This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json) Hash identifier: nXVyxlpmvXDPZ0Ly/PvQXVrpfjApLzBDVEE8wpg3ahw= Subject key identifier: 0C:F7:12:91:92:45:27:AE:DA:2E:26:77:C5:21:79:B4:FA:69:AD:B4 Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc Certificate serial: 019B5A522FC1A760E95ACEF875991706B90A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft Manifest number: 13B1 Signing time: Fri 26 Dec 2025 11:01:34 +0000 Manifest this update: Fri 26 Dec 2025 11:01:34 +0000 Manifest next update: Sat 27 Dec 2025 11:01:34 +0000 Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=) 2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: jzxJk7PKS5RiwhB9uMafirRsgrON0hAlvF3+MzEAjYg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:2f:c1:a7:60:e9:5a:ce:f8:75:99:17:06:b9:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc Validity Not Before: Dec 26 11:01:34 2025 GMT Not After : Dec 27 11:01:34 2025 GMT Subject: CN=0cf71291924527aeda2e2677c52179b4fa69adb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:23:5b:3c:a7:8e:26:a5:72:21:19:7f:fa:e5: 34:19:ae:2a:66:dc:8c:8a:66:a2:e8:6b:a4:e0:0d: af:ba:0f:63:47:c6:4b:c4:ff:60:ad:61:2b:2f:47: 1d:f6:0d:f3:e4:08:f8:04:18:e4:c1:43:1e:f1:85: 79:59:6d:5b:a7:de:8e:26:48:0b:37:34:59:b3:77: 67:83:78:7c:55:11:45:92:0b:d3:c9:82:96:fb:da: dd:c3:85:89:bd:b2:ac:50:bb:39:ab:48:52:24:c9: 38:87:33:c0:b7:23:a6:fa:bd:56:cb:a9:cb:32:65: ac:dc:43:c2:fe:b1:f3:cb:82:95:4d:bc:87:1f:28: 5b:19:b9:51:74:31:ed:d8:d4:a6:01:6e:4d:06:10: ea:49:16:e2:2a:a8:71:3e:8f:b4:88:a5:1a:8c:4b: 73:88:4a:13:a4:68:f0:9b:86:76:04:dc:96:96:e9: 01:5c:a0:21:4b:9e:b7:c2:b3:a2:46:71:50:c7:27: 45:d8:7f:cb:ed:b9:27:53:2b:2e:39:d4:89:c6:40: d8:1d:da:d4:da:48:03:3d:eb:e7:d1:d2:30:42:ba: 80:16:d0:17:bb:f4:1f:4d:a3:41:31:19:de:fd:0d: e0:83:4a:2b:0f:4a:eb:34:40:b3:23:d6:b0:ae:7f: e5:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:F7:12:91:92:45:27:AE:DA:2E:26:77:C5:21:79:B4:FA:69:AD:B4 X509v3 Authority Key Identifier: keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:16:a7:95:5a:05:46:44:22:64:26:bf:ab:ac:76:a7:d0:07: 19:1a:a5:06:3c:2f:78:33:1a:6c:08:b5:d4:ea:34:29:02:56: fa:87:13:cb:75:40:b1:56:98:5d:e3:e5:70:87:07:76:3a:a1: 18:bf:23:a8:c7:16:c7:05:3e:de:8f:0f:fa:3e:87:f6:01:c7: b0:2f:53:a8:e4:e2:24:ba:72:e3:63:3b:74:18:b2:5a:b6:df: 79:d0:a7:ff:5b:60:a8:c1:8d:41:78:c1:bf:0f:60:1c:07:68: 90:d1:b5:8e:33:1a:d6:76:cb:95:1f:e0:14:48:ce:0a:76:43: 74:18:73:49:11:aa:fc:7e:53:f7:ae:5d:b6:0b:1c:17:1f:32: 07:4b:b7:97:26:e6:25:7d:01:68:47:0a:fc:0a:58:0c:66:fa: 89:05:09:1d:94:5a:f9:b5:75:f9:b3:70:84:d5:aa:df:4e:5f: a9:42:ab:1e:48:57:de:fe:f3:31:e9:31:f3:92:27:9d:f8:df: 50:21:bc:2f:ed:d3:50:4b:6c:62:0f:cd:2f:27:98:be:69:13: 0a:4f:a9:91:54:a3:02:13:24:31:a8:d3:6b:de:4e:9f:6e:3d: a5:7f:ef:6b:b5:2a:83:66:17:cc:bb:a6:85:cb:c9:a9:dd:c9: f8:7c:da:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUi/Bp2DpWs74dZkXBrkKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0 N2RiZmMwHhcNMjUxMjI2MTEwMTM0WhcNMjUxMjI3MTEwMTM0WjAzMTEwLwYDVQQD EygwY2Y3MTI5MTkyNDUyN2FlZGEyZTI2NzdjNTIxNzliNGZhNjlhZGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CNbPKeOJqVyIRl/+uU0Ga4qZtyM imai6Guk4A2vug9jR8ZLxP9grWErL0cd9g3z5Aj4BBjkwUMe8YV5WW1bp96OJkgL NzRZs3dng3h8VRFFkgvTyYKW+9rdw4WJvbKsULs5q0hSJMk4hzPAtyOm+r1Wy6nL MmWs3EPC/rHzy4KVTbyHHyhbGblRdDHt2NSmAW5NBhDqSRbiKqhxPo+0iKUajEtz iEoTpGjwm4Z2BNyWlukBXKAhS563wrOiRnFQxydF2H/L7bknUysuOdSJxkDYHdrU 2kgDPevn0dIwQrqAFtAXu/QfTaNBMRne/Q3gg0orD0rrNECzI9awrn/l/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAz3EpGSRSeu2i4md8UhebT6aa20MB8GA1UdIwQY MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3 LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxanlVoF RkQiZCa/q6x2p9AHGRqlBjwveDMabAi11Oo0KQJW+ocTy3VAsVaYXePlcIcHdjqh GL8jqMcWxwU+3o8P+j6H9gHHsC9TqOTiJLpy42M7dBiyWrbfedCn/1tgqMGNQXjB vw9gHAdokNG1jjMa1nbLlR/gFEjOCnZDdBhzSRGq/H5T965dtgscFx8yB0u3lybm JX0BaEcK/ApYDGb6iQUJHZRa+bV1+bNwhNWq305fqUKrHkhX3v7zMekx85Innfjf UCG8L+3TUEtsYg/NLyeYvmkTCk+pkVSjAhMkMajTa95On249pX/va7Uqg2YXzLum hcvJqd3J+HzazA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:15 2025 by rpki-client