This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.mft File: yQs5SsYzN2B_obsOq6EUU6gx85g.mft (raw, json) Hash identifier: agbL0UhTk2Wf9zyXXbW//TeLhoZIja/lIAyAWUwruY8= Subject key identifier: 21:D3:17:3B:A7:9C:E9:36:4F:ED:0E:88:73:7B:62:B2:E2:EF:F4:71 Authority key identifier: C9:0B:39:4A:C6:33:37:60:7F:A1:BB:0E:AB:A1:14:53:A8:31:F3:98 Certificate issuer: /CN=c90b394ac63337607fa1bb0eaba11453a831f398 Certificate serial: 019B53E1986D1727E062433D25670D9D18C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yQs5SsYzN2B_obsOq6EUU6gx85g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.mft Manifest number: 0E32 Signing time: Thu 25 Dec 2025 05:00:52 +0000 Manifest this update: Thu 25 Dec 2025 05:00:52 +0000 Manifest next update: Fri 26 Dec 2025 05:00:52 +0000 Files and hashes: 1: xYOsm8BUsmYBwfKFXCGnakfV_m8.roa (hash: 061quaNl9U6/3ODiu8AkctDs7yOiVTs6PkYfEN9U9Cs=) 2: yQs5SsYzN2B_obsOq6EUU6gx85g.crl (hash: IstUvGjSJ80Vok78BUq1+qB0zqBGmoyOtIFUWxb3zdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.crl rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.mft rsync://rpki.ripe.net/repository/DEFAULT/yQs5SsYzN2B_obsOq6EUU6gx85g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:e1:98:6d:17:27:e0:62:43:3d:25:67:0d:9d:18:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c90b394ac63337607fa1bb0eaba11453a831f398 Validity Not Before: Dec 25 05:00:52 2025 GMT Not After : Dec 26 05:00:52 2025 GMT Subject: CN=21d3173ba79ce9364fed0e88737b62b2e2eff471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:e6:f6:7d:72:69:ab:c6:66:c5:bc:12:24:0e: 0b:7a:e0:2c:02:38:c4:48:da:6c:a6:21:ed:e3:73: 08:69:e7:b3:db:93:42:f5:5f:75:1d:59:6a:e5:f6: a6:ef:64:ea:6f:fc:d7:b4:84:11:59:8b:0e:c4:73: 2d:17:0c:f2:77:2a:c1:90:c8:34:ec:71:a2:03:d7: fd:66:22:d5:ef:19:e7:cb:d0:f8:ec:de:f8:91:fa: 0e:38:27:7a:d8:27:68:58:65:12:e1:0c:08:67:f5: 3b:04:3c:c8:fd:77:27:46:47:70:0f:e4:8d:f8:01: dd:41:6c:b6:95:ba:4a:98:66:6f:fd:fd:60:34:6b: c2:74:d1:52:20:60:5e:bf:4d:ff:ef:71:38:c1:36: 18:5f:74:62:cf:a8:2a:74:d5:92:ad:1d:3e:64:84: d3:4c:f6:c4:87:2a:97:eb:9d:ca:a5:a2:cd:74:8c: e4:20:5a:5b:3c:55:7c:47:fa:41:7a:37:79:e0:4b: 0e:98:3b:8f:2b:76:e4:b5:80:ba:62:d7:e7:25:6e: be:d0:16:bc:7f:1f:35:a7:cd:a8:13:0a:53:e7:47: f3:cb:6e:2c:73:71:e1:14:1d:82:01:8b:2c:ae:1d: 1d:99:41:f3:11:f6:6c:49:50:5c:42:bd:85:db:ec: be:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D3:17:3B:A7:9C:E9:36:4F:ED:0E:88:73:7B:62:B2:E2:EF:F4:71 X509v3 Authority Key Identifier: