This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft File: A_P-YHUIK-jliDKbQ9dhv257AdA.mft (raw, json) Hash identifier: AN/AEL2f5ITVaKg+mHkCdFbMIEuP+JkpTnDWc5raHh4= Subject key identifier: AE:84:DD:82:26:24:9E:46:D5:DD:D5:4C:BA:E7:8D:DF:CF:F0:80:C5 Authority key identifier: 03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0 Certificate issuer: /CN=03f3fe6075082be8e588329b43d761bf6e7b01d0 Certificate serial: 019B3F7EC01A98F32BCF3E54FC2C8A78A417 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft Manifest number: 09BD Signing time: Sun 21 Dec 2025 06:00:29 +0000 Manifest this update: Sun 21 Dec 2025 06:00:29 +0000 Manifest next update: Mon 22 Dec 2025 06:00:29 +0000 Files and hashes: 1: A_P-YHUIK-jliDKbQ9dhv257AdA.crl (hash: b9PECS600TTB6KPVY5udAyxzMqjpc3oXH8GDji+qcRk=) 2: NLokuyayf_xTBz620eUda7ND62Y.roa (hash: wnbXZXqLcKm2LPuwdWnQJhZT1lgCNXU3KAjP4hIxaAc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7e:c0:1a:98:f3:2b:cf:3e:54:fc:2c:8a:78:a4:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03f3fe6075082be8e588329b43d761bf6e7b01d0 Validity Not Before: Dec 21 06:00:29 2025 GMT Not After : Dec 22 06:00:29 2025 GMT Subject: CN=ae84dd8226249e46d5ddd54cbae78ddfcff080c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:99:bc:bf:a1:0f:e1:06:b7:e0:8f:5d:79: 8e:00:ed:aa:7f:bc:43:4e:33:d9:8c:fe:85:4c:86: 69:be:1a:32:f1:31:03:d6:6a:13:50:23:14:0f:7f: dd:75:f5:50:e2:06:d4:13:09:03:e6:bc:12:10:fd: 7c:15:26:b4:94:6f:17:28:c7:67:8f:4d:62:00:b7: 2f:7e:2b:aa:a0:4a:47:97:75:58:47:9c:82:54:6e: 14:ad:a3:ea:44:89:32:bc:d3:35:1b:c7:34:c4:a9: 87:cb:7c:a5:32:f9:4b:2b:6e:4c:11:c6:e7:60:94: ec:b7:8c:97:4a:69:7f:d7:86:94:1a:3a:5d:c0:fd: cb:66:5d:37:4f:29:0e:bf:9a:b8:85:c7:50:3a:11: 14:ef:98:1d:b9:52:0e:7f:82:e4:1f:e8:ed:e9:22: 5c:7d:b9:be:a4:85:77:12:ea:04:84:44:2b:73:2d: a1:a6:30:34:d7:24:98:bf:3a:bb:9b:43:28:8e:de: ac:9f:37:60:e9:03:46:36:dd:38:fb:8c:cd:88:22: 21:f9:e8:cd:96:f5:1c:39:2f:94:d6:7d:e6:dc:54: dc:6b:74:2f:e4:02:e4:3e:bb:6c:23:a7:c6:51:dd: 35:f6:35:77:ee:14:82:8b:3b:50:0e:9a:51:77:6d: b1:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:84:DD:82:26:24:9E:46:D5:DD:D5:4C:BA:E7:8D:DF:CF:F0:80:C5 X509v3 Authority Key Identifier: keyid:03:F3:FE:60:75:08:2B:E8:E5:88:32:9B:43:D7:61:BF:6E:7B:01:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_P-YHUIK-jliDKbQ9dhv257AdA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8bf7ea-883a-4c43-946c-82dafe104bc5/1/A_P-YHUIK-jliDKbQ9dhv257AdA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:a8:09:cd:65:d8:8d:10:c2:c1:b7:9e:06:d6:26:ed:e2:59: