This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft File: y34FPHGZWsyb8TM_55w9W_1ulk4.mft (raw, json) Hash identifier: 3Sfw6zdMepDtQ3JvEQClqqWrtvRqqY4SsTl0bcfzOYc= Subject key identifier: B8:F0:FC:FD:CB:61:A6:27:40:AC:78:0A:FC:4B:3E:CC:8F:16:BE:BF Authority key identifier: CB:7E:05:3C:71:99:5A:CC:9B:F1:33:3F:E7:9C:3D:5B:FD:6E:96:4E Certificate issuer: /CN=cb7e053c71995acc9bf1333fe79c3d5bfd6e964e Certificate serial: 019B95F8B85C08D8A9ED85DFF7FDD2DD097C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft Manifest number: 0E25 Signing time: Wed 07 Jan 2026 01:01:03 +0000 Manifest this update: Wed 07 Jan 2026 01:01:03 +0000 Manifest next update: Thu 08 Jan 2026 01:01:03 +0000 Files and hashes: 1: o0HqlxaDoWc3G-_HSVzsO-Lq4bU.roa (hash: HuIvoJlDnjzT1p9vthorLP3YOQAv0oGxz+pUKFAvCsk=) 2: y34FPHGZWsyb8TM_55w9W_1ulk4.crl (hash: Z/Vpm1Osja1LaJ4cV69bBdSU/rROiaQUOo4k8/cwBeE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 23:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:95:f8:b8:5c:08:d8:a9:ed:85:df:f7:fd:d2:dd:09:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb7e053c71995acc9bf1333fe79c3d5bfd6e964e Validity Not Before: Jan 7 01:01:03 2026 GMT Not After : Jan 8 01:01:03 2026 GMT Subject: CN=b8f0fcfdcb61a62740ac780afc4b3ecc8f16bebf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:57:c1:e2:6f:d6:0d:a0:a0:a8:32:d6:dd:6b: fa:37:79:39:39:31:13:e4:8a:6e:63:e0:2a:85:72: 91:da:e5:17:3c:dd:51:d3:ac:9e:be:3c:61:c2:c7: 1f:7c:7f:ea:09:ad:e5:e0:6f:13:40:25:7c:f5:dd: 10:61:51:bd:30:99:68:79:ed:4d:69:ed:de:67:20: d1:8b:1f:99:a7:19:50:f8:7a:ff:70:ac:72:82:8a: 61:4f:92:92:e4:9a:15:a4:70:9f:fd:17:8f:10:64: ef:2c:1d:b9:f9:7d:0b:0f:5c:46:a3:6b:85:61:83: a7:c1:28:27:27:47:30:10:11:89:49:7b:23:20:1c: 26:a6:2d:78:54:a5:ba:71:22:0d:40:ec:59:29:28: 4a:a3:4b:5f:7e:9e:1a:24:fc:9c:85:a6:8a:54:11: d3:c1:fd:db:f4:ae:e8:39:64:06:80:a7:4e:a5:17: ea:16:72:6c:37:75:de:d8:2d:a1:db:06:fe:39:8f: fb:75:8c:ce:08:3e:a4:e5:90:46:ca:21:25:77:cc: 98:2b:c4:0d:39:c6:78:b5:51:0f:86:26:81:e3:c9: 45:78:68:10:69:05:90:6c:b2:f4:1b:c8:18:89:aa: 57:68:8f:a9:0f:6f:ce:92:09:b1:32:0c:32:ea:9a: 3f:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:F0:FC:FD:CB:61:A6:27:40:AC:78:0A:FC:4B:3E:CC:8F:16:BE:BF X509v3 Authority Key Identifier: keyid:CB:7E:05:3C:71:99:5A:CC:9B:F1:33:3F:E7:9C:3D:5B:FD:6E:96:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y34FPHGZWsyb8TM_55w9W_1ulk4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/78aad1-d61f-416e-af4c-93637d4168bd/1/y34FPHGZWsyb8TM_55w9W_1ulk4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:6f:fb:91:d2:4a:36:27:7a:c2:31:4d:7a:a4:1a:24:ce:2f: