This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.mft File: y5idLhUgGyDjQIjdHARVslRE-Pw.mft (raw, json) Hash identifier: cZFRyGU63IbUV24kCkfSGom4bupSDMTNSUgTT7uK4BQ= Subject key identifier: 63:58:67:4A:37:21:15:D5:92:C2:76:0A:A0:33:92:86:57:21:FC:22 Authority key identifier: CB:98:9D:2E:15:20:1B:20:E3:40:88:DD:1C:04:55:B2:54:44:F8:FC Certificate issuer: /CN=cb989d2e15201b20e34088dd1c0455b25444f8fc Certificate serial: 019B7591EC78DADDC8946A0720E87A83A7E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5idLhUgGyDjQIjdHARVslRE-Pw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.mft Manifest number: 0DDF Signing time: Wed 31 Dec 2025 18:00:56 +0000 Manifest this update: Wed 31 Dec 2025 18:00:56 +0000 Manifest next update: Thu 01 Jan 2026 18:00:56 +0000 Files and hashes: 1: IlHeExFCZOwDVGR-pn-Mj6btqHA.roa (hash: G3OUewbUbdIfclHozVugqBGDnmkGwJv9DxeJNbUzFpM=) 2: y5idLhUgGyDjQIjdHARVslRE-Pw.crl (hash: JHOSb8KeeDPPy0BhJlUk5RZrpQ4Z/Oc8H+2zL9Itnlc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.mft rsync://rpki.ripe.net/repository/DEFAULT/y5idLhUgGyDjQIjdHARVslRE-Pw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:91:ec:78:da:dd:c8:94:6a:07:20:e8:7a:83:a7:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb989d2e15201b20e34088dd1c0455b25444f8fc Validity Not Before: Dec 31 18:00:56 2025 GMT Not After : Jan 1 18:00:56 2026 GMT Subject: CN=6358674a372115d592c2760aa03392865721fc22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:94:07:9c:a1:8e:3d:3b:0c:45:0d:96:06:b6: e7:9a:04:5d:15:dc:08:d2:8e:b1:b2:8e:60:e7:79: d3:49:eb:e3:d3:aa:d6:9c:36:db:53:e1:f4:4a:48: 54:d0:12:db:27:8e:dc:ed:05:3c:39:7f:c4:28:a6: f4:36:2f:95:ab:2e:c2:3a:55:e1:d5:90:91:ad:9d: 29:c8:5a:e8:5d:76:c8:36:b2:b7:c7:98:72:62:e4: a9:e8:6c:37:92:b9:f8:2a:07:19:e4:ed:bf:c9:8e: 5c:09:9b:fd:ed:cd:d3:c4:d1:38:25:5b:f7:5c:75: fb:f6:50:90:47:4a:8a:39:71:4f:d7:b1:2a:62:1b: 89:79:25:82:e6:cd:c2:f9:2c:bd:98:50:af:32:bc: 38:20:ae:8c:76:10:91:cd:c5:e0:37:36:13:58:cb: 76:43:c3:bf:f1:a2:07:ea:61:d8:ab:88:7a:b3:df: 01:50:75:72:3a:cc:74:09:e0:c7:81:3e:f0:9c:09: 52:8c:52:ec:85:4e:77:82:6e:1b:aa:72:5a:23:42: 01:c1:50:3f:ff:c6:c3:69:67:00:2f:0d:bf:d3:be: 8b:51:7f:ce:1f:68:2a:d0:93:6b:17:e8:3b:2d:62: e1:6a:89:01:5b:01:b7:27:b0:0b:5d:d0:df:ce:cc: 34:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:58:67:4A:37:21:15:D5:92:C2:76:0A:A0:33:92:86:57:21:FC:22 X509v3 Authority Key Identifier: