This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.mft File: sk1YjfILMtuXh9d4ZDlM16ZtQDA.mft (raw, json) Hash identifier: YrfCGfF1hOsIJuMm3ofFgIf71b19apege0C2AuWA0kk= Subject key identifier: BD:FA:CB:0D:92:D3:FF:A6:F0:96:7A:E6:1C:02:C3:28:52:1E:CC:8B Authority key identifier: B2:4D:58:8D:F2:0B:32:DB:97:87:D7:78:64:39:4C:D7:A6:6D:40:30 Certificate issuer: /CN=b24d588df20b32db9787d77864394cd7a66d4030 Certificate serial: 019B4F5FF85D7E3ADC3BA7C0B4290D8E418B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sk1YjfILMtuXh9d4ZDlM16ZtQDA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.mft Manifest number: 1676 Signing time: Wed 24 Dec 2025 08:00:48 +0000 Manifest this update: Wed 24 Dec 2025 08:00:48 +0000 Manifest next update: Thu 25 Dec 2025 08:00:48 +0000 Files and hashes: 1: YAynT2rFqTF7GPjWR_vJKmQMToY.roa (hash: Nj9HjgClC5YboiO8+CeqUE2/z4iqwPpiEtBTjxVCiAo=) 2: sk1YjfILMtuXh9d4ZDlM16ZtQDA.crl (hash: 5Ij+SaCljGDwK5s3ZJnztwV1Lu62te2igMMJxyNqnJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.mft rsync://rpki.ripe.net/repository/DEFAULT/sk1YjfILMtuXh9d4ZDlM16ZtQDA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:5f:f8:5d:7e:3a:dc:3b:a7:c0:b4:29:0d:8e:41:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b24d588df20b32db9787d77864394cd7a66d4030 Validity Not Before: Dec 24 08:00:48 2025 GMT Not After : Dec 25 08:00:48 2025 GMT Subject: CN=bdfacb0d92d3ffa6f0967ae61c02c328521ecc8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:68:34:3a:26:fa:3f:00:2a:bb:32:e0:2e:d0: be:fe:f0:a9:d5:b7:02:fa:b9:91:41:13:c1:76:38: fd:f3:df:90:e2:9b:0d:5c:00:a7:c0:9a:82:51:84: 30:d6:65:b4:e2:b2:fc:69:3d:71:c4:1a:cf:35:a1: 59:94:31:86:5d:b1:b0:22:f6:05:af:5d:ce:63:9b: 17:c1:ab:8c:02:c5:0e:f4:8b:eb:73:a8:c0:c6:50: 50:94:ba:f7:e6:a5:d2:a1:14:4d:60:ac:70:98:d2: a2:e8:07:10:5b:c8:d4:e2:67:21:b0:db:d4:f7:f0: 38:f9:1f:e7:97:f8:db:55:2b:1a:d9:11:e8:c7:9b: 06:d3:54:5d:e1:d4:09:1d:1c:84:28:b3:46:a8:d2: 41:09:e3:d1:06:1d:19:bd:79:51:38:41:3b:bc:ca: 03:4c:29:fe:c8:ba:1c:44:e7:18:2b:37:09:c8:46: ce:3f:a0:90:ea:f7:09:ca:10:d3:73:51:12:eb:3c: be:81:fa:79:46:2e:86:f6:e3:67:99:5d:4a:0b:70: 4d:8e:f8:88:d9:ca:3a:62:fe:26:33:57:21:f2:1d: b5:d0:a1:5c:ad:2e:bb:65:88:33:b1:3e:c6:32:b4: d5:45:dd:62:55:26:36:22:bc:79:14:9b:5f:b0:30: ec:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:FA:CB:0D:92:D3:FF:A6:F0:96:7A:E6:1C:02:C3:28:52:1E:CC:8B X509v3 Authority Key Identifier: keyid:B2:4D:58:8D:F2:0B:32:DB:97:87:D7:78:64:39:4C:D7:A6:6D:40:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sk1YjfILMtuXh9d4ZDlM16ZtQDA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bd2d39-15e6-4640-ad08-d7b64b7cc583/1/sk1YjfILMtuXh9d4ZDlM16ZtQDA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:d6:5e:4a:1b:bd:80:b7:09:48:b9:c6:9b:d1:9c:db:ea:88: 67:1a:02:6c:7c:59:1a:7f:7c:bf:a9:49:67:a4:85:95:d3:0b: 18:56:e8:b5:fd:9d:08:72:1e:61:89:6e:50:7f:e9:09:cf:ae: 69:d6:50:e9:24:71:f4:8f:89:dd:1d:0d:d4:13:61:a7:8d:a1: fb:10:73:26:52:8d:10:f0:63:33:c8:e7:52:bd:27:c5:f6:4c: 53:9c:77:e1:b4:bc:b7:27:50:63:22:ce:77:b1:18:de:fb:c5: e6:c2:d4:d0:61:fd:70:92:e8:a8:b2:a2:15:cd:d7:05:50:bb: 8e:3d:86:98:b5:23:25:74:12:87:c0:0f:24:df:14:fc:56:72: 7b:ad:a8:8d:61:1a:30:6f:dd:65:f4:8b:7c:b5:1f:d4:57:a3: 61:e6:65:6b:16:c9:c8:43:f0:c6:aa:4f:55:da:fe:41:7d:ea: 92:26:ba:74:a2:a9:2a:0d:2a:bb:61:5a:5d:a2:5b:5f:11:24: 8e:ea:b0:1e:c7:8a:f8:b6:bb:3e:2d:57:c1:6f:bf:d9:55:3c: a0:6f:94:04:eb:ae:57:07:0b:58:70:44:4d:f4:ba:2d:9a:c2: 04:99:ee:c5:44:d5:83:96:7b:fc:42:fd:6e:93:81:0e:10:e3: 24:de:9d:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPX/hdfjrcO6fAtCkNjkGLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyNGQ1ODhkZjIwYjMyZGI5Nzg3ZDc3ODY0Mzk0Y2Q3YTY2 ZDQwMzAwHhcNMjUxMjI0MDgwMDQ4WhcNMjUxMjI1MDgwMDQ4WjAzMTEwLwYDVQQD EyhiZGZhY2IwZDkyZDNmZmE2ZjA5NjdhZTYxYzAyYzMyODUyMWVjYzhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmg0Oib6PwAquzLgLtC+/vCp1bcC +rmRQRPBdjj989+Q4psNXACnwJqCUYQw1mW04rL8aT1xxBrPNaFZlDGGXbGwIvYF r13OY5sXwauMAsUO9Ivrc6jAxlBQlLr35qXSoRRNYKxwmNKi6AcQW8jU4mchsNvU 9/A4+R/nl/jbVSsa2RHox5sG01Rd4dQJHRyEKLNGqNJBCePRBh0ZvXlROEE7vMoD TCn+yLocROcYKzcJyEbOP6CQ6vcJyhDTc1ES6zy+gfp5Ri6G9uNnmV1KC3BNjviI 2co6Yv4mM1ch8h210KFcrS67ZYgzsT7GMrTVRd1iVSY2Irx5FJtfsDDsZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL36yw2S0/+m8JZ65hwCwyhSHsyLMB8GA1UdIwQY MBaAFLJNWI3yCzLbl4fXeGQ5TNembUAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2sxWWpmSUxNdHVYaDlkNFpEbE0xNlp0UURBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZDJkMzktMTVlNi00NjQwLWFkMDgt ZDdiNjRiN2NjNTgzLzEvc2sxWWpmSUxNdHVYaDlkNFpEbE0xNlp0UURBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9iZDJkMzktMTVlNi00NjQwLWFkMDgtZDdiNjRiN2NjNTgz LzEvc2sxWWpmSUxNdHVYaDlkNFpEbE0xNlp0UURBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfdZeShu9 gLcJSLnGm9Gc2+qIZxoCbHxZGn98v6lJZ6SFldMLGFbotf2dCHIeYYluUH/pCc+u adZQ6SRx9I+J3R0N1BNhp42h+xBzJlKNEPBjM8jnUr0nxfZMU5x34bS8tydQYyLO d7EY3vvF5sLU0GH9cJLoqLKiFc3XBVC7jj2GmLUjJXQSh8APJN8U/FZye62ojWEa MG/dZfSLfLUf1FejYeZlaxbJyEPwxqpPVdr+QX3qkia6dKKpKg0qu2FaXaJbXxEk juqwHseK+La7Pi1XwW+/2VU8oG+UBOuuVwcLWHBETfS6LZrCBJnuxUTVg5Z7/EL9 bpOBDhDjJN6d3w== -----END CERTIFICATE-----Generated at Wed Dec 24 09:19:10 2025 by rpki-client