c4:dc:55:a0:93:1c:61:2a:f5:cb:51:3b:a0:39:14:40:00:37: 14:c3:55:45:1b:d1:c5:99:3e:2a:97:75:a4:5d:83:c2:d7:80: e5:1f:f0:b9:88:3f:75:19:91:c9:77:35:65:10:e3:6d:3c:b2: 3c:48:25:ad:d6:e0:a5:23:04:32:d5:1f:46:2d:fe:bf:d0:1d: 3e:5c:22:0e:dc:fe:03:91:31:6e:a3:1b:09:cb:22:ae:38:9a: a6:db:f8:42:6a:1f:04:2a:1a:d0:b4:b1:f2:98:d5:03:f4:95: 53:f3:4d:42:70:35:25:83:30:c5:19:cb:25:6e:63:04:99:a4: 24:72:3e:40:b6:be:4f:37:99:cb:22:4f:2a:54:e5:f1:5a:0a: f4:83:6a:c6:18:5a:ab:4c:88:a2:a9:37:a9:36:f2:cc:34:2b: e3:40:95:56:36:b3:de:46:80:62:87:0e:ac:b5:8d:4c:a7:ef: 6a:99:48:80:c7:30:33:45:01:b2:f9:32:3a:94:91:4d:f0:0d: 8f:55:f2:cf:c0:28:20:2e:1d:32:d6:15:2f:fe:1b:53:af:a2: d2:fa:d0:b8:68:05:41:0f:a9:bf:5f:32:b0:6a:c0:8d:9e:20: 14:61:ea:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fsAamPMrzz5U/CyKeKQXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzZjNmZTYwNzUwODJiZThlNTg4MzI5YjQzZDc2MWJmNmU3 YjAxZDAwHhcNMjUxMjIxMDYwMDI5WhcNMjUxMjIyMDYwMDI5WjAzMTEwLwYDVQQD EyhhZTg0ZGQ4MjI2MjQ5ZTQ2ZDVkZGQ1NGNiYWU3OGRkZmNmZjA4MGM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G+ZvL+hD+EGt+CPXXmOAO2qf7xD TjPZjP6FTIZpvhoy8TED1moTUCMUD3/ddfVQ4gbUEwkD5rwSEP18FSa0lG8XKMdn j01iALcvfiuqoEpHl3VYR5yCVG4UraPqRIkyvNM1G8c0xKmHy3ylMvlLK25MEcbn YJTst4yXSml/14aUGjpdwP3LZl03TykOv5q4hcdQOhEU75gduVIOf4LkH+jt6SJc fbm+pIV3EuoEhEQrcy2hpjA01ySYvzq7m0Mojt6snzdg6QNGNt04+4zNiCIh+ejN lvUcOS+U1n3m3FTca3Qv5ALkPrtsI6fGUd019jV37hSCiztQDppRd22xIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK6E3YImJJ5G1d3VTLrnjd/P8IDFMB8GA1UdIwQY MBaAFAPz/mB1CCvo5Ygym0PXYb9uewHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMt ODJkYWZlMTA0YmM1LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy84YmY3ZWEtODgzYS00YzQzLTk0NmMtODJkYWZlMTA0YmM1 LzEvQV9QLVlIVUlLLWpsaURLYlE5ZGh2MjU3QWRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKgJzWXY jRDCwbeeBtYm7eJZxNxVoJMcYSr1y1E7oDkUQAA3FMNVRRvRxZk+Kpd1pF2DwteA 5R/wuYg/dRmRyXc1ZRDjbTyyPEglrdbgpSMEMtUfRi3+v9AdPlwiDtz+A5ExbqMb Ccsirjiaptv4QmofBCoa0LSx8pjVA/SVU/NNQnA1JYMwxRnLJW5jBJmkJHI+QLa+ TzeZyyJPKlTl8VoK9INqxhhaq0yIoqk3qTbyzDQr40CVVjaz3kaAYocOrLWNTKfv aplIgMcwM0UBsvkyOpSRTfANj1Xyz8AoIC4dMtYVL/4bU6+i0vrQuGgFQQ+pv18y sGrAjZ4gFGHqfA== -----END CERTIFICATE-----Generated at Sun Dec 21 16:13:33 2025 by rpki-client