This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft File: lywzrtjvsmnTdEgT0oxTYJLnzzg.mft (raw, json) Hash identifier: lc/eIU4wdqs+5wOgRjuNZIc6mWIYgKtVZ7kAfAqF74w= Subject key identifier: 6F:AD:42:19:8D:40:3F:D0:AB:1C:41:6B:9D:08:2A:F8:44:0A:CF:E6 Authority key identifier: 97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38 Certificate issuer: /CN=972c33aed8efb269d3744813d28c536092e7cf38 Certificate serial: 019B4625FD134DE98BDFDD549D583DE2D6B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft Manifest number: 0D5E Signing time: Mon 22 Dec 2025 13:00:53 +0000 Manifest this update: Mon 22 Dec 2025 13:00:53 +0000 Manifest next update: Tue 23 Dec 2025 13:00:53 +0000 Files and hashes: 1: ABgvtVRWI6brZz3FziMb4rv0_78.roa (hash: xcpeYC06fvzRoHxarxnxi+ZpU9v7tXYglNgTbxJJFa4=) 2: lywzrtjvsmnTdEgT0oxTYJLnzzg.crl (hash: deiobkLd6xkLt4Xuy+snoUwm8IhE0MZXdkWMiS3C3qA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:25:fd:13:4d:e9:8b:df:dd:54:9d:58:3d:e2:d6:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=972c33aed8efb269d3744813d28c536092e7cf38 Validity Not Before: Dec 22 13:00:53 2025 GMT Not After : Dec 23 13:00:53 2025 GMT Subject: CN=6fad42198d403fd0ab1c416b9d082af8440acfe6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:14:b8:72:d9:da:ba:aa:bd:63:4f:7d:b5:6e: bd:b0:4a:ee:81:7f:97:fd:94:4b:db:b9:18:f2:5d: 44:1f:a6:a6:8e:5f:23:c2:d0:4b:e2:6b:63:49:f9: f0:33:4a:35:5a:f3:e4:36:ea:f9:ff:f8:b1:7d:d0: 5a:74:71:21:cb:ae:e6:05:5d:36:ce:bb:b1:30:0b: 44:7e:42:d6:77:d2:22:6c:6a:e5:8d:ef:ed:e9:33: 2e:d8:97:8f:e8:64:93:1d:52:f9:07:15:1f:e3:e0: 67:3b:71:f1:ed:00:b2:41:69:05:a9:3d:0a:a1:3e: 45:92:fc:02:f8:52:e6:a8:4c:32:ab:d3:ba:77:3d: 9e:3c:a7:94:31:d0:ba:92:8f:e5:8b:09:8a:c5:73: 67:05:e9:71:17:29:2e:98:17:6e:92:bc:b7:e1:62: 6e:c8:e8:1b:d6:41:88:60:0b:83:17:56:65:dc:ab: 52:1c:71:cf:e4:09:c3:69:dc:9c:de:8e:f5:85:83: 90:80:31:ec:5a:85:aa:5f:03:f7:55:5f:87:84:bd: 50:7f:c5:cd:8d:a4:84:bc:b8:85:46:1e:e8:86:8f: c7:6c:8d:d8:d6:f8:73:1a:e8:c2:42:42:ed:05:6f: 7c:f3:6b:43:bc:39:69:bf:96:e7:a8:c8:d0:02:10: ff:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:AD:42:19:8D:40:3F:D0:AB:1C:41:6B:9D:08:2A:F8:44:0A:CF:E6 X509v3 Authority Key Identifier: keyid:97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:bc:35:6e:c8:00:87:f8:68:1d:13:20:af:52:1e:59:28:9b: f4:35:6b:fd:38:f8:f7:ac:ed:49:7a:11:61:2c:b2:f5:b3:cc: f0:d6:b1:ed:79:5f:7e:57:28:af:34:5c:9a:dc:0c:83:9e:e8: e2:9b:33:f7:3c:af:42:c0:99:ea:60:cb:a2:e2:87:c5:33:20: 90:51:dc:b8:e7:b8:1d:d1:1d:43:e3:5f:f3:fc:d8:24:c5:0b: 1e:ae:98:0c:2e:97:5c:49:5c:dc:56:0b:88:13:4b:d0:4c:3d: 00:15:69:61:d2:60:4d:23:9f:75:35:92:f0:00:61:82:7c:7b: d5:f8:b9:25:07:5b:9f:cc:49:4d:7a:91:5e:88:f3:0d:5c:1a: d4:37:36:55:de:65:3c:27:76:67:40:19:7b:da:57:1b:a4:56: 56:8e:e6:31:a9:39:5e:78:cf:27:92:50:e0:dd:c5:3e:b9:ad: 67:ba:9c:5c:2c:01:6d:4f:ba:be:ce:63:29:80:0f:bc:d9:13: 5a:6a:a8:0b:14:b0:ef:c0:37:22:0e:08:15:e7:bb:f1:31:66: 70:f0:ab:be:1c:f1:d2:59:f1:b9:d1:28:96:c0:52:ef:e6:47: 41:81:e2:95:b5:96:f0:22:61:29:1f:a2:27:27:dc:9c:9f:37: ac:a4:cb:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJf0TTemL391UnVg94tawMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3MmMzM2FlZDhlZmIyNjlkMzc0NDgxM2QyOGM1MzYwOTJl N2NmMzgwHhcNMjUxMjIyMTMwMDUzWhcNMjUxMjIzMTMwMDUzWjAzMTEwLwYDVQQD Eyg2ZmFkNDIxOThkNDAzZmQwYWIxYzQxNmI5ZDA4MmFmODQ0MGFjZmU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBS4ctnauqq9Y099tW69sErugX+X /ZRL27kY8l1EH6amjl8jwtBL4mtjSfnwM0o1WvPkNur5//ixfdBadHEhy67mBV02 zruxMAtEfkLWd9IibGrlje/t6TMu2JeP6GSTHVL5BxUf4+BnO3Hx7QCyQWkFqT0K oT5FkvwC+FLmqEwyq9O6dz2ePKeUMdC6ko/liwmKxXNnBelxFykumBdukry34WJu yOgb1kGIYAuDF1Zl3KtSHHHP5AnDadyc3o71hYOQgDHsWoWqXwP3VV+HhL1Qf8XN jaSEvLiFRh7oho/HbI3Y1vhzGujCQkLtBW9882tDvDlpv5bnqMjQAhD/nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG+tQhmNQD/QqxxBa50IKvhECs/mMB8GA1UdIwQY MBaAFJcsM67Y77Jp03RIE9KMU2CS5884MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2Qt ZDI1MGU0NWIxNjIwLzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2QtZDI1MGU0NWIxNjIw LzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp7w1bsgA h/hoHRMgr1IeWSib9DVr/Tj496ztSXoRYSyy9bPM8Nax7XlfflcorzRcmtwMg57o 4psz9zyvQsCZ6mDLouKHxTMgkFHcuOe4HdEdQ+Nf8/zYJMULHq6YDC6XXElc3FYL iBNL0Ew9ABVpYdJgTSOfdTWS8ABhgnx71fi5JQdbn8xJTXqRXojzDVwa1Dc2Vd5l PCd2Z0AZe9pXG6RWVo7mMak5XnjPJ5JQ4N3FPrmtZ7qcXCwBbU+6vs5jKYAPvNkT WmqoCxSw78A3Ig4IFee78TFmcPCrvhzx0lnxudEolsBS7+ZHQYHilbWW8CJhKR+i JyfcnJ83rKTLsg== -----END CERTIFICATE-----Generated at Mon Dec 22 17:08:44 2025 by rpki-client