This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.mft File: diY1mUnOzyQYxaLbIayrhd2Rk9g.mft (raw, json) Hash identifier: iZ5TPljzztIdrWzg2YmjqkzKUaDAiOmrKk9/ynCbtwA= Subject key identifier: 9D:1B:45:1E:74:A8:CD:A3:50:7B:14:23:C7:F2:89:CC:D0:2A:1F:A3 Authority key identifier: 76:26:35:99:49:CE:CF:24:18:C5:A2:DB:21:AC:AB:85:DD:91:93:D8 Certificate issuer: /CN=7626359949cecf2418c5a2db21acab85dd9193d8 Certificate serial: 019B0ECA11FFB5699DAF4D744FE8B7A707F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diY1mUnOzyQYxaLbIayrhd2Rk9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.mft Manifest number: 1771 Signing time: Thu 11 Dec 2025 19:01:22 +0000 Manifest this update: Thu 11 Dec 2025 19:01:22 +0000 Manifest next update: Fri 12 Dec 2025 19:01:22 +0000 Files and hashes: 1: 808eb-9aLu41roSMSaHO8r-sCJ0.roa (hash: rCM5eGiyr6wuq7y0i6XZdzgH6YJOrFxOSIfhu9ZqAu0=) 2: diY1mUnOzyQYxaLbIayrhd2Rk9g.crl (hash: 4X1qDLGeA4EBNd9GRY3VK7Sew137vjPg8nEo4qrX+F8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.crl rsync://rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.mft rsync://rpki.ripe.net/repository/DEFAULT/diY1mUnOzyQYxaLbIayrhd2Rk9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:ca:11:ff:b5:69:9d:af:4d:74:4f:e8:b7:a7:07:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7626359949cecf2418c5a2db21acab85dd9193d8 Validity Not Before: Dec 11 19:01:22 2025 GMT Not After : Dec 12 19:01:22 2025 GMT Subject: CN=9d1b451e74a8cda3507b1423c7f289ccd02a1fa3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:36:0d:95:a8:fe:97:b3:cd:78:49:19:13:e9: 89:64:df:a8:f0:36:9a:9d:93:67:5d:b6:e2:66:6c: a8:b2:78:e0:cd:37:60:86:62:ac:cd:4e:f2:1f:51: a2:0f:b7:c8:9c:e5:70:48:98:50:36:eb:bc:da:64: 72:a8:9d:d9:ce:42:1e:eb:e1:0c:cf:83:d8:b2:46: 9a:c3:b2:d6:9c:a7:02:13:6c:b4:a0:9a:db:31:f2: ec:2f:ed:5a:86:45:c8:8f:ef:0d:3f:25:23:34:45: dc:d5:b2:e5:42:94:08:3b:cf:e4:fd:c7:16:73:c9: f2:bf:93:32:72:04:6a:3d:81:b0:e8:c7:9c:1f:36: 5e:0e:7f:d4:3c:04:3d:bd:1b:d2:c1:48:17:8e:6e: ea:91:9c:0b:66:85:48:f3:47:db:7d:8f:0c:a8:17: 66:10:a1:a8:06:b2:e1:83:9e:95:40:fd:36:e1:7e: 69:96:e6:10:96:5c:a9:22:4c:c6:35:cf:db:76:62: e7:e4:b7:d7:36:63:26:c1:48:b7:e7:e6:c2:37:3b: 4a:28:d6:cd:19:b6:b1:3e:4e:3f:7c:1a:1d:0e:f0: ca:b0:d8:14:d0:07:66:8d:fd:9a:68:67:f3:a4:4c: cb:48:ce:a9:2d:d2:ee:1a:40:bd:f0:e3:d7:6c:6d: 94:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:1B:45:1E:74:A8:CD:A3:50:7B:14:23:C7:F2:89:CC:D0:2A:1F:A3 X509v3 Authority Key Identifier: