This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft File: pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json) Hash identifier: D1O/oLg50skn7yJabobOhjTgcSzoPDYIilFjGh52IUw= Subject key identifier: C6:47:5A:1B:25:FE:75:02:9E:5F:F2:A4:9B:C4:FA:EB:CA:38:93:3C Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92 Certificate issuer: /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92 Certificate serial: 019B5975A4A6A02099E928FE78C3BF797FD8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft Manifest number: 1294 Signing time: Fri 26 Dec 2025 07:00:40 +0000 Manifest this update: Fri 26 Dec 2025 07:00:40 +0000 Manifest next update: Sat 27 Dec 2025 07:00:40 +0000 Files and hashes: 1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: 2BC6vitfbrPgNa+Z7Tnsb0dxAnKc775Luiv2VLhvdgY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:a4:a6:a0:20:99:e9:28:fe:78:c3:bf:79:7f:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92 Validity Not Before: Dec 26 07:00:40 2025 GMT Not After : Dec 27 07:00:40 2025 GMT Subject: CN=c6475a1b25fe75029e5ff2a49bc4faebca38933c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8f:1e:4f:d6:58:81:4f:af:83:a4:96:4f:b3: 86:9e:7b:4d:95:a2:b5:49:60:3f:db:63:10:e1:c2: 64:34:a2:76:6b:02:4f:e7:26:d9:5b:4e:ca:8c:b2: 5f:bf:af:1c:c4:21:61:bc:23:ba:9e:6a:27:3d:2f: 27:c8:00:04:08:b3:97:07:7d:60:9b:64:99:d6:d7: b1:44:c7:23:12:e0:7c:53:f4:4d:ec:97:c1:c6:c4: b3:e9:77:be:4e:5d:e7:1b:54:00:35:a5:63:ac:9d: fc:5e:38:b8:1a:95:c3:f0:fd:21:d8:31:f4:6a:58: 55:d2:96:ea:fe:07:86:05:00:25:87:57:71:66:fd: 7f:21:e6:b2:18:94:51:69:08:15:ab:09:e1:91:c6: 02:fe:b9:51:50:e7:b1:94:2d:05:a0:08:a1:1b:f9: 78:d1:2c:b0:30:29:4a:0d:57:58:07:5b:06:cd:dc: 8b:93:49:99:05:50:96:9c:71:a8:3e:7c:4e:e5:2b: 76:4f:03:02:ff:69:8e:c7:16:80:6c:47:3f:56:fe: 9a:f5:26:5c:73:77:d2:94:4d:6a:2e:14:27:1a:5b: 19:96:f0:18:03:6f:0c:ce:58:32:df:21:68:22:e0: 71:93:7b:bd:da:6d:69:cb:dd:1c:01:74:c6:4d:38: 83:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:47:5A:1B:25:FE:75:02:9E:5F:F2:A4:9B:C4:FA:EB:CA:38:93:3C X509v3 Authority Key Identifier: keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:41:6d:4a:45:5e:be:16:6b:37:6b:47:ff:32:e1:d7:d6:31: db:90:8e:5f:c7:b2:c8:4d:27:bd:6f:aa:75:aa:a9:99:63:91: a9:5c:7a:a8:ca:b4:ae:ea:70:a7:d8:69:5c:6e:67:c2:b0:ce: 1c:8a:2d:f2:2c:07:15:b8:80:45:ac:5f:47:df:bc:1f:64:dc: 80:ec:e4:0c:00:1a:87:34:6b:75:de:73:4c:3b:79:e2:74:41: 45:98:ff:d3:8b:4c:ed:f5:84:84:7d:53:e0:ab:9b:02:59:24: 32:b9:98:f4:97:5b:8c:7c:66:6b:a7:91:0c:fb:df:b2:cb:2e: 37:8d:58:59:33:bb:ce:87:23:70:20:b0:c8:78:9e:4e:0e:12: ea:cb:22:37:75:13:5f:d8:b7:f2:5e:be:19:91:05:44:0d:76: b7:c7:1e:a8:d3:3d:a8:4c:3d:21:99:e1:24:a0:03:6b:28:75: ba:ec:5a:6d:c6:25:4c:78:5a:a4:11:ee:91:81:0c:a7:88:ec: 38:9e:76:11:12:3d:7e:67:d5:ee:a0:86:87:3e:3e:8b:6d:e9: d4:4f:1d:c7:e8:51:9a:0a:04:b6:3d:4d:80:d8:db:eb:1d:d1: c9:70:a9:75:59:b1:9a:cb:ed:a5:f2:e6:c2:a0:ad:84:1f:22: 1b:17:29:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdaSmoCCZ6Sj+eMO/eX/YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1 OTRiOTIwHhcNMjUxMjI2MDcwMDQwWhcNMjUxMjI3MDcwMDQwWjAzMTEwLwYDVQQD EyhjNjQ3NWExYjI1ZmU3NTAyOWU1ZmYyYTQ5YmM0ZmFlYmNhMzg5MzNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu48eT9ZYgU+vg6SWT7OGnntNlaK1 SWA/22MQ4cJkNKJ2awJP5ybZW07KjLJfv68cxCFhvCO6nmonPS8nyAAECLOXB31g m2SZ1texRMcjEuB8U/RN7JfBxsSz6Xe+Tl3nG1QANaVjrJ38Xji4GpXD8P0h2DH0 alhV0pbq/geGBQAlh1dxZv1/IeayGJRRaQgVqwnhkcYC/rlRUOexlC0FoAihG/l4 0SywMClKDVdYB1sGzdyLk0mZBVCWnHGoPnxO5St2TwMC/2mOxxaAbEc/Vv6a9SZc c3fSlE1qLhQnGlsZlvAYA28Mzlgy3yFoIuBxk3u92m1py90cAXTGTTiDkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMZHWhsl/nUCnl/ypJvE+uvKOJM8MB8GA1UdIwQY MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2 LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkFtSkVe vhZrN2tH/zLh19Yx25COX8eyyE0nvW+qdaqpmWORqVx6qMq0rupwp9hpXG5nwrDO HIot8iwHFbiARaxfR9+8H2TcgOzkDAAahzRrdd5zTDt54nRBRZj/04tM7fWEhH1T 4KubAlkkMrmY9JdbjHxma6eRDPvfsssuN41YWTO7zocjcCCwyHieTg4S6ssiN3UT X9i38l6+GZEFRA12t8ceqNM9qEw9IZnhJKADayh1uuxabcYlTHhapBHukYEMp4js OJ52ERI9fmfV7qCGhz4+i23p1E8dx+hRmgoEtj1NgNjb6x3RyXCpdVmxmsvtpfLm wqCthB8iGxcp3A== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:38 2025 by rpki-client