This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft File: vfyFyRfr69yH36Ne4JvEAoX19Ac.mft (raw, json) Hash identifier: 9Uj4lL4TPPI5vu3OcPE1qjySIoUb/a80Ft+NH9lNQ9g= Subject key identifier: 7F:3F:F0:15:1B:9F:D5:BA:D8:A2:3A:63:34:D2:0D:40:2C:5C:55:3B Authority key identifier: BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07 Certificate issuer: /CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407 Certificate serial: 019B559A676DDACCAF33E659236EEEAEFD27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft Manifest number: 0456 Signing time: Thu 25 Dec 2025 13:02:20 +0000 Manifest this update: Thu 25 Dec 2025 13:02:20 +0000 Manifest next update: Fri 26 Dec 2025 13:02:20 +0000 Files and hashes: 1: vfyFyRfr69yH36Ne4JvEAoX19Ac.crl (hash: JyeaIVmsqbUu+8e7WsCH6MNEkJa22YcvUr2rhHkayOA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 13:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:9a:67:6d:da:cc:af:33:e6:59:23:6e:ee:ae:fd:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdfc85c917ebebdc87dfa35ee09bc40285f5f407 Validity Not Before: Dec 25 13:02:20 2025 GMT Not After : Dec 26 13:02:20 2025 GMT Subject: CN=7f3ff0151b9fd5bad8a23a6334d20d402c5c553b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:68:2c:ef:2e:93:a7:04:5f:06:77:ed:36:cf: ca:11:15:5a:55:e9:7b:86:0a:5a:d2:0f:a9:26:dd: 2d:71:9b:0f:f6:3d:9e:04:e3:22:c8:22:40:43:6c: 7e:25:42:d5:72:92:73:05:c3:ca:89:7d:6c:5f:a3: ce:ae:4d:ac:0d:7f:7b:61:4a:75:8b:83:70:fe:8e: 65:81:e8:57:2f:39:17:17:6c:a2:0c:33:bb:19:47: c8:db:a8:72:c3:75:25:08:7c:9f:9d:e6:ad:e1:81: a8:9a:1b:e0:65:1e:e1:71:3e:4c:4d:f3:4c:f2:cf: 5e:a3:2d:e0:e9:b6:bd:e2:84:06:b3:78:ee:44:cd: 87:e4:c4:2b:8d:f9:b8:34:5a:07:f2:f8:3f:0f:7d: 3a:a7:a8:cf:94:9d:0f:3f:bf:cf:bd:a9:fa:53:ed: b8:c3:55:d8:32:aa:08:25:69:dd:32:44:2b:12:43: 18:c4:5f:51:de:bb:75:be:25:89:1d:a4:c0:2a:93: 00:72:d8:b8:46:db:98:82:65:3d:1f:f0:ef:65:de: 0b:48:c7:0b:6f:fc:c0:01:97:2f:69:82:6e:e4:59: ed:d5:d7:b0:f8:92:5f:ad:94:a3:1b:c6:e4:3d:e3: 68:5c:a9:a4:7d:cf:aa:f8:34:65:68:b9:bf:2d:60: 1f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:3F:F0:15:1B:9F:D5:BA:D8:A2:3A:63:34:D2:0D:40:2C:5C:55:3B X509v3 Authority Key Identifier: keyid:BD:FC:85:C9:17:EB:EB:DC:87:DF:A3:5E:E0:9B:C4:02:85:F5:F4:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfyFyRfr69yH36Ne4JvEAoX19Ac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ad0e22-2449-41e2-9367-7bad9457a42f/1/vfyFyRfr69yH36Ne4JvEAoX19Ac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:01:c9:af:b8:50:61:93:63:04:bf:a0:88:ee:64:b0:bf:77: 