This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft File: PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json) Hash identifier: YYaIgIB7pr6D2qIJMp5aCQ5kd/QGTyoqDjNM407NoD0= Subject key identifier: DE:3F:13:80:FF:57:E4:F6:10:E9:AD:84:6D:A7:72:E1:A3:F8:CE:73 Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65 Certificate issuer: /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65 Certificate serial: 019B5975BFEC46E3486C102463C3AD5A7965 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft Manifest number: 0D04 Signing time: Fri 26 Dec 2025 07:00:47 +0000 Manifest this update: Fri 26 Dec 2025 07:00:47 +0000 Manifest next update: Sat 27 Dec 2025 07:00:47 +0000 Files and hashes: 1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: tsWHN+CzNKcypzWrI1rpJXpzxchyfi34nKALK2/b++s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:bf:ec:46:e3:48:6c:10:24:63:c3:ad:5a:79:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65 Validity Not Before: Dec 26 07:00:47 2025 GMT Not After : Dec 27 07:00:47 2025 GMT Subject: CN=de3f1380ff57e4f610e9ad846da772e1a3f8ce73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ba:5e:f1:66:eb:2f:a2:b2:05:6c:0e:5e:fe: 48:a1:1d:5a:0d:ee:38:2c:f8:98:b9:0d:25:9b:6a: ab:ed:e1:07:55:17:74:79:eb:46:73:22:67:6b:78: 77:4d:57:11:ef:5d:17:d4:37:00:e7:47:29:bb:2f: bd:f1:f6:31:83:53:a7:6c:4d:19:ff:37:31:73:51: f7:7e:3f:ff:12:fe:10:5b:da:cf:5d:15:62:7d:17: 75:28:92:7c:b9:ec:76:09:ea:7a:68:f3:3f:5d:a5: 98:2f:96:a9:b4:4f:47:c4:2a:fb:90:82:1f:ea:02: 1b:16:99:14:12:aa:cf:9e:3b:9f:66:10:e5:00:93: dc:2c:c8:df:11:e3:57:e3:48:d2:08:37:61:22:58: d4:02:ad:a5:6c:fb:8f:10:dc:dd:03:5d:f6:99:10: 1c:23:ff:3a:6c:7d:0f:8c:53:b8:08:db:d9:f0:c1: 5c:7f:68:5c:f6:9f:90:b5:67:8b:11:1e:e8:fe:7d: 4b:61:e0:57:06:7b:27:4f:e2:92:36:1e:ad:60:52: 0b:e2:cd:8c:d4:83:d0:3a:66:cb:92:e2:7e:32:78: 61:c0:63:fc:c8:3f:8a:eb:ec:a3:fd:6f:a7:0a:f8: bb:ae:42:d1:7a:a6:47:d1:a0:8f:52:29:3d:f5:61: 86:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:3F:13:80:FF:57:E4:F6:10:E9:AD:84:6D:A7:72:E1:A3:F8:CE:73 X509v3 Authority Key Identifier: keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:9b:5c:6e:0c:98:a7:79:20:20:88:0b:d4:f6:01:03:43:20: 11:95:fa:27:90:8f:da:d0:85:b5:10:dc:78:d9:4b:53:32:83: 2b:1e:f3:d8:a3:f4:d6:b2:9f:13:b8:49:52:cd:e3:23:14:55: 1f:f5:d9:ef:c0:b1:0f:2f:42:f0:46:88:7e:76:28:fc:89:af: 81:12:a7:84:80:36:11:ee:9e:7e:37:e4:7d:04:c0:53:a6:50: e1:82:51:58:e5:e0:35:6a:ff:fe:06:a0:24:bd:6e:c2:95:8c: 98:fe:89:56:9d:f3:5f:77:09:8e:d1:69:e3:73:7e:be:54:2f: 40:0d:8d:dc:b3:d6:4a:53:79:12:c7:cb:07:b6:b3:24:77:97: ac:8c:b7:68:7d:fb:d1:af:c0:d6:5c:4c:41:9d:fc:a5:be:d9: 5e:9a:00:83:3d:e0:ca:17:37:88:ff:5b:be:4c:ba:71:32:94: 48:2f:11:46:bb:4d:74:03:9f:5e:1d:73:ae:e5:69:2f:fa:36: 10:fa:41:18:04:bd:19:ba:2b:b4:01:6b:b7:e5:5f:51:0a:b3: cd:8d:22:22:3a:86:55:10:30:ac:6b:ac:1d:89:07:bb:2d:79: 5c:42:3b:35:87:d5:31:2e:38:14:35:21:73:a5:b3:79:27:99: 0b:22:b8:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdb/sRuNIbBAkY8OtWnllMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw MjdiNjUwHhcNMjUxMjI2MDcwMDQ3WhcNMjUxMjI3MDcwMDQ3WjAzMTEwLwYDVQQD EyhkZTNmMTM4MGZmNTdlNGY2MTBlOWFkODQ2ZGE3NzJlMWEzZjhjZTczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbpe8WbrL6KyBWwOXv5IoR1aDe44 LPiYuQ0lm2qr7eEHVRd0eetGcyJna3h3TVcR710X1DcA50cpuy+98fYxg1OnbE0Z /zcxc1H3fj//Ev4QW9rPXRVifRd1KJJ8uex2Cep6aPM/XaWYL5aptE9HxCr7kIIf 6gIbFpkUEqrPnjufZhDlAJPcLMjfEeNX40jSCDdhIljUAq2lbPuPENzdA132mRAc I/86bH0PjFO4CNvZ8MFcf2hc9p+QtWeLER7o/n1LYeBXBnsnT+KSNh6tYFIL4s2M 1IPQOmbLkuJ+MnhhwGP8yD+K6+yj/W+nCvi7rkLReqZH0aCPUik99WGG/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN4/E4D/V+T2EOmthG2ncuGj+M5zMB8GA1UdIwQY MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2 LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5tcbgyY p3kgIIgL1PYBA0MgEZX6J5CP2tCFtRDceNlLUzKDKx7z2KP01rKfE7hJUs3jIxRV H/XZ78CxDy9C8EaIfnYo/ImvgRKnhIA2Ee6efjfkfQTAU6ZQ4YJRWOXgNWr//gag JL1uwpWMmP6JVp3zX3cJjtFp43N+vlQvQA2N3LPWSlN5EsfLB7azJHeXrIy3aH37 0a/A1lxMQZ38pb7ZXpoAgz3gyhc3iP9bvky6cTKUSC8RRrtNdAOfXh1zruVpL/o2 EPpBGAS9GbortAFrt+VfUQqzzY0iIjqGVRAwrGusHYkHuy15XEI7NYfVMS44FDUh c6WzeSeZCyK43g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:22 2025 by rpki-client