55dzMziU22rPqlWX4pwl1tDrBrmwcYwCqEO5WK9S2tl9tc95YdGaDPY 5dd5S5O8ev9wWWjY1Q6Djigze/CdAfDLYHlY+DOaf5LM3CapaVXhXdKm51IOgLS5 xKc6L+e2VtJ4mBwDAenA/wsKSYhh7Ec3GS1wRRk0XSs9+HrO5Vyo6eaGL3k2dwaY pvUiyOCi6S1WJmMcF/eWD0O+4+LMH0sYQlaedQHEiW++jYsUGGUYLlsljQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOnz+7zjz7lN+UV7Q3iqRjthoTfVMB8GA1UdIwQY MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt MTc3OGJhMjVkOGI5LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5 LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZyauKzHm GciDSS9pp/PiXAuaY29BVX7GKNtwTmUHYMUfln3HhZvXpJhW1oolmwCVVlNhgquJ 4+DigXECFyYudrKMn6fkQ4Qji5gUTIKzqrQIdsZ8rgbTpMYCztDI3MgvdeuAt1EV naf72BiwAHfQeVOWR5tD5TgWHXMrCTQ0Mg8tTht3l9fNgdiTaccq1E6xyVf7n84T glcJKOgca+Wb5/TeWnsy7UZiA8yZBfYNx6QXpEAh5bwU3uwAOQ5RduCWkrqIn2pW MUlm25L+OnvO+++FQSosA1X9OcELHMFMGU5qCJR7Cc8DMXdVhmkd76v/YTb80Mo2 /RKxu1tvw9BFwg== -----END CERTIFICATE-----Generated at Thu Dec 18 11:13:06 2025 by rpki-client