3c:15:c7:3e:56:e7:e8:af:91:28:78:6e:04:66:b6:37:a3:d6: e4:c0:41:f5:f0:16:4c:cf:16:f0:59:ec:dc:15:97:d0:c9:71: ea:f2:e5:9b:6d:7b:55:ba:11:9f:c2:51:42:8f:a5:7c:6a:cf: 6c:fa:1a:fe:40:75:79:af:a6:81:a8:f9:6a:02:28:da:bc:7f: 6a:74:39:0e:41:d8:49:11:78:33:13:4d:ef:45:a0:f6:6d:7b: a4:57:c1:5a:53:02:88:c8:b8:bd:4f:f9:85:7a:df:2a:a3:03: d2:0c:91:18:11:37:26:9d:8d:1e:de:d4:3d:e2:34:db:ca:d7: fb:f3:94:d7:6e:3a:bd:17:db:6c:81:4f:12:d7:ca:6f:b5:ac: 66:db:3f:dc:ab:82:c4:7f:aa:fb:af:c4:90:12:72:11:11:a5: 2f:3f:45:ed:8e:fe:e1:37:ec:26:d9:6f:22:69:cb:59:6f:20: ef:8c:bf:67:45:df:7f:98:1b:08:99:05:88:51:51:b4:1b:58: 64:49:05:ad:07:26:53:5f:cc:c7:6b:d5:58:45:ae:41:98:78: 75:5f:ea:15:ea:b7:f4:de:ab:93:02:07:3c:45:59:98:b1:7a: e8:79:da:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVmmdt2syvM+ZZI27urv0nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZmM4NWM5MTdlYmViZGM4N2RmYTM1ZWUwOWJjNDAyODVm NWY0MDcwHhcNMjUxMjI1MTMwMjIwWhcNMjUxMjI2MTMwMjIwWjAzMTEwLwYDVQQD Eyg3ZjNmZjAxNTFiOWZkNWJhZDhhMjNhNjMzNGQyMGQ0MDJjNWM1NTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mgs7y6TpwRfBnftNs/KERVaVel7 hgpa0g+pJt0tcZsP9j2eBOMiyCJAQ2x+JULVcpJzBcPKiX1sX6POrk2sDX97YUp1 i4Nw/o5lgehXLzkXF2yiDDO7GUfI26hyw3UlCHyfneat4YGomhvgZR7hcT5MTfNM 8s9eoy3g6ba94oQGs3juRM2H5MQrjfm4NFoH8vg/D306p6jPlJ0PP7/Pvan6U+24 w1XYMqoIJWndMkQrEkMYxF9R3rt1viWJHaTAKpMActi4RtuYgmU9H/DvZd4LSMcL b/zAAZcvaYJu5Fnt1dew+JJfrZSjG8bkPeNoXKmkfc+q+DRlaLm/LWAf6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH8/8BUbn9W62KI6YzTSDUAsXFU7MB8GA1UdIwQY MBaAFL38hckX6+vch9+jXuCbxAKF9fQHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjct N2JhZDk0NTdhNDJmLzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hZDBlMjItMjQ0OS00MWUyLTkzNjctN2JhZDk0NTdhNDJm LzEvdmZ5RnlSZnI2OXlIMzZOZTRKdkVBb1gxOUFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAHJr7hQ YZNjBL+giO5ksL93PBXHPlbn6K+RKHhuBGa2N6PW5MBB9fAWTM8W8Fns3BWX0Mlx 6vLlm217VboRn8JRQo+lfGrPbPoa/kB1ea+mgaj5agIo2rx/anQ5DkHYSRF4MxNN 70Wg9m17pFfBWlMCiMi4vU/5hXrfKqMD0gyRGBE3Jp2NHt7UPeI028rX+/OU1246 vRfbbIFPEtfKb7WsZts/3KuCxH+q+6/EkBJyERGlLz9F7Y7+4TfsJtlvImnLWW8g 74y/Z0Xff5gbCJkFiFFRtBtYZEkFrQcmU1/Mx2vVWEWuQZh4dV/qFeq39N6rkwIH PEVZmLF66HnaGg== -----END CERTIFICATE-----Generated at Thu Dec 25 22:15:58 2025 by rpki-client