This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.mft File: SyttKl1BMFYPYXlj2fvJNELcHM0.mft (raw, json) Hash identifier: TU4G1BjJ/zBrwRLr2XIjZtP6NFSMoBx6QG8z7wUv88o= Subject key identifier: AA:DF:F3:BD:7E:37:DE:86:99:1B:D9:1D:7B:AA:1A:FD:B1:6D:4D:A2 Authority key identifier: 4B:2B:6D:2A:5D:41:30:56:0F:61:79:63:D9:FB:C9:34:42:DC:1C:CD Certificate issuer: /CN=4b2b6d2a5d4130560f617963d9fbc93442dc1ccd Certificate serial: 019B2A09D720D72648BE199678304485701E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyttKl1BMFYPYXlj2fvJNELcHM0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.mft Manifest number: 1711 Signing time: Wed 17 Dec 2025 02:00:46 +0000 Manifest this update: Wed 17 Dec 2025 02:00:46 +0000 Manifest next update: Thu 18 Dec 2025 02:00:46 +0000 Files and hashes: 1: M4qXtzk7m1_HROVvWg529-GrNdE.roa (hash: edioIsxmBILO0oJIeA0UJ1H6nLNxCIDowpitLjgAj8U=) 2: SyttKl1BMFYPYXlj2fvJNELcHM0.crl (hash: jL4LLzT8+f3srN3VEUdTxAFLF63NYYt3EDH56QATBNg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.mft rsync://rpki.ripe.net/repository/DEFAULT/SyttKl1BMFYPYXlj2fvJNELcHM0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2a:09:d7:20:d7:26:48:be:19:96:78:30:44:85:70:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b2b6d2a5d4130560f617963d9fbc93442dc1ccd Validity Not Before: Dec 17 02:00:46 2025 GMT Not After : Dec 18 02:00:46 2025 GMT Subject: CN=aadff3bd7e37de86991bd91d7baa1afdb16d4da2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3d:5b:43:97:2d:4c:76:8d:0c:66:0e:8c:a1: b5:e8:52:bc:e4:4e:9f:17:a4:f3:ab:d3:ba:3a:d5: a0:ef:23:59:06:2d:24:cf:af:b8:17:3e:f6:f7:f5: ce:0b:04:81:5b:ff:f7:4e:b3:54:c7:1c:8f:26:30: c2:51:ed:90:d5:09:e8:31:7a:a2:0b:8d:2e:08:a2: 96:f0:46:df:89:dd:e2:be:0a:04:19:51:b9:03:a7: 58:e7:68:f6:b0:b5:b3:1c:e4:3b:7a:67:17:e6:55: 90:44:f0:19:ba:3b:59:80:49:8b:c4:70:85:bb:0b: 8a:80:59:da:4f:1c:ed:45:03:02:00:63:b6:de:f6: 3d:b3:aa:55:9e:6c:f1:52:ec:fc:59:b9:6d:cf:1b: 06:55:6b:eb:19:53:c0:5d:ac:d2:34:23:65:c2:75: 78:19:4d:de:82:90:20:e0:5f:6f:c9:f3:d6:3d:93: b9:96:0a:05:92:07:89:10:9f:d5:41:35:94:e7:a5: a5:82:6f:d5:6c:dc:00:af:57:39:94:9f:3f:dd:ed: dd:f4:07:09:7d:f8:2a:7c:4e:65:67:3f:aa:f1:40: f6:e6:45:55:96:25:3e:87:0e:7c:d7:8b:97:b2:f7: 44:03:c3:9b:ed:c2:b6:1a:9f:61:c6:70:f2:3a:08: de:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:DF:F3:BD:7E:37:DE:86:99:1B:D9:1D:7B:AA:1A:FD:B1:6D:4D:A2 X509v3 Authority Key Identifier: keyid:4B:2B:6D:2A:5D:41:30:56:0F:61:79:63:D9:FB:C9:34:42:DC:1C:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyttKl1BMFYPYXlj2fvJNELcHM0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40ef41-31f4-420d-badc-c574158502c8/1/SyttKl1BMFYPYXlj2fvJNELcHM0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:6c:02:a8:a9:28:e0:81:19:56:c0:12:44:fd:da:82:dc:a5: 56:1b:5d:e2:89:3f:99:53:19:72:94:1b:e5:1e:f3:df:cf:e9: 85:68:5c:32:dd:83:3f:59:e1:b9:36:dd:e1:fd:fe:55:49:1b: 6d:87:73:78:cb:d1:57:6e:cc:b6:6b:9d:ca:1a:85:28:7c:c7: ce:e6:a0:67:f8:b8:f2:22:ee:ed:1a:6c:0a:9b:e7:84:6b:9b: 2e:e9:12:05:18:b0:ea:72:0d:72:9f:e1:6d:08:cc:13:16:74: 7b:a2:c4:dc:65:47:59:fe:d2:60:11:71:85:35:2b:07:21:6b: 59:db:b3:88:fc:74:b3:5e:0c:39:07:2b:a3:61:67:95:4c:8f: 7a:62:d5:a8:59:73:83:51:e0:a8:fd:bf:fd:08:19:62:ac:0f: 63:11:21:b6:18:bd:36:1e:28:32:fb:5f:e3:3f:36:fa:71:16: a1:a4:49:39:36:de:9d:9b:ac:d9:43:26:7f:9e:4c:ce:62:c7: 97:12:b3:36:41:55:a3:89:e8:3f:06:e1:27:0f:7f:d8:72:18: dd:96:16:f0:3e:75:76:17:ab:1d:e4:ba:c9:16:d9:3a:1e:b4: ab:c9:0d:1c:43:c7:d0:0d:0f:1c:9a:50:c1:5a:af:f4:8a:af: 7e:46:c3:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsqCdcg1yZIvhmWeDBEhXAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiMmI2ZDJhNWQ0MTMwNTYwZjYxNzk2M2Q5ZmJjOTM0NDJk YzFjY2QwHhcNMjUxMjE3MDIwMDQ2WhcNMjUxMjE4MDIwMDQ2WjAzMTEwLwYDVQQD EyhhYWRmZjNiZDdlMzdkZTg2OTkxYmQ5MWQ3YmFhMWFmZGIxNmQ0ZGEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz1bQ5ctTHaNDGYOjKG16FK85E6f F6Tzq9O6OtWg7yNZBi0kz6+4Fz729/XOCwSBW//3TrNUxxyPJjDCUe2Q1QnoMXqi C40uCKKW8Ebfid3ivgoEGVG5A6dY52j2sLWzHOQ7emcX5lWQRPAZujtZgEmLxHCF uwuKgFnaTxztRQMCAGO23vY9s6pVnmzxUuz8WbltzxsGVWvrGVPAXazSNCNlwnV4 GU3egpAg4F9vyfPWPZO5lgoFkgeJEJ/VQTWU56Wlgm/VbNwAr1c5lJ8/3e3d9AcJ ffgqfE5lZz+q8UD25kVVliU+hw5814uXsvdEA8Ob7cK2Gp9hxnDyOgje7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKrf871+N96GmRvZHXuqGv2xbU2iMB8GA1UdIwQY MBaAFEsrbSpdQTBWD2F5Y9n7yTRC3BzNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3l0dEtsMUJNRllQWVhsajJmdkpORUxjSE0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MGVmNDEtMzFmNC00MjBkLWJhZGMt YzU3NDE1ODUwMmM4LzEvU3l0dEtsMUJNRllQWVhsajJmdkpORUxjSE0wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS80MGVmNDEtMzFmNC00MjBkLWJhZGMtYzU3NDE1ODUwMmM4 LzEvU3l0dEtsMUJNRllQWVhsajJmdkpORUxjSE0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2wCqKko 4IEZVsASRP3agtylVhtd4ok/mVMZcpQb5R7z38/phWhcMt2DP1nhuTbd4f3+VUkb bYdzeMvRV27MtmudyhqFKHzHzuagZ/i48iLu7RpsCpvnhGubLukSBRiw6nINcp/h bQjMExZ0e6LE3GVHWf7SYBFxhTUrByFrWduziPx0s14MOQcro2FnlUyPemLVqFlz g1HgqP2//QgZYqwPYxEhthi9Nh4oMvtf4z82+nEWoaRJOTbenZus2UMmf55MzmLH lxKzNkFVo4noPwbhJw9/2HIY3ZYW8D51dherHeS6yRbZOh60q8kNHEPH0A0PHJpQ wVqv9IqvfkbDwQ== -----END CERTIFICATE-----Generated at Wed Dec 17 09:44:37 2025 by rpki-client