keyid:76:26:35:99:49:CE:CF:24:18:C5:A2:DB:21:AC:AB:85:DD:91:93:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diY1mUnOzyQYxaLbIayrhd2Rk9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c3c13e-8f61-4dfe-952c-c804083e7d49/1/diY1mUnOzyQYxaLbIayrhd2Rk9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:bf:08:18:6e:d5:7a:63:55:c8:2b:02:64:65:2b:92:d9:aa: cb:5c:57:ee:6c:ff:92:9d:e6:0c:fe:cd:94:95:4f:0c:f9:01: c7:5f:3e:8a:ab:e6:c2:42:bf:aa:58:73:b1:11:62:57:d7:ff: 08:ef:7a:f8:e7:6b:87:c5:af:e3:b5:31:cb:88:52:e8:94:dc: ff:0c:03:38:d2:29:55:1b:f3:27:3f:0d:16:64:40:66:8e:23: 2c:16:ca:6c:c2:04:b7:62:ab:f9:ed:95:8c:02:ac:fb:d3:f7: 3d:a9:3e:62:bc:ca:ed:4a:9b:07:4d:fe:0e:57:c4:6d:28:b6: 37:b6:cc:69:60:d2:e9:e6:37:32:dd:6b:28:19:b1:61:aa:d5: 3a:2c:cc:48:c9:03:62:d6:00:3a:9b:d6:96:fe:9f:37:99:d0: 97:db:11:2e:2d:1e:d3:c4:41:b1:c8:42:1e:e3:e4:b7:63:8e: 67:92:ee:b1:2f:03:e8:51:22:92:d7:94:42:e5:98:03:30:4a: 4a:3d:f9:38:e1:13:5a:5f:53:49:e1:6e:9b:cb:7f:2e:58:bf: 03:86:52:90:f5:8b:95:98:89:59:9d:cb:6b:33:61:64:63:9d: a3:46:f6:9c:6a:51:b4:5a:a7:5e:33:8b:e3:b3:29:d8:7c:3c: 17:49:38:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOyhH/tWmdr010T+i3pwf1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2MjYzNTk5NDljZWNmMjQxOGM1YTJkYjIxYWNhYjg1ZGQ5 MTkzZDgwHhcNMjUxMjExMTkwMTIyWhcNMjUxMjEyMTkwMTIyWjAzMTEwLwYDVQQD Eyg5ZDFiNDUxZTc0YThjZGEzNTA3YjE0MjNjN2YyODljY2QwMmExZmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljYNlaj+l7PNeEkZE+mJZN+o8Daa nZNnXbbiZmyosnjgzTdghmKszU7yH1GiD7fInOVwSJhQNuu82mRyqJ3ZzkIe6+EM z4PYskaaw7LWnKcCE2y0oJrbMfLsL+1ahkXIj+8NPyUjNEXc1bLlQpQIO8/k/ccW c8nyv5MycgRqPYGw6MecHzZeDn/UPAQ9vRvSwUgXjm7qkZwLZoVI80fbfY8MqBdm EKGoBrLhg56VQP024X5pluYQllypIkzGNc/bdmLn5LfXNmMmwUi35+bCNztKKNbN GbaxPk4/fBodDvDKsNgU0Admjf2aaGfzpEzLSM6pLdLuGkC98OPXbG2UuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ0bRR50qM2jUHsUI8fyiczQKh+jMB8GA1UdIwQY MBaAFHYmNZlJzs8kGMWi2yGsq4XdkZPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGlZMW1Vbk96eVFZeGFMYklheXJoZDJSazlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jM2MxM2UtOGY2MS00ZGZlLTk1MmMt YzgwNDA4M2U3ZDQ5LzEvZGlZMW1Vbk96eVFZeGFMYklheXJoZDJSazlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC9jM2MxM2UtOGY2MS00ZGZlLTk1MmMtYzgwNDA4M2U3ZDQ5 LzEvZGlZMW1Vbk96eVFZeGFMYklheXJoZDJSazlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAib8IGG7V emNVyCsCZGUrktmqy1xX7mz/kp3mDP7NlJVPDPkBx18+iqvmwkK/qlhzsRFiV9f/ CO96+Odrh8Wv47Uxy4hS6JTc/wwDONIpVRvzJz8NFmRAZo4jLBbKbMIEt2Kr+e2V jAKs+9P3Pak+YrzK7UqbB03+DlfEbSi2N7bMaWDS6eY3Mt1rKBmxYarVOizMSMkD YtYAOpvWlv6fN5nQl9sRLi0e08RBschCHuPkt2OOZ5LusS8D6FEikteUQuWYAzBK Sj35OOETWl9TSeFum8t/Lli/A4ZSkPWLlZiJWZ3LazNhZGOdo0b2nGpRtFqnXjOL 47Mp2Hw8F0k4lQ== -----END CERTIFICATE-----Generated at Fri Dec 12 03:37:48 2025 by rpki-client