d1:36:52:3e:f9:73:07:eb:1c:1a:da:ee:86:f2:5e:ce:47:12: 96:d6:b5:5c:48:b3:0a:cf:8c:70:10:31:a8:ac:c8:8b:20:38: d3:82:9f:b3:0a:c6:f3:31:73:e0:26:21:45:a5:59:43:b1:0a: 5b:f2:42:f3:5f:d4:9b:5f:0f:dc:fb:cc:18:a8:cb:fa:a8:fd: ee:f3:eb:91:6b:32:17:ef:0d:e9:39:76:a7:42:5e:59:e9:b8: a7:ee:72:5e:a7:4f:ea:7d:3f:bc:64:03:bc:1d:1c:6e:fa:0a: e8:9e:eb:96:29:4f:c1:18:4c:aa:5b:95:cd:db:b6:03:ea:17: 26:f6:f4:5a:5a:68:2e:7d:72:c9:9f:4f:f4:1e:d9:9b:e0:6d: 98:6c:d1:7c:49:81:55:b5:36:2b:cb:2c:26:d3:6a:53:d3:5c: b8:b9:93:26:19:12:7f:1f:46:00:ae:ec:e0:67:e4:f1:26:33: 10:5d:1f:7b:dd:0e:0c:0c:ca:94:f9:45:5a:3e:6a:47:1b:87: 2a:35:27:e0:5b:13:1a:f1:bf:25:f2:bc:ff:5d:36:27:a5:02: 38:ff:9b:f6:bf:11:bb:3f:00:a8:61:76:18:e3:95:57:f0:de: 8e:85:e7:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuV+LhcCNip7YXf9/3S3Ql8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiN2UwNTNjNzE5OTVhY2M5YmYxMzMzZmU3OWMzZDViZmQ2 ZTk2NGUwHhcNMjYwMTA3MDEwMTAzWhcNMjYwMTA4MDEwMTAzWjAzMTEwLwYDVQQD EyhiOGYwZmNmZGNiNjFhNjI3NDBhYzc4MGFmYzRiM2VjYzhmMTZiZWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1fB4m/WDaCgqDLW3Wv6N3k5OTET 5IpuY+AqhXKR2uUXPN1R06yevjxhwscffH/qCa3l4G8TQCV89d0QYVG9MJloee1N ae3eZyDRix+ZpxlQ+Hr/cKxygophT5KS5JoVpHCf/RePEGTvLB25+X0LD1xGo2uF YYOnwSgnJ0cwEBGJSXsjIBwmpi14VKW6cSINQOxZKShKo0tffp4aJPychaaKVBHT wf3b9K7oOWQGgKdOpRfqFnJsN3Xe2C2h2wb+OY/7dYzOCD6k5ZBGyiEld8yYK8QN OcZ4tVEPhiaB48lFeGgQaQWQbLL0G8gYiapXaI+pD2/OkgmxMgwy6po/RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLjw/P3LYaYnQKx4CvxLPsyPFr6/MB8GA1UdIwQY MBaAFMt+BTxxmVrMm/EzP+ecPVv9bpZOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OGFhZDEtZDYxZi00MTZlLWFmNGMt OTM2MzdkNDE2OGJkLzEveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS83OGFhZDEtZDYxZi00MTZlLWFmNGMtOTM2MzdkNDE2OGJk LzEveTM0RlBIR1pXc3liOFRNXzU1dzlXXzF1bGs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo2/7kdJK Nid6wjFNeqQaJM4v0TZSPvlzB+scGtruhvJezkcSlta1XEizCs+McBAxqKzIiyA4 04KfswrG8zFz4CYhRaVZQ7EKW/JC81/Um18P3PvMGKjL+qj97vPrkWsyF+8N6Tl2 p0JeWem4p+5yXqdP6n0/vGQDvB0cbvoK6J7rlilPwRhMqluVzdu2A+oXJvb0Wlpo Ln1yyZ9P9B7Zm+BtmGzRfEmBVbU2K8ssJtNqU9NcuLmTJhkSfx9GAK7s4Gfk8SYz EF0fe90ODAzKlPlFWj5qRxuHKjUn4FsTGvG/JfK8/102J6UCOP+b9r8Ruz8AqGF2 GOOVV/DejoXnEw== -----END CERTIFICATE-----Generated at Wed Jan 7 04:19:00 2026 by rpki-client