keyid:C9:0B:39:4A:C6:33:37:60:7F:A1:BB:0E:AB:A1:14:53:A8:31:F3:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQs5SsYzN2B_obsOq6EUU6gx85g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:17:df:96:6a:f9:c4:44:d1:0f:40:50:97:10:6a:c3:0d:dd: 10:ef:a2:91:4a:fe:50:d9:2e:9b:9a:78:ea:85:3b:f0:71:3b: 8e:e9:95:ec:85:e6:fe:e2:03:d3:40:ae:be:f2:0d:71:98:43: ba:49:a6:a9:77:c0:37:24:fc:8c:a3:8b:72:2d:d1:f1:ef:df: e9:f2:fe:ff:9f:94:f5:74:f3:e8:a0:11:56:42:cd:5c:f5:4b: c8:33:ce:8b:4d:bd:3f:3e:e4:94:21:85:a4:89:37:66:7e:74: aa:ee:a8:b8:07:b6:f6:e8:1d:8e:34:59:01:3a:19:2b:95:fd: 60:8a:77:8b:d9:af:4d:16:b2:06:e9:43:31:91:80:6f:4d:90: 8f:4d:58:a7:ae:b5:cc:dd:fe:e3:12:78:78:f9:cd:f3:a8:77: bf:62:08:d5:86:cd:d5:b1:e0:42:a4:32:40:fd:d1:16:59:37: 63:9c:08:5c:62:24:d9:e6:ac:d9:ac:1d:40:b0:20:8b:83:ca: 66:60:a0:04:8d:89:74:57:4d:06:b9:5b:e8:ca:47:6b:71:dd: fa:2a:f3:05:bd:f6:29:00:dc:cb:e5:4b:a1:06:3a:ff:d7:f5: 46:31:9c:49:5f:a1:f4:4a:75:f4:0d:61:5d:7b:bb:bc:b8:68: 92:b5:5c:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtT4ZhtFyfgYkM9JWcNnRjJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5MGIzOTRhYzYzMzM3NjA3ZmExYmIwZWFiYTExNDUzYTgz MWYzOTgwHhcNMjUxMjI1MDUwMDUyWhcNMjUxMjI2MDUwMDUyWjAzMTEwLwYDVQQD EygyMWQzMTczYmE3OWNlOTM2NGZlZDBlODg3MzdiNjJiMmUyZWZmNDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eb2fXJpq8ZmxbwSJA4LeuAsAjjE SNpspiHt43MIaeez25NC9V91HVlq5fam72Tqb/zXtIQRWYsOxHMtFwzydyrBkMg0 7HGiA9f9ZiLV7xnny9D47N74kfoOOCd62CdoWGUS4QwIZ/U7BDzI/XcnRkdwD+SN +AHdQWy2lbpKmGZv/f1gNGvCdNFSIGBev03/73E4wTYYX3Riz6gqdNWSrR0+ZITT TPbEhyqX653KpaLNdIzkIFpbPFV8R/pBejd54EsOmDuPK3bktYC6YtfnJW6+0Ba8 fx81p82oEwpT50fzy24sc3HhFB2CAYssrh0dmUHzEfZsSVBcQr2F2+y+/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCHTFzunnOk2T+0OiHN7YrLi7/RxMB8GA1UdIwQY MBaAFMkLOUrGMzdgf6G7DquhFFOoMfOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveVFzNVNzWXpOMkJfb2JzT3E2RVVVNmd4ODVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni83ZDc4NGItNjYzOS00YmMwLTlhYjkt MWEyMDBlNDFiMDA2LzEveVFzNVNzWXpOMkJfb2JzT3E2RVVVNmd4ODVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni83ZDc4NGItNjYzOS00YmMwLTlhYjktMWEyMDBlNDFiMDA2 LzEveVFzNVNzWXpOMkJfb2JzT3E2RVVVNmd4ODVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVhfflmr5 xETRD0BQlxBqww3dEO+ikUr+UNkum5p46oU78HE7jumV7IXm/uID00CuvvINcZhD ukmmqXfANyT8jKOLci3R8e/f6fL+/5+U9XTz6KARVkLNXPVLyDPOi029Pz7klCGF pIk3Zn50qu6ouAe29ugdjjRZAToZK5X9YIp3i9mvTRayBulDMZGAb02Qj01Yp661 zN3+4xJ4ePnN86h3v2II1YbN1bHgQqQyQP3RFlk3Y5wIXGIk2eas2awdQLAgi4PK ZmCgBI2JdFdNBrlb6MpHa3Hd+irzBb32KQDcy+VLoQY6/9f1RjGcSV+h9Ep19A1h XXu7vLhokrVcQA== -----END CERTIFICATE-----Generated at Thu Dec 25 07:14:09 2025 by rpki-client