This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft File: y2bnZjRVc9cVnWeU7a7bc5okH48.mft (raw, json) Hash identifier: yEFCR3YyfUyhVJYUA1LdDP8dOPidpM4RlrbfsJRAQLg= Subject key identifier: DA:56:01:4A:FD:84:90:86:6A:2F:4E:2D:E6:84:D9:73:07:1D:27:05 Authority key identifier: CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F Certificate issuer: /CN=cb66e766345573d7159d6794edaedb739a241f8f Certificate serial: 019B22BE22F44B507923A4CB7693940EBD88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft Manifest number: 07C9 Signing time: Mon 15 Dec 2025 16:00:44 +0000 Manifest this update: Mon 15 Dec 2025 16:00:44 +0000 Manifest next update: Tue 16 Dec 2025 16:00:44 +0000 Files and hashes: 1: GP-mcsPVfkxFR6BakAdLWMHzvnk.roa (hash: 46Gy5AnSQQR4RzlnLScg9/HmedHrQU8V47NDaOoaI7E=) 2: y2bnZjRVc9cVnWeU7a7bc5okH48.crl (hash: LL8JN7DG9S6uUYyOzVxfBmCkAyIoqohAaY59LSