This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft File: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json) Hash identifier: pfkWzsB6mku8YPrvUUI2GAOe8S7WC7h3/qHSIvWychE= Subject key identifier: 5E:A6:BB:FA:83:0A:18:DA:09:5F:7C:E9:4B:6F:41:DD:56:DA:9D:94 Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 Certificate issuer: /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Certificate serial: 019B36B3E124487998EE359BBE652BEB4ABC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft Manifest number: 1781 Signing time: Fri 19 Dec 2025 13:01:56 +0000 Manifest this update: Fri 19 Dec 2025 13:01:56 +0000 Manifest next update: Sat 20 Dec 2025 13:01:56 +0000 Files and hashes: 1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: 0KLspmKv0qXt+6KinuieH3UvzW+mKTNFaHWwgTqlOdo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b3:e1:24:48:79:98:ee:35:9b:be:65:2b:eb:4a:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Validity Not Before: Dec 19 13:01:56 2025 GMT Not After : Dec 20 13:01:56 2025 GMT Subject: CN=5ea6bbfa830a18da095f7ce94b6f41dd56da9d94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:02:42:42:91:28:2d:81:5d:99:53:fe:48:32: 0a:30:12:e4:25:10:d7:97:d3:ac:fc:ca:53:3d:75: 47:ee:9e:50:32:47:c8:1d:9e:d6:d8:c3:2d:60:11: 0c:7d:fd:bc:c8:d4:30:aa:fc:4f:55:46:56:64:08: 07:6d:7d:1d:57:4d:84:00:3f:06:6b:b4:3b:bc:de: f8:2f:8c:1f:dc:b5:25:a0:13:e5:be:ef:c7:6a:c5: 26:a2:87:d4:8d:a9:31:8d:77:77:7a:6f:ff:a1:c1: cb:5f:ce:25:b0:f4:4a:27:b0:9c:c3:2d:d9:cc:d1: c5:3a:45:76:8e:95:47:7b:d3:62:09:83:b2:62:75: dd:73:5e:0c:50:73:9b:58:bc:50:52:34:ed:52:d1: f0:1f:7e:59:cc:e0:a6:9a:cf:e1:db:f5:03:fe:78: 13:41:c3:48:b7:00:ed:e2:fd:64:95:4d:48:13:e4: 61:de:d1:bd:4c:9d:07:40:12:88:17:99:26:1e:9c: 98:92:ee:22:51:ba:47:59:c3:93:70:7c:fd:2d:c4: 95:30:20:ba:c0:0a:38:a2:25:3a:19:a2:c2:ca:5b: fd:08:70:29:d0:b3:a1:48:2d:27:54:34:70:d1:f2: 54:bb:73:bd:ee:f9:20:81:d7:32:86:34:0b:34:a8: cc:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:A6:BB:FA:83:0A:18:DA:09:5F:7C:E9:4B:6F:41:DD:56:DA:9D:94 X509v3 Authority Key Identifier: keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:d2:00:19:47:e5:35:24:07:26:db:fc:e5:c2:3b:23:10:e1: cf:5f:dc:a8:10:e4:d2:06:bd:76:44:fb:36:5c:1a:bb:f2:99: f8:56:a1:d3:ce:9c:12:49:9e:39:86:ce:7a:81:26:ab:0b:1d: e7:1f:5c:31:ee:46:d2:26:da:ff:b6:c4:29:50:7f:16:7f:b0: b8:8c:00:13:51:c2:ee:97:bf:ea:e6:59:fd:45:2d:86:c3:10: cb:4b:42:ff:46:1f:68:d7:2c:3d:52:38:f5:7b:51:d9:0e:3f: b0:c0:2c:21:01:73:ca:97:46:7b:a5:1c:d0:c3:14:76:4c:bc: 31:d0:33:81:ac:14:66:73:dc:cf:14:d8:55:c6:18:ee:f9:fb: 45:de:0b:62:1e:ad:72:a3:8d:61:07:01:3b:22:58:b6:74:14: a5:f9:3c:e0:28:2d:e3:79:8d:ef:34:01:a0:0b:79:36:e7:46: 91:1b:aa:89:de:32:43:60:ea:02:4a:17:33:8e:58:e6:81:9f: cb:8c:56:c4:eb:c3:0f:8a:07:d8:62:6e:23:90:44:78:37:5a: e0:1b:42:ee:aa:67:75:f1:ac:fa:f5:72:c7:80:3d:44:9b:4d: c0:3d:04:00:45:de:f9:51:f9:7d:53:e6:5c:7c:17:8f:c5:ae: 5b:0d:34:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2s+EkSHmY7jWbvmUr60q8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy OGE5NDIwHhcNMjUxMjE5MTMwMTU2WhcNMjUxMjIwMTMwMTU2WjAzMTEwLwYDVQQD Eyg1ZWE2YmJmYTgzMGExOGRhMDk1ZjdjZTk0YjZmNDFkZDU2ZGE5ZDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQJCQpEoLYFdmVP+SDIKMBLkJRDX l9Os/MpTPXVH7p5QMkfIHZ7W2MMtYBEMff28yNQwqvxPVUZWZAgHbX0dV02EAD8G a7Q7vN74L4wf3LUloBPlvu/HasUmoofUjakxjXd3em//ocHLX84lsPRKJ7Ccwy3Z zNHFOkV2jpVHe9NiCYOyYnXdc14MUHObWLxQUjTtUtHwH35ZzOCmms/h2/UD/ngT QcNItwDt4v1klU1IE+Rh3tG9TJ0HQBKIF5kmHpyYku4iUbpHWcOTcHz9LcSVMCC6 wAo4oiU6GaLCylv9CHAp0LOhSC0nVDRw0fJUu3O97vkggdcyhjQLNKjMXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF6mu/qDChjaCV986UtvQd1W2p2UMB8GA1UdIwQY MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqNIAGUfl NSQHJtv85cI7IxDhz1/cqBDk0ga9dkT7Nlwau/KZ+Fah086cEkmeOYbOeoEmqwsd 5x9cMe5G0iba/7bEKVB/Fn+wuIwAE1HC7pe/6uZZ/UUthsMQy0tC/0YfaNcsPVI4 9XtR2Q4/sMAsIQFzypdGe6Uc0MMUdky8MdAzgawUZnPczxTYVcYY7vn7Rd4LYh6t cqONYQcBOyJYtnQUpfk84Cgt43mN7zQBoAt5NudGkRuqid4yQ2DqAkoXM45Y5oGf y4xWxOvDD4oH2GJuI5BEeDda4BtC7qpndfGs+vVyx4A9RJtNwD0EAEXe+VH5fVPm XHwXj8WuWw00qQ== -----END CERTIFICATE-----Generated at Fri Dec 19 14:54:48 2025 by rpki-client