This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft File: yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft (raw, json) Hash identifier: zFChRJTzXY63Cc4GANE1K0YBNn8bG+8tnunvbYhtW4Y= Subject key identifier: C3:10:16:30:25:FE:7C:99:38:8A:CB:03:24:05:15:6B:27:01:5D:B2 Authority key identifier: C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 Certificate issuer: /CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Certificate serial: 019B49CB8AD5632620606C5EDA24BC54439D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft Manifest number: 1790 Signing time: Tue 23 Dec 2025 06:00:34 +0000 Manifest this update: Tue 23 Dec 2025 06:00:34 +0000 Manifest next update: Wed 24 Dec 2025 06:00:34 +0000 Files and hashes: 1: w1wE-GTVXdtS8_s6-jCqXeRbv54.roa (hash: tWxx0MAwHTEu1ZGxtJdO+Nj7usmdmMpLOetyWJHeUhM=) 2: yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl (hash: uu76ztjJy0y8IuDhjkuDMYkhXchlX052bOtCykCkEXI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 06:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:cb:8a:d5:63:26:20:60:6c:5e:da:24:bc:54:43:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Validity Not Before: Dec 23 06:00:34 2025 GMT Not After : Dec 24 06:00:34 2025 GMT Subject: CN=c310163025fe7c99388acb032405156b27015db2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4e:41:95:63:db:e1:f0:9e:64:28:d5:13:57: 11:8c:95:de:4c:75:d1:04:4e:4b:6c:30:db:e7:a4: 30:43:38:91:75:ab:c9:38:2f:2d:f1:1f:ac:01:85: 4f:6c:97:f2:2e:06:2a:61:15:f8:21:ee:0c:0f:5b: 63:3a:4b:dc:6c:fd:c0:14:db:c1:b5:db:2d:92:19: 15:9a:49:65:7f:2a:1c:45:e7:ac:df:ec:05:52:01: c1:38:e2:9b:81:5a:fe:d8:78:13:2c:ff:d9:18:2d: 44:ec:b3:de:d7:42:4f:62:e9:59:f7:c0:9d:5b:c3: b2:98:d3:b9:ac:92:d9:fe:61:99:fc:77:9e:fc:17: 3c:88:a5:d0:66:32:e9:4c:cf:85:9c:06:97:f1:c6: 83:e8:42:64:cc:4a:9f:3a:09:a3:0a:a2:14:88:67: 69:86:71:c8:c7:85:10:9f:dc:4a:9d:0b:1f:26:77: 48:50:30:a0:ee:96:a5:f1:52:e7:71:03:20:3f:56: a8:2e:eb:ba:3e:f9:4e:a0:3b:b9:22:fd:48:a7:50: 05:90:89:0c:f7:e5:d7:bd:59:17:87:0e:21:64:b4: dc:22:75:4b:d1:5f:e0:eb:d2:53:5c:b8:b9:7d:a1: 7a:57:77:5e:55:c7:10:c4:22:d6:3a:55:86:95:b5: 11:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:10:16:30:25:FE:7C:99:38:8A:CB:03:24:05:15:6B:27:01:5D:B2 X509v3 Authority Key Identifier: keyid:C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:ba:52:d3:26:80:30:b8:5f:e9:ee:98:9e:eb:d2:bc:16:57: 04:2b:ee:00:3e:99:f1:62:84:c4:86:4f:82:45:89:9e:7e:ff: b1:d6:d8:7d:2f:7f:09:b6:c5:3a:73:cc:f5:34:4f:d6:1a:bb: 43:9a:81:61:4e:5c:20:a9:c6:61:2b:f0:c6:ae:10:1e:90:29: 0b:98:eb:2e:a0:bf:2d:54:ab:40:af:6a:a0:de:bb:dd:32:dc: 5f:af:95:45:11:10:89:ad:33:ee:6f:2e:7c:a7:79:97:a4:e6: be:9b:77:85:63:6c:07:28:6d:f6:cd:8b:e4:0b:af:86:47:f8: 98:21:6b:b9:b5:9d:60:d9:5c:e8:61:30:5f:70:5e:ec:97:b1: 53:ac:ce:4a:ce:00:35:de:9d:00:ea:be:1b:bd:85:6d:81:10: f1:9f:f3:ae:56:9e:1f:19:17:55:7f:f8:b4:ca:29:02:9d:c5: 5a:2d:56:a3:1c:3b:31:8e:96:cb:cf:9b:88:fa:93:82:c1:e6: f1:ce:02:54:05:49:19:e7:98:de:6b:99:b9:f1:bf:9d:9e:0a: 66:76:7a:f4:72:94:30:95:53:ec:40:b2:8f:42:66:a4:bd:00: 80:ba:60:87:d8:08:2d:f0:0d:28:92:80:a2:2d:0e:ba:18:30: 54:60:79:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJy4rVYyYgYGxe2iS8VEOdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NWY1MTBjNzJjZTBiNzljMjg5OWIzNTg0NWZmZTM2NzA2 OTNmMDUwHhcNMjUxMjIzMDYwMDM0WhcNMjUxMjI0MDYwMDM0WjAzMTEwLwYDVQQD EyhjMzEwMTYzMDI1ZmU3Yzk5Mzg4YWNiMDMyNDA1MTU2YjI3MDE1ZGIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx05BlWPb4fCeZCjVE1cRjJXeTHXR BE5LbDDb56QwQziRdavJOC8t8R+sAYVPbJfyLgYqYRX4Ie4MD1tjOkvcbP3AFNvB tdstkhkVmkllfyocRees3+wFUgHBOOKbgVr+2HgTLP/ZGC1E7LPe10JPYulZ98Cd W8OymNO5rJLZ/mGZ/Hee/Bc8iKXQZjLpTM+FnAaX8caD6EJkzEqfOgmjCqIUiGdp hnHIx4UQn9xKnQsfJndIUDCg7pal8VLncQMgP1aoLuu6PvlOoDu5Iv1Ip1AFkIkM 9+XXvVkXhw4hZLTcInVL0V/g69JTXLi5faF6V3deVccQxCLWOlWGlbURcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMMQFjAl/nyZOIrLAyQFFWsnAV2yMB8GA1UdIwQY MBaAFMhfUQxyzgt5wombNYRf/jZwaT8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEt YjhjOWEyYTlkYTQ2LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEtYjhjOWEyYTlkYTQ2 LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ7pS0yaA MLhf6e6YnuvSvBZXBCvuAD6Z8WKExIZPgkWJnn7/sdbYfS9/CbbFOnPM9TRP1hq7 Q5qBYU5cIKnGYSvwxq4QHpApC5jrLqC/LVSrQK9qoN673TLcX6+VRREQia0z7m8u fKd5l6Tmvpt3hWNsByht9s2L5Auvhkf4mCFrubWdYNlc6GEwX3Be7JexU6zOSs4A Nd6dAOq+G72FbYEQ8Z/zrlaeHxkXVX/4tMopAp3FWi1Woxw7MY6Wy8+biPqTgsHm 8c4CVAVJGeeY3muZufG/nZ4KZnZ69HKUMJVT7ECyj0JmpL0AgLpgh9gILfANKJKA oi0OuhgwVGB5JA== -----END CERTIFICATE-----Generated at Tue Dec 23 10:36:54 2025 by rpki-client