This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.mft File: yxODRz6KqHJwaPx1LgYOPb9j4O8.mft (raw, json) Hash identifier: JLY8H8KhSRx+2uhmx/8triAUi8p8qoo6EiZSG6IS9jo= Subject key identifier: 47:7F:DA:D7:3A:F9:BC:1F:6E:19:A4:D3:34:58:D0:43:7F:CF:29:73 Authority key identifier: CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF Certificate issuer: /CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef Certificate serial: 019B44382C1F493F5A4C28BBA8D1ED02FDA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.mft Manifest number: 0948 Signing time: Mon 22 Dec 2025 04:01:30 +0000 Manifest this update: Mon 22 Dec 2025 04:01:30 +0000 Manifest next update: Tue 23 Dec 2025 04:01:30 +0000 Files and hashes: 1: rOX9zRwObaYZKZTR0WDKGvQYCI8.roa (hash: AVl8Cu7AhfVM1Wh1VdzrltPVEMOUXlEEy7ZTpT+wzAA=) 2: yxODRz6KqHJwaPx1LgYOPb9j4O8.crl (hash: mOL01BM3vfh3kDund4B/v1eHSXHufBkuIyMB4KpxOc4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.mft rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:2c:1f:49:3f:5a:4c:28:bb:a8:d1:ed:02:fd:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb1383473e8aa8727068fc752e060e3dbf63e0ef Validity Not Before: Dec 22 04:01:30 2025 GMT Not After : Dec 23 04:01:30 2025 GMT Subject: CN=477fdad73af9bc1f6e19a4d33458d0437fcf2973 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:56:04:d0:9a:62:d2:3c:5a:7e:f1:e0:72:54: 6c:4e:b4:7a:ba:e7:11:00:e5:a2:fa:35:39:f3:6c: 0b:40:28:d8:a0:3d:b9:b4:34:4c:0a:51:7a:58:3a: 28:6e:33:cc:d7:c8:89:6c:b3:84:3b:74:3f:5a:a7: 4c:6d:9d:50:b5:22:44:79:c8:cc:70:c3:e6:ba:4a: 3b:ec:24:40:b2:79:1d:d3:d6:f3:28:e5:9d:ac:73: a9:4a:ff:dd:b8:7e:3f:54:60:1f:d6:d1:cf:67:2c: 85:26:b4:65:d3:d2:70:dc:1f:59:82:82:00:5a:bc: 76:bb:77:67:5e:6a:29:c6:3d:ed:cd:a1:ad:15:4f: 10:eb:6b:9e:1d:48:67:5d:25:a4:4e:f6:e6:1d:8b: 67:e7:c0:43:ba:65:e0:4b:64:62:31:2e:c8:9d:2e: 89:46:4f:1d:fd:a0:19:de:fa:32:7c:cb:f2:7a:bc: 36:ae:fb:be:dd:63:64:20:7f:73:af:d4:6a:ca:a2: 41:bc:2a:91:64:b2:0f:17:df:29:5c:73:9f:16:8f: 0c:ff:0f:9f:63:85:86:8c:3f:4a:d0:06:9b:d1:42: fa:f2:d0:8c:eb:66:12:cf:6c:ba:fc:a4:61:29:25: f8:cf:b4:3c:24:c4:c8:9b:21:c7:db:53:37:08:90: 0b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:7F:DA:D7:3A:F9:BC:1F:6E:19:A4:D3:34:58:D0:43:7F:CF:29:73 X509v3 Authority Key Identifier: keyid:CB:13:83:47:3E:8A:A8:72:70:68:FC:75:2E:06:0E:3D:BF:63:E0:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxODRz6KqHJwaPx1LgYOPb9j4O8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c63c94-e569-41b8-8e2b-d18b09cf3a1d/1/yxODRz6KqHJwaPx1LgYOPb9j4O8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:94:a2:0f:ee:28:ba:c9:0a:4d:45:46:17:ac:35:5f:d8:e1: 0a:70:4b:af:4e:b8:5f:86:6e:71:fb:01:20:f2:be:61:09:c0: 14:7f:c7:76:a4:72:f7:e0:ee:cb:ba:f2:5a:a2:e6:97:21:67: be:45:89:aa:0b:9b:26:55:5d:5e:55:be:7c:67:02:f9:96:2e: 00:49:fe:f0:c5:56:47:3f:48:9f:52:da:06:cd:83:ad:f2:b4: 30:0c:04:1c:55:73:8b:30:d4:8d:41:06:2f:59:d8:a3:42:24: f0:6c:28:91:30:65:30:03:e3:cb:0f:ec:76:57:da:a0:10:5f: ab:7c:2c:2e:85:8b:60:20:8f:74:0f:89:e8:be:89:42:83:0b: 3f:76:9d:51:6b:ad:39:45:0d:af:6f:86:52:67:01:c7:20:84: f5:6c:d3:5b:ec:5a:57:97:fb:f6:d2:6b:81:63:c7:82:f0:80: 28:3f:f7:76:d3:db:5b:00:4f:7e:54:86:0a:31:40:a9:53:84: 03:72:cd:17:a1:65:9b:b1:ab:43:2f:94:15:a1:fc:72:cd:13: 64:44:7e:a0:25:9c:a3:01:5b:fc:8a:6e:7c:21:a0:4a:12:cd: 52:29:61:c2:66:7c:57:8f:ae:d8:70:67:04:af:e7:4d:d8:99: 94:3b:33:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOCwfST9aTCi7qNHtAv2oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiMTM4MzQ3M2U4YWE4NzI3MDY4ZmM3NTJlMDYwZTNkYmY2 M2UwZWYwHhcNMjUxMjIyMDQwMTMwWhcNMjUxMjIzMDQwMTMwWjAzMTEwLwYDVQQD Eyg0NzdmZGFkNzNhZjliYzFmNmUxOWE0ZDMzNDU4ZDA0MzdmY2YyOTczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVYE0Jpi0jxafvHgclRsTrR6uucR AOWi+jU582wLQCjYoD25tDRMClF6WDoobjPM18iJbLOEO3Q/WqdMbZ1QtSJEecjM cMPmuko77CRAsnkd09bzKOWdrHOpSv/duH4/VGAf1tHPZyyFJrRl09Jw3B9ZgoIA Wrx2u3dnXmopxj3tzaGtFU8Q62ueHUhnXSWkTvbmHYtn58BDumXgS2RiMS7InS6J Rk8d/aAZ3voyfMvyerw2rvu+3WNkIH9zr9RqyqJBvCqRZLIPF98pXHOfFo8M/w+f Y4WGjD9K0Aab0UL68tCM62YSz2y6/KRhKSX4z7Q8JMTImyHH21M3CJALOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEd/2tc6+bwfbhmk0zRY0EN/zylzMB8GA1UdIwQY MBaAFMsTg0c+iqhycGj8dS4GDj2/Y+DvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmIt ZDE4YjA5Y2YzYTFkLzEveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9jNjNjOTQtZTU2OS00MWI4LThlMmItZDE4YjA5Y2YzYTFk LzEveXhPRFJ6NktxSEp3YVB4MUxnWU9QYjlqNE84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5SiD+4o uskKTUVGF6w1X9jhCnBLr064X4ZucfsBIPK+YQnAFH/HdqRy9+Duy7ryWqLmlyFn vkWJqgubJlVdXlW+fGcC+ZYuAEn+8MVWRz9In1LaBs2DrfK0MAwEHFVzizDUjUEG L1nYo0Ik8GwokTBlMAPjyw/sdlfaoBBfq3wsLoWLYCCPdA+J6L6JQoMLP3adUWut OUUNr2+GUmcBxyCE9WzTW+xaV5f79tJrgWPHgvCAKD/3dtPbWwBPflSGCjFAqVOE A3LNF6Flm7GrQy+UFaH8cs0TZER+oCWcowFb/IpufCGgShLNUilhwmZ8V4+u2HBn BK/nTdiZlDsz8g== -----END CERTIFICATE-----Generated at Mon Dec 22 13:55:27 2025 by rpki-client