keyid:CB:98:9D:2E:15:20:1B:20:E3:40:88:DD:1C:04:55:B2:54:44:F8:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5idLhUgGyDjQIjdHARVslRE-Pw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/be56d4-8de6-44a2-9691-369263443025/1/y5idLhUgGyDjQIjdHARVslRE-Pw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:08:96:83:55:8f:db:31:62:fe:bb:f8:1e:f2:35:af:c2:ee: cb:a6:d3:31:75:32:9d:4e:ee:19:b9:ae:e6:48:fb:07:ff:2a: 3b:ea:4a:58:e1:43:19:87:a4:e2:03:5d:fa:a3:37:2b:08:81: f1:c0:22:e0:d6:32:29:e6:46:a1:23:85:6e:b5:a5:9e:9f:f1: 51:b2:ef:31:9d:b6:0a:f6:2d:51:ec:fd:50:a8:1f:fd:92:40: 50:cf:38:5f:7e:29:ba:21:39:fa:db:fa:90:51:f2:a9:70:50: 0d:22:51:22:1a:4f:96:f1:9f:55:71:95:14:ba:37:d1:2d:b6: 33:17:e4:33:f1:30:5b:fd:30:33:94:40:4e:a5:98:13:84:9e: 9f:73:37:c8:ee:25:e7:83:33:aa:2e:cb:3f:82:e4:1c:d1:27: ef:8c:6b:ef:f9:41:cd:f8:03:89:3f:9e:93:4c:81:58:a2:00: f2:c3:97:81:04:5b:fe:e5:a3:eb:7e:07:b1:b7:48:0a:23:89: 11:18:39:05:53:f4:ad:1e:b1:00:ac:fe:1d:ad:c6:7b:41:60: 3e:6b:a5:7d:95:29:70:85:27:12:b8:30:d0:30:70:8b:fd:d9: cb:6b:2d:6f:fd:72:44:cb:65:5e:52:cc:cf:98:7e:ac:38:b1: 94:b4:90:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1kex42t3IlGoHIOh6g6flMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiOTg5ZDJlMTUyMDFiMjBlMzQwODhkZDFjMDQ1NWIyNTQ0 NGY4ZmMwHhcNMjUxMjMxMTgwMDU2WhcNMjYwMTAxMTgwMDU2WjAzMTEwLwYDVQQD Eyg2MzU4Njc0YTM3MjExNWQ1OTJjMjc2MGFhMDMzOTI4NjU3MjFmYzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJQHnKGOPTsMRQ2WBrbnmgRdFdwI 0o6xso5g53nTSevj06rWnDbbU+H0SkhU0BLbJ47c7QU8OX/EKKb0Ni+Vqy7COlXh 1ZCRrZ0pyFroXXbINrK3x5hyYuSp6Gw3krn4KgcZ5O2/yY5cCZv97c3TxNE4JVv3 XHX79lCQR0qKOXFP17EqYhuJeSWC5s3C+Sy9mFCvMrw4IK6MdhCRzcXgNzYTWMt2 Q8O/8aIH6mHYq4h6s98BUHVyOsx0CeDHgT7wnAlSjFLshU53gm4bqnJaI0IBwVA/ /8bDaWcALw2/076LUX/OH2gq0JNrF+g7LWLhaokBWwG3J7ALXdDfzsw0kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGNYZ0o3IRXVksJ2CqAzkoZXIfwiMB8GA1UdIwQY MBaAFMuYnS4VIBsg40CI3RwEVbJURPj8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTVpZExoVWdHeURqUUlqZEhBUlZzbFJFLVB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iZTU2ZDQtOGRlNi00NGEyLTk2OTEt MzY5MjYzNDQzMDI1LzEveTVpZExoVWdHeURqUUlqZEhBUlZzbFJFLVB3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC9iZTU2ZDQtOGRlNi00NGEyLTk2OTEtMzY5MjYzNDQzMDI1 LzEveTVpZExoVWdHeURqUUlqZEhBUlZzbFJFLVB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAiWg1WP 2zFi/rv4HvI1r8Luy6bTMXUynU7uGbmu5kj7B/8qO+pKWOFDGYek4gNd+qM3KwiB 8cAi4NYyKeZGoSOFbrWlnp/xUbLvMZ22CvYtUez9UKgf/ZJAUM84X34puiE5+tv6 kFHyqXBQDSJRIhpPlvGfVXGVFLo30S22MxfkM/EwW/0wM5RATqWYE4Sen3M3yO4l 54Mzqi7LP4LkHNEn74xr7/lBzfgDiT+ek0yBWKIA8sOXgQRb/uWj634HsbdICiOJ ERg5BVP0rR6xAKz+Ha3Ge0FgPmulfZUpcIUnErgw0DBwi/3Zy2stb/1yRMtlXlLM z5h+rDixlLSQkA== -----END CERTIFICATE-----Generated at Thu Jan 1 01:03:50 2026 by rpki-client