This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft File: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft (raw, json) Hash identifier: OKzPwkakAyIEoMASvBKppO72ue1YEH5ohvWMrt1Em4I= Subject key identifier: 39:47:ED:63:0E:4A:8D:2D:DD:1C:9E:82:41:AE:A0:AB:7A:D0:FE:A0 Authority key identifier: 63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90 Certificate issuer: /CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890 Certificate serial: 019B3D9071B8E92164BBB1DE4422BD68C399 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft Manifest number: 0D6B Signing time: Sat 20 Dec 2025 21:00:34 +0000 Manifest this update: Sat 20 Dec 2025 21:00:34 +0000 Manifest next update: Sun 21 Dec 2025 21:00:34 +0000 Files and hashes: 1: 2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa (hash: tXSd9lU5fCgD64Z/fTQv/A1ZJJrB3ZcLdqsIZET5sKI=) 2: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl (hash: ErbCxwB53wu0MAUE4R+XmERt3wc2KzXTk9jPWZzoSkY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:71:b8:e9:21:64:bb:b1:de:44:22:bd:68:c3:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890 Validity Not Before: Dec 20 21:00:34 2025 GMT Not After : Dec 21 21:00:34 2025 GMT Subject: CN=3947ed630e4a8d2ddd1c9e8241aea0ab7ad0fea0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a6:58:71:43:16:71:7d:45:6f:c4:bb:dc:49: f5:69:d2:9e:51:32:8e:15:8d:40:2d:ef:c7:62:47: 47:df:95:6c:b6:c5:5d:3b:39:29:ac:27:cb:c9:16: 0b:fe:9b:39:b9:24:da:28:87:0a:34:9a:78:3e:3c: a2:e6:bc:2d:8c:df:02:75:43:cf:3e:12:80:01:a7: f6:b1:5b:37:0f:dc:cc:70:9b:fd:e7:fe:e1:a8:91: fb:c5:07:d8:29:0a:e8:07:6c:e2:4e:72:0e:98:8e: 57:d8:6a:16:34:ce:69:5b:e4:e2:0e:a9:9f:82:d5: 5b:14:dc:79:84:98:26:b5:e1:0c:91:13:78:85:f4: 83:10:3b:10:cb:36:9d:ae:af:30:02:d8:e1:27:b0: 54:cf:61:dd:6d:c9:62:bf:72:51:2e:c4:be:57:31: 08:15:38:32:e8:57:1d:d4:e5:78:8a:7f:3f:5b:41: 60:2c:72:93:64:ac:55:8d:c5:54:10:6c:47:4e:df: 39:40:bf:5a:b5:39:84:6e:58:21:3f:ed:f8:35:f8: fd:82:c6:f3:e3:80:15:e5:f5:d4:7b:88:b5:f3:80: 0b:cb:3a:31:83:b0:bc:8c:06:e2:29:80:4c:d0:73: 2c:62:c8:91:dd:35:da:62:fe:22:30:1e:fb:0f:54: ed:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:47:ED:63:0E:4A:8D:2D:DD:1C:9E:82:41:AE:A0:AB:7A:D0:FE:A0 X509v3 Authority Key Identifier: keyid:63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:53:ad:80:a8:86:31:73:44:0c:3d:46:97:e6:0b:bc:f0:bc: 4e:5d:6b:7b:84:9f:6c:5d:6d:46:7c:d5:18:ef:04:51:62:25: af:f2:98:2d:de:3c:8f:ed:f2:5a:65:8e:bc:67:c9:e5:b6:5a: e4:55:e6:1f:c1:43:f7:f2:e7:13:ef:69:06:9e:43:8b:41:30: af:22:16:eb:6b:8c:11:74:5b:91:0c:8a:2c:88:58:f2:5f:28: de:f3:06:2b:a1:8f:34:27:f2:4e:d9:49:c8:62:5b:c0:78:4c: 9e:11:36:a7:8d:f3:cd:82:63:84:b5:80:93:cd:88:eb:c3:cc: 79:f0:08:e2:68:6c:bd:c6:1b:26:06:60:ab:7a:85:5e:cb:5c: c5:96:57:8d:bd:a6:e5:44:54:01:73:88:61:bd:4b:8e:b2:a7: 68:77:37:dc:fa:1c:81:cb:6d:13:91:f3:9c:f6:da:b1:a5:e1: 37:3c:94:3b:94:67:f9:f9:13:6c:4c:ce:9e:12:70:eb:8a:a5: e6:f3:f1:f2:03:3e:3e:42:5b:fc:b2:b0:f6:5d:ef:f9:c1:c6: eb:78:46:91:54:1a:7c:4a:f5:16:e3:90:56:bd:64:07:94:09: 8a:b3:ff:7e:25:f1:f7:4c:6e:49:ec:bf:5c:0b:23:48:43:56: 58:1f:7e:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kHG46SFku7HeRCK9aMOZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzOGM4M2Y5YTNhM2QyMTYwYTAxNzhjYTE5Y2NiNDNhMGQy ZjE4OTAwHhcNMjUxMjIwMjEwMDM0WhcNMjUxMjIxMjEwMDM0WjAzMTEwLwYDVQQD EygzOTQ3ZWQ2MzBlNGE4ZDJkZGQxYzllODI0MWFlYTBhYjdhZDBmZWEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaZYcUMWcX1Fb8S73En1adKeUTKO FY1ALe/HYkdH35VstsVdOzkprCfLyRYL/ps5uSTaKIcKNJp4Pjyi5rwtjN8CdUPP PhKAAaf2sVs3D9zMcJv95/7hqJH7xQfYKQroB2ziTnIOmI5X2GoWNM5pW+TiDqmf gtVbFNx5hJgmteEMkRN4hfSDEDsQyzadrq8wAtjhJ7BUz2Hdbcliv3JRLsS+VzEI FTgy6Fcd1OV4in8/W0FgLHKTZKxVjcVUEGxHTt85QL9atTmEblghP+34Nfj9gsbz 44AV5fXUe4i184ALyzoxg7C8jAbiKYBM0HMsYsiR3TXaYv4iMB77D1TtswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDlH7WMOSo0t3RyegkGuoKt60P6gMB8GA1UdIwQY MBaAFGOMg/mjo9IWCgF4yhnMtDoNLxiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzct MjU1NTBiYTI5MTI3LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzctMjU1NTBiYTI5MTI3 LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwlOtgKiG MXNEDD1Gl+YLvPC8Tl1re4SfbF1tRnzVGO8EUWIlr/KYLd48j+3yWmWOvGfJ5bZa 5FXmH8FD9/LnE+9pBp5Di0EwryIW62uMEXRbkQyKLIhY8l8o3vMGK6GPNCfyTtlJ yGJbwHhMnhE2p43zzYJjhLWAk82I68PMefAI4mhsvcYbJgZgq3qFXstcxZZXjb2m 5URUAXOIYb1LjrKnaHc33PocgcttE5HznPbasaXhNzyUO5Rn+fkTbEzOnhJw64ql 5vPx8gM+PkJb/LKw9l3v+cHG63hGkVQafEr1FuOQVr1kB5QJirP/fiXx90xuSey/ XAsjSENWWB9+dw== -----END CERTIFICATE-----Generated at Sat Dec 20 22:43:41 2025 by rpki-client