This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft File: 20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json) Hash identifier: Gw7+dw4725GY2qMByD/gtrLExUU5UaVQlOh8Go427b4= Subject key identifier: DD:94:62:56:BB:21:97:0A:17:EF:A8:82:79:A2:9C:52:5E:6E:F1:01 Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 Certificate issuer: /CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Certificate serial: 019B202B4D3ADCAE9A89FDA1D6D15279944A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft Manifest number: 1775 Signing time: Mon 15 Dec 2025 04:01:07 +0000 Manifest this update: Mon 15 Dec 2025 04:01:07 +0000 Manifest next update: Tue 16 Dec 2025 04:01:07 +0000 Files and hashes: 1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: mOJyaP+rtYMQS0jCiEjcPJPrfuJtQO/olT/qGJGRhKg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2b:4d:3a:dc:ae:9a:89:fd:a1:d6:d1:52:79:94:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Validity Not Before: Dec 15 04:01:07 2025 GMT Not After : Dec 16 04:01:07 2025 GMT Subject: CN=dd946256bb21970a17efa88279a29c525e6ef101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:49:2f:4b:07:a7:e5:37:7e:3d:f1:b9:a8:d7: 54:9c:37:7b:40:df:39:f0:6c:0b:93:06:1c:49:8d: ca:46:db:cb:d2:24:5e:a2:45:17:b9:f5:91:d8:65: bf:54:05:90:89:6f:c0:db:d9:0c:82:51:c7:c0:79: 38:1c:45:ee:fd:f7:8b:fb:eb:83:83:78:5b:9b:7f: 83:53:49:43:bf:12:da:eb:27:33:84:f5:97:43:15: 72:9a:ba:2f:c7:5d:ae:30:0e:64:3d:5a:d6:6b:49: 9b:72:0c:4e:d1:de:15:b8:c0:7a:72:0c:e6:13:ea: 19:62:61:b1:1f:14:10:7d:b7:73:3b:a1:42:ef:9a: bc:8c:28:83:a0:6c:43:de:a1:90:dc:3c:d6:03:6f: fe:6f:fc:44:d5:16:54:e3:bc:d1:77:31:a0:ff:6e: 75:24:1f:e1:0f:de:3a:86:36:11:6a:3c:19:e0:7e: 8b:6d:57:34:6f:22:ca:f7:5d:01:e3:a9:65:a4:46: 1a:94:63:dc:70:16:83:c3:6f:2f:72:12:96:8c:e6: f0:e8:5f:6a:66:4c:59:07:ff:8a:7b:f5:bb:b2:d2: 94:46:94:cc:12:43:d4:1b:35:0f:8d:01:c1:4e:be: ce:df:82:7d:c0:7d:30:c0:57:ad:ad:a0:09:48:11: 74:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:94:62:56:BB:21:97:0A:17:EF:A8:82:79:A2:9C:52:5E:6E:F1:01 X509v3 Authority Key Identifier: keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:ee:9b:70:13:59:31:b1:6f:2e:17:55:0e:83:61:14:86:4f: 73:d5:53:f0:c4:59:81:a5:15:98:6f:03:ac:1d:56:70:9e:ee: 22:8d:ab:8c:8d:e8:c9:18:31:f3:c1:5d:b6:cc:11:92:93:af: 24:75:b5:e8:90:59:07:b2:86:13:e5:3b:b9:65:69:9c:85:ae: e4:30:07:09:68:c4:95:d1:76:1a:bb:53:bc:a6:ef:38:cc:b4: e3:ec:51:1f:ce:ec:dd:8b:f6:4f:66:1e:8b:83:88:30:35:e7: d5:7d:35:52:45:ed:07:d3:f9:37:e1:07:7f:e1:f3:f7:f0:ce: 31:8d:15:98:a4:26:60:bc:3a:77:4b:0d:bb:f7:b9:30:a6:a3: 93:4b:71:1c:a2:c1:b9:0a:f6:13:6b:1d:40:dc:84:51:e4:cc: 7a:44:cd:dc:d6:6e:ee:6f:b2:e8:c1:35:34:3c:82:70:0a:fa: 69:fd:71:44:1b:96:d9:3c:d2:b3:c8:5f:55:b5:d1:e8:db:d7: c8:e9:98:1f:a4:b1:11:4f:1f:85:c4:3b:a9:7e:78:ab:ec:fb: b1:9c:b4:14:80:02:92:ff:8f:6a:e8:b6:09:c7:4e:d3:ed:d8: c4:0d:23:72:2d:08:90:de:5f:4b:bd:9e:9a:ec:5b:0c:ed:88: 15:b0:af:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgK0063K6aif2h1tFSeZRKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4 Yjc4NTIwHhcNMjUxMjE1MDQwMTA3WhcNMjUxMjE2MDQwMTA3WjAzMTEwLwYDVQQD EyhkZDk0NjI1NmJiMjE5NzBhMTdlZmE4ODI3OWEyOWM1MjVlNmVmMTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkkvSwen5Td+PfG5qNdUnDd7QN85 8GwLkwYcSY3KRtvL0iReokUXufWR2GW/VAWQiW/A29kMglHHwHk4HEXu/feL++uD g3hbm3+DU0lDvxLa6yczhPWXQxVymrovx12uMA5kPVrWa0mbcgxO0d4VuMB6cgzm E+oZYmGxHxQQfbdzO6FC75q8jCiDoGxD3qGQ3DzWA2/+b/xE1RZU47zRdzGg/251 JB/hD946hjYRajwZ4H6LbVc0byLK910B46llpEYalGPccBaDw28vchKWjObw6F9q ZkxZB/+Ke/W7stKURpTMEkPUGzUPjQHBTr7O34J9wH0wwFetraAJSBF0vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2UYla7IZcKF++ognminFJebvEBMB8GA1UdIwQY MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3 LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+6bcBNZ MbFvLhdVDoNhFIZPc9VT8MRZgaUVmG8DrB1WcJ7uIo2rjI3oyRgx88FdtswRkpOv JHW16JBZB7KGE+U7uWVpnIWu5DAHCWjEldF2GrtTvKbvOMy04+xRH87s3Yv2T2Ye i4OIMDXn1X01UkXtB9P5N+EHf+Hz9/DOMY0VmKQmYLw6d0sNu/e5MKajk0txHKLB uQr2E2sdQNyEUeTMekTN3NZu7m+y6ME1NDyCcAr6af1xRBuW2TzSs8hfVbXR6NvX yOmYH6SxEU8fhcQ7qX54q+z7sZy0FIACkv+Paui2CcdO0+3YxA0jci0IkN5fS72e muxbDO2IFbCvew== -----END CERTIFICATE-----Generated at Mon Dec 15 14:59:58 2025 by rpki-client