This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft File: cnOYybFuqY0iKkwpyvey68mE8oI.mft (raw, json) Hash identifier: aMYCtqr2bWs7B/ts5v/mLpX7wpLHD/crgiwmfOpOlMA= Subject key identifier: D2:A6:69:75:0A:EF:6A:5B:8D:32:8C:5A:E7:DA:9E:F5:5F:B0:F8:E7 Authority key identifier: 72:73:98:C9:B1:6E:A9:8D:22:2A:4C:29:CA:F7:B2:EB:C9:84:F2:82 Certificate issuer: /CN=727398c9b16ea98d222a4c29caf7b2ebc984f282 Certificate serial: 019B4248E44489D3C1692CD40ADE074D8704 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft Manifest number: 0323 Signing time: Sun 21 Dec 2025 19:00:31 +0000 Manifest this update: Sun 21 Dec 2025 19:00:31 +0000 Manifest next update: Mon 22 Dec 2025 19:00:31 +0000 Files and hashes: 1: cnOYybFuqY0iKkwpyvey68mE8oI.crl (hash: DsdFYhp0EtWDpFaUwsUIInkCHHs8qLl0RW/4w2XpKuk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:48:e4:44:89:d3:c1:69:2c:d4:0a:de:07:4d:87:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=727398c9b16ea98d222a4c29caf7b2ebc984f282 Validity Not Before: Dec 21 19:00:31 2025 GMT Not After : Dec 22 19:00:31 2025 GMT Subject: CN=d2a669750aef6a5b8d328c5ae7da9ef55fb0f8e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d4:7c:ec:b7:04:c3:9e:60:50:69:76:ef:eb: 07:a6:d5:bb:84:9c:77:c6:8f:93:63:11:95:cc:79: 66:1b:e8:9c:3a:db:9b:ee:2f:6d:8b:28:ea:a0:b9: c0:a1:99:27:ee:88:38:ad:33:fd:70:99:91:46:83: 04:df:12:90:24:11:b1:0f:b9:bb:39:3d:4d:0d:c8: c5:8b:34:7a:0a:44:ce:1b:ee:cc:f4:63:b4:bb:c0: f8:91:b3:93:c0:c9:d4:8b:15:62:4f:da:3a:26:f8: 7d:11:e9:23:46:7c:e8:4a:36:f5:53:7c:bb:9f:f8: a7:dd:ef:0a:23:b0:1c:26:f9:11:0e:c5:e3:12:61: 20:ce:c6:86:e1:18:48:77:0b:bf:32:57:9e:20:c5: 2b:ae:7c:58:ff:90:26:f7:42:1c:15:a0:26:7d:fd: b2:54:8e:57:12:6a:6d:28:d5:34:4a:b0:2f:b2:47: f9:c1:de:bf:e5:f6:89:aa:e2:e6:c4:24:10:48:95: d5:ce:31:1a:c2:ed:ae:d7:c7:5e:54:61:f9:cd:0b: 71:73:d1:d1:87:ee:db:05:3d:c6:59:86:bc:2b:d1: c3:20:a7:f0:fe:68:9a:23:b9:b3:cd:56:8b:9e:e8: 9d:c2:4b:76:6d:10:64:5d:d4:d9:5e:7f:86:17:27: 04:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:A6:69:75:0A:EF:6A:5B:8D:32:8C:5A:E7:DA:9E:F5:5F:B0:F8:E7 X509v3 Authority Key Identifier: keyid:72:73:98:C9:B1:6E:A9:8D:22:2A:4C:29:CA:F7:B2:EB:C9:84:F2:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnOYybFuqY0iKkwpyvey68mE8oI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/3c604e-e6a8-4e4e-b769-5a07e26fb822/1/cnOYybFuqY0iKkwpyvey68mE8oI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:ce:b2:17:54:42:d9:9a:26:84:64:6d:f6:d8:3a:a5:8b:9d: e6:3e:81:28:08:25:24:5c:19:41:cc:d0:9d:4c:6c:cb:f2:82: ba:6a:25:cc:98:83:e1:ef:8e:c9:6e:17:b6:58:60:9e:d8:d3: 0b:ef:f1:a3:41:0d:0b:27:8e:35:28:cb:1f:bc:e0:a2:8c:a5: 45:fc:47:a0:0a:0c:0d:48:0d:1a:d7:07:b2:38:b1:5b:6f:00: c7:21:f1:9d:cb:a6:71:42:a6:95:04:b8:b6:1d:d3:0c:51:30: 12:49:8e:18:c5:1c:a6:98:b8:ad:71:df:01:bf:21:0b:63:11: fa:35:ea:7d:1e:a4:3c:4b:71:aa:29:56:8e:4c:10:37:0b:be: 67:18:f5:82:46:8e:aa:9a:b7:6c:2e:de:0a:f3:ad:b7:73:9f: e3:ef:0e:bd:91:89:37:c2:21:5b:0c:28:16:42:0a:7c:91:73: bf:ab:de:b5:44:b7:12:e0:6f:ee:d2:7e:e4:e1:98:03:09:00: 8f:61:fc:bb:c4:02:f3:31:c2:5d:5f:38:35:c8:e0:8e:1f:9e: 78:92:9b:3f:04:11:56:42:ee:cf:3a:4a:8d:64:21:78:2e:65: e0:0a:a2:bc:9f:a1:7a:74:8c:22:fb:2d:dc:77:71:3d:e7:b2: 6c:eb:bd:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSOREidPBaSzUCt4HTYcEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNzM5OGM5YjE2ZWE5OGQyMjJhNGMyOWNhZjdiMmViYzk4 NGYyODIwHhcNMjUxMjIxMTkwMDMxWhcNMjUxMjIyMTkwMDMxWjAzMTEwLwYDVQQD EyhkMmE2Njk3NTBhZWY2YTViOGQzMjhjNWFlN2RhOWVmNTVmYjBmOGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NR87LcEw55gUGl27+sHptW7hJx3 xo+TYxGVzHlmG+icOtub7i9tiyjqoLnAoZkn7og4rTP9cJmRRoME3xKQJBGxD7m7 OT1NDcjFizR6CkTOG+7M9GO0u8D4kbOTwMnUixViT9o6Jvh9EekjRnzoSjb1U3y7 n/in3e8KI7AcJvkRDsXjEmEgzsaG4RhIdwu/MleeIMUrrnxY/5Am90IcFaAmff2y VI5XEmptKNU0SrAvskf5wd6/5faJquLmxCQQSJXVzjEawu2u18deVGH5zQtxc9HR h+7bBT3GWYa8K9HDIKfw/miaI7mzzVaLnuidwkt2bRBkXdTZXn+GFycEAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNKmaXUK72pbjTKMWufanvVfsPjnMB8GA1UdIwQY MBaAFHJzmMmxbqmNIipMKcr3suvJhPKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zYzYwNGUtZTZhOC00ZTRlLWI3Njkt NWEwN2UyNmZiODIyLzEvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC8zYzYwNGUtZTZhOC00ZTRlLWI3NjktNWEwN2UyNmZiODIy LzEvY25PWXliRnVxWTBpS2t3cHl2ZXk2OG1FOG9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1M6yF1RC 2ZomhGRt9tg6pYud5j6BKAglJFwZQczQnUxsy/KCumolzJiD4e+OyW4XtlhgntjT C+/xo0ENCyeONSjLH7zgooylRfxHoAoMDUgNGtcHsjixW28AxyHxncumcUKmlQS4 th3TDFEwEkmOGMUcppi4rXHfAb8hC2MR+jXqfR6kPEtxqilWjkwQNwu+Zxj1gkaO qpq3bC7eCvOtt3Of4+8OvZGJN8IhWwwoFkIKfJFzv6vetUS3EuBv7tJ+5OGYAwkA j2H8u8QC8zHCXV84Ncjgjh+eeJKbPwQRVkLuzzpKjWQheC5l4AqivJ+henSMIvst 3HdxPeeybOu9tg== -----END CERTIFICATE-----Generated at Mon Dec 22 00:01:45 2025 by rpki-client