This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft File: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft (raw, json) Hash identifier: R0hnbKvU8H3JFTbKS/Tvl2FEe8PEWcbx56FfTAC1Pxg= Subject key identifier: F7:4D:D3:15:E0:30:ED:3D:4E:6D:62:7B:C6:2E:DF:87:83:9E:E4:F3 Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67 Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67 Certificate serial: 019B217546DEDC0E988076EBF0417E597E42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft Manifest number: 0AAF Signing time: Mon 15 Dec 2025 10:01:32 +0000 Manifest this update: Mon 15 Dec 2025 10:01:32 +0000 Manifest next update: Tue 16 Dec 2025 10:01:32 +0000 Files and hashes: 1: RiW5W8SWQ6-vverb8NRdVDj6CjU.roa (hash: 4IAwVod5pwysrRco/iSy8Lzx8KDdHZ/Q8/hyLLW5E4w=) 2: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl (hash: 18mYC9P/2JrRuxUaoHafICDohex4nbJLpbptzMELST8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:46:de:dc:0e:98:80:76:eb:f0:41:7e:59:7e:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67 Validity Not Before: Dec 15 10:01:32 2025 GMT Not After : Dec 16 10:01:32 2025 GMT Subject: CN=f74dd315e030ed3d4e6d627bc62edf87839ee4f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:13:b7:c9:65:3d:5e:ec:b1:98:c7:fd:8d:01: 3d:cb:33:d0:01:34:8b:d0:2d:3b:42:55:7c:98:80: 96:03:23:55:32:4e:f9:fc:a0:ae:e0:8a:8f:36:19: 66:29:06:1b:78:e4:18:7b:e4:96:d4:6d:32:fd:7b: 74:27:55:eb:7d:07:8d:c7:31:fb:51:53:44:53:b4: 34:97:4d:da:62:a8:10:52:bc:d4:8b:66:60:a0:18: 99:60:50:de:9e:97:07:11:81:74:e0:19:41:a9:53: 53:3c:a8:4c:28:dc:65:e7:6c:5c:32:a0:6d:75:a3: 7a:74:22:66:ef:0a:fb:92:8b:97:5e:4e:35:1c:35: 27:32:fa:2f:e6:5c:85:29:e4:33:b8:a4:2b:c0:bc: 48:b4:e1:ce:fc:b8:bb:cd:4e:75:d9:cc:67:18:d5: 0c:49:13:70:c4:bd:44:e3:4b:d8:5f:1c:82:03:c5: 1c:2d:1b:01:29:37:4c:17:99:a3:8b:a7:e4:5b:e4: 17:14:b8:ed:de:02:bc:b5:fc:73:27:4e:e4:7c:fc: d1:79:ad:c0:45:ba:57:e4:2c:98:36:4a:00:d4:62: 91:f8:a1:e0:ce:fa:82:70:c8:70:30:3f:11:0c:56: 17:19:a9:99:a4:8d:87:40:a8:e0:af:bd:a8:dd:aa: f6:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:4D:D3:15:E0:30:ED:3D:4E:6D:62:7B:C6:2E:DF:87:83:9E:E4:F3 X509v3 Authority Key Identifier: keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:d3:4a:ae:2f:d2:cf:9d:7d:0e:55:69:6c:e9:94:cf:f4:e7: 7c:a9:01:35:8f:5b:fc:ac:79:d1:17:e2:1c:07:3e:3d:06:71: bb:07:29:4d:29:30:6e:d4:5c:8a:74:67:bd:f7:b5:e1:49:13: e9:fb:af:2c:87:34:e7:b9:00:4d:c0:97:e2:f5:7b:1b:03:d0: ae:a0:c2:c2:d8:ef:f2:75:5b:1b:3e:5c:33:be:3b:d5:88:04: 53:59:70:62:0e:42:d8:dd:45:8b:1a:ad:2d:68:d6:31:2c:b9: 7f:3e:92:16:7c:7a:3e:29:62:6e:49:a3:65:2d:3d:c9:a3:ca: f7:4d:16:0b:7c:65:52:53:8b:ba:8a:5b:b6:02:c8:50:10:37: ea:e9:7a:22:93:a9:2d:b4:6c:e9:a1:ba:81:dc:1f:ac:9b:76: 8e:2b:a9:45:1c:9b:fc:04:c0:fd:6f:e2:f2:63:0b:40:29:b2: d9:a1:2f:e1:f9:79:d4:3a:34:e1:56:fc:ef:a0:3b:fe:38:64: 32:6a:57:0c:2b:6f:d8:4e:d0:5a:77:7c:3e:29:73:2a:94:5a: 34:97:5e:ee:a1:a7:fe:f8:ea:e3:a1:24:dd:b6:df:9d:b3:24: 92:fc:b0:eb:34:3b:20:94:0a:54:8e:3b:5a:25:4b:36:40:2a: 5f:06:b4:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdUbe3A6YgHbr8EF+WX5CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1 M2FlNjcwHhcNMjUxMjE1MTAwMTMyWhcNMjUxMjE2MTAwMTMyWjAzMTEwLwYDVQQD EyhmNzRkZDMxNWUwMzBlZDNkNGU2ZDYyN2JjNjJlZGY4NzgzOWVlNGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBO3yWU9XuyxmMf9jQE9yzPQATSL 0C07QlV8mICWAyNVMk75/KCu4IqPNhlmKQYbeOQYe+SW1G0y/Xt0J1XrfQeNxzH7 UVNEU7Q0l03aYqgQUrzUi2ZgoBiZYFDenpcHEYF04BlBqVNTPKhMKNxl52xcMqBt daN6dCJm7wr7kouXXk41HDUnMvov5lyFKeQzuKQrwLxItOHO/Li7zU512cxnGNUM SRNwxL1E40vYXxyCA8UcLRsBKTdMF5mji6fkW+QXFLjt3gK8tfxzJ07kfPzRea3A RbpX5CyYNkoA1GKR+KHgzvqCcMhwMD8RDFYXGamZpI2HQKjgr72o3ar2GQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPdN0xXgMO09Tm1ie8Yu34eDnuTzMB8GA1UdIwQY MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt NjVhNWVmMGFmMGI0LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0 LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtNKri/S z519DlVpbOmUz/TnfKkBNY9b/Kx50RfiHAc+PQZxuwcpTSkwbtRcinRnvfe14UkT 6fuvLIc057kATcCX4vV7GwPQrqDCwtjv8nVbGz5cM7471YgEU1lwYg5C2N1Fixqt LWjWMSy5fz6SFnx6PilibkmjZS09yaPK900WC3xlUlOLuopbtgLIUBA36ul6IpOp LbRs6aG6gdwfrJt2jiupRRyb/ATA/W/i8mMLQCmy2aEv4fl51Do04Vb876A7/jhk MmpXDCtv2E7QWnd8PilzKpRaNJde7qGn/vjq46Ek3bbfnbMkkvyw6zQ7IJQKVI47 WiVLNkAqXwa0/w== -----END CERTIFICATE-----Generated at Mon Dec 15 13:18:58 2025 by rpki-client