This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json) Hash identifier: r7xu2q9uM550fMKNdMNyj6aezJ/0SUVwc8Ruxpf1rm0= Subject key identifier: 39:6A:BD:C2:7E:6D:BC:D3:66:B0:97:F0:38:5C:DF:8A:61:A9:C8:8B Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35 Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35 Certificate serial: 019B3DC7E92F382090E05BED48C1D2209A9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft Manifest number: 0C30 Signing time: Sat 20 Dec 2025 22:01:10 +0000 Manifest this update: Sat 20 Dec 2025 22:01:10 +0000 Manifest next update: Sun 21 Dec 2025 22:01:10 +0000 Files and hashes: 1: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: yNR79nK/drjfQiU0tBZn/sj/a2iZ2AhRL4pbj170cKA=) 2: tKwKl17jXwIeAtAZEyALLLwTexA.roa (hash: E9CmZ9NzF2HrbXjpDzFF0Gs0klh/PHaYx1PKsYvWrwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:e9:2f:38:20:90:e0:5b:ed:48:c1:d2:20:9a:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35 Validity Not Before: Dec 20 22:01:10 2025 GMT Not After : Dec 21 22:01:10 2025 GMT Subject: CN=396abdc27e6dbcd366b097f0385cdf8a61a9c88b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:36:c5:40:07:02:a5:d4:03:68:72:d5:70:da: af:69:a0:0a:1b:80:6e:31:5b:96:44:5b:a5:ca:76: 04:6a:32:e9:3b:d6:89:a9:83:29:fc:4e:bc:28:fd: eb:77:b9:29:3a:a4:a5:72:04:88:01:22:ac:6b:2e: 28:13:a7:69:0d:36:09:4b:61:51:28:ec:85:44:cf: 81:98:e9:22:21:e1:d6:d2:a7:ad:bb:af:66:8b:98: 99:9e:fa:0a:8e:0a:50:b6:22:ab:78:42:78:ac:58: f3:98:b9:f3:97:45:7b:e9:2a:22:11:fc:f5:70:8d: df:6c:60:e1:9b:2a:9f:9a:9e:30:54:e4:65:08:90: d7:37:64:f0:83:74:dc:41:9f:80:38:fb:aa:c9:36: 19:cc:72:5d:e3:3f:15:38:d9:23:ff:be:41:2e:93: 00:f7:e8:7e:ed:8e:16:bf:7f:6f:f7:09:ea:0f:59: 1d:16:5c:c5:69:dd:23:8b:d2:c2:8b:32:6c:73:17: 0e:ce:b6:d2:fc:03:6b:f6:5c:4e:d5:8d:7e:b7:b3: 22:b2:3e:1b:45:b8:a0:af:cd:7b:b2:8f:72:e8:b9: bb:e9:28:39:e8:87:ec:43:7a:00:ed:3c:e8:0d:b8: 27:2c:6a:b9:cf:e9:e4:2f:9e:b3:48:40:d4:07:c7: 74:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6A:BD:C2:7E:6D:BC:D3:66:B0:97:F0:38:5C:DF:8A:61:A9:C8:8B X509v3 Authority Key Identifier: keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:02:58:d6:a8:bb:c3:d9:eb:f4:27:02:fc:85:05:a1:27:d4: 84:ae:cb:9e:2d:6a:61:20:da:2b:0c:27:96:aa:d8:97:34:af: b3:f3:aa:0a:01:e1:97:19:c4:78:53:f4:38:75:89:9c:40:29: a7:20:e7:57:57:22:da:73:31:73:a4:1a:d3:be:93:cc:10:33: ef:f9:7b:d2:fb:51:34:9f:0b:7b:92:70:0e:d4:cf:f8:14:fe: 3d:d4:be:a1:7e:aa:94:a3:27:9a:75:63:68:21:50:00:98:4c: 2a:7f:b0:b0:e2:c1:d1:fb:53:99:e5:93:17:dd:e7:18:e3:6a: 4f:17:cb:e9:ad:6d:85:18:3e:d2:dd:96:7b:7b:45:c1:69:2f: ac:3b:0a:49:39:d5:72:d2:ea:0a:8d:44:d1:5a:7b:d5:f2:04: db:ee:2d:53:65:5e:e1:63:81:7d:49:f5:0d:b0:c4:5d:3c:b0: 26:ac:e3:de:9a:6b:b9:fa:55:58:fa:a5:4d:fe:45:83:9b:ca: f4:8c:08:dc:7b:f7:a6:f1:80:bf:24:33:b9:5a:ae:0a:d1:89: 7c:cc:65:7c:9a:e1:2d:b8:d8:f2:08:54:d9:04:d3:1f:5a:48: c3:8e:fe:a5:8a:54:94:16:79:e3:86:14:2a:b0:cd:7e:1b:07: 38:84:a5:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x+kvOCCQ4FvtSMHSIJqcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh MDJmMzUwHhcNMjUxMjIwMjIwMTEwWhcNMjUxMjIxMjIwMTEwWjAzMTEwLwYDVQQD EygzOTZhYmRjMjdlNmRiY2QzNjZiMDk3ZjAzODVjZGY4YTYxYTljODhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jbFQAcCpdQDaHLVcNqvaaAKG4Bu MVuWRFulynYEajLpO9aJqYMp/E68KP3rd7kpOqSlcgSIASKsay4oE6dpDTYJS2FR KOyFRM+BmOkiIeHW0qetu69mi5iZnvoKjgpQtiKreEJ4rFjzmLnzl0V76SoiEfz1 cI3fbGDhmyqfmp4wVORlCJDXN2Twg3TcQZ+AOPuqyTYZzHJd4z8VONkj/75BLpMA 9+h+7Y4Wv39v9wnqD1kdFlzFad0ji9LCizJscxcOzrbS/ANr9lxO1Y1+t7Misj4b Rbigr817so9y6Lm76Sg56IfsQ3oA7TzoDbgnLGq5z+nkL56zSEDUB8d06wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDlqvcJ+bbzTZrCX8Dhc34phqciLMB8GA1UdIwQY MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgJY1qi7 w9nr9CcC/IUFoSfUhK7Lni1qYSDaKwwnlqrYlzSvs/OqCgHhlxnEeFP0OHWJnEAp pyDnV1ci2nMxc6Qa076TzBAz7/l70vtRNJ8Le5JwDtTP+BT+PdS+oX6qlKMnmnVj aCFQAJhMKn+wsOLB0ftTmeWTF93nGONqTxfL6a1thRg+0t2We3tFwWkvrDsKSTnV ctLqCo1E0Vp71fIE2+4tU2Ve4WOBfUn1DbDEXTywJqzj3pprufpVWPqlTf5Fg5vK 9IwI3Hv3pvGAvyQzuVquCtGJfMxlfJrhLbjY8ghU2QTTH1pIw47+pYpUlBZ544YU KrDNfhsHOISljg== -----END CERTIFICATE-----Generated at Sun Dec 21 06:25:49 2025 by rpki-client