This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft File: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft (raw, json) Hash identifier: pwr9Z7F0zOzRAkhz7d7l4KI9/lXtqZ6J5lWheStTXTY= Subject key identifier: 14:42:47:DE:F7:40:A2:3B:1B:5B:D7:DB:A3:7D:92:64:F6:48:65:42 Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67 Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67 Certificate serial: 019B1014929BDFD01E9FE483ACD94370A004 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft Manifest number: 0AA6 Signing time: Fri 12 Dec 2025 01:02:22 +0000 Manifest this update: Fri 12 Dec 2025 01:02:22 +0000 Manifest next update: Sat 13 Dec 2025 01:02:22 +0000 Files and hashes: 1: RiW5W8SWQ6-vverb8NRdVDj6CjU.roa (hash: 4IAwVod5pwysrRco/iSy8Lzx8KDdHZ/Q8/hyLLW5E4w=) 2: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl (hash: HoU4cr6lECQf8bF/zPY1rZZcQoCJY99ijoVMpY3Ul+g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:14:92:9b:df:d0:1e:9f:e4:83:ac:d9:43:70:a0:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67 Validity Not Before: Dec 12 01:02:22 2025 GMT Not After : Dec 13 01:02:22 2025 GMT Subject: CN=144247def740a23b1b5bd7dba37d9264f6486542 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:4b:e1:4e:04:bc:4d:89:d1:16:3c:c0:ce:7d: 41:39:a8:78:38:b1:ba:1e:d7:c2:8f:ed:b4:5e:ea: c3:21:04:96:35:6b:58:56:97:f2:1e:65:91:4b:db: 75:ed:2d:7e:4a:16:bc:da:c1:8d:13:ef:0f:1d:52: 80:22:94:3f:5e:3b:80:09:45:d8:c5:ea:81:b3:52: 88:a5:da:dc:26:7a:92:79:d5:5a:b2:a8:9b:90:40: 9f:e2:52:20:d9:dd:b7:fa:55:04:58:ec:8b:18:53: bc:1c:32:d9:c8:ee:4c:0b:d5:b1:3b:e6:ad:21:82: 37:37:12:d7:d7:8c:01:e3:68:8c:98:b0:09:62:82: d4:2c:df:21:58:e4:1f:37:a5:b3:99:aa:3f:86:b9: 45:4e:03:11:dd:6e:4e:c0:70:6a:48:eb:c7:4e:7f: e5:b7:93:40:7f:5c:cb:85:c5:74:24:c6:7d:63:c4: 49:ee:b8:e9:cf:c2:38:72:9f:31:bd:4b:16:aa:f8: 10:05:6b:e9:48:13:8d:23:9f:9a:31:23:c9:1f:03: 98:a2:8c:f7:39:d1:a0:8b:bb:b0:a9:17:9b:fb:99: 94:41:9e:68:74:05:6a:46:fd:fd:29:75:a6:60:c6: 40:7a:69:19:f2:b3:bb:4c:c3:58:8f:b0:75:d5:c3: b9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:42:47:DE:F7:40:A2:3B:1B:5B:D7:DB:A3:7D:92:64:F6:48:65:42 X509v3 Authority Key Identifier: keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:92:08:ff:31:24:93:13:e3:c2:dd:42:16:a2:2e:5a:d5:3d: 76:24:53:c8:b8:b8:6a:f4:6c:ea:6b:27:63:33:b2:02:06:5d: 4f:65:e5:bf:e5:a5:78:dd:96:81:66:88:60:a2:da:d1:44:7d: 54:60:04:82:bf:bd:f6:8e:91:6c:08:ef:28:47:2b:b3:4c:b7: 14:4e:d0:32:82:a5:20:ef:4b:f6:c3:35:79:fd:72:49:28:03: ab:f1:09:60:ac:01:a3:9e:48:b2:cc:37:0c:08:09:16:df:16: af:64:5a:63:ab:06:cb:bc:c3:53:fa:b3:c6:b1:94:dc:45:ce: c4:30:f3:18:71:42:d0:66:43:48:6e:04:3d:98:42:72:ab:3c: a3:a4:e7:4e:1e:64:0b:9c:26:2a:0b:cd:8f:69:18:6f:61:95: 55:cd:64:51:9f:a9:5d:b1:f6:c2:29:c8:11:5d:70:23:8e:36: 0b:a9:2a:9b:6e:63:bf:c8:7b:08:f2:c0:6e:2f:53:79:4b:41: eb:af:b3:ef:f5:03:dd:02:d5:12:52:47:c5:03:9e:22:5a:90: 71:80:7c:5b:35:93:7c:af:c0:81:32:bf:e3:45:73:d4:5a:32: 40:e7:d0:dc:68:51:bb:74:1d:91:13:8a:a3:6d:b1:dc:67:ae: b2:24:7c:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQFJKb39Aen+SDrNlDcKAEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1 M2FlNjcwHhcNMjUxMjEyMDEwMjIyWhcNMjUxMjEzMDEwMjIyWjAzMTEwLwYDVQQD EygxNDQyNDdkZWY3NDBhMjNiMWI1YmQ3ZGJhMzdkOTI2NGY2NDg2NTQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EvhTgS8TYnRFjzAzn1BOah4OLG6 HtfCj+20XurDIQSWNWtYVpfyHmWRS9t17S1+Sha82sGNE+8PHVKAIpQ/XjuACUXY xeqBs1KIpdrcJnqSedVasqibkECf4lIg2d23+lUEWOyLGFO8HDLZyO5MC9WxO+at IYI3NxLX14wB42iMmLAJYoLULN8hWOQfN6Wzmao/hrlFTgMR3W5OwHBqSOvHTn/l t5NAf1zLhcV0JMZ9Y8RJ7rjpz8I4cp8xvUsWqvgQBWvpSBONI5+aMSPJHwOYooz3 OdGgi7uwqReb+5mUQZ5odAVqRv39KXWmYMZAemkZ8rO7TMNYj7B11cO5YQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBRCR973QKI7G1vX26N9kmT2SGVCMB8GA1UdIwQY MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt NjVhNWVmMGFmMGI0LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0 LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaZII/zEk kxPjwt1CFqIuWtU9diRTyLi4avRs6msnYzOyAgZdT2Xlv+WleN2WgWaIYKLa0UR9 VGAEgr+99o6RbAjvKEcrs0y3FE7QMoKlIO9L9sM1ef1ySSgDq/EJYKwBo55Issw3 DAgJFt8Wr2RaY6sGy7zDU/qzxrGU3EXOxDDzGHFC0GZDSG4EPZhCcqs8o6TnTh5k C5wmKgvNj2kYb2GVVc1kUZ+pXbH2winIEV1wI442C6kqm25jv8h7CPLAbi9TeUtB 66+z7/UD3QLVElJHxQOeIlqQcYB8WzWTfK/AgTK/40Vz1FoyQOfQ3GhRu3QdkROK o22x3GeusiR8GA== -----END CERTIFICATE-----Generated at Fri Dec 12 03:22:10 2025 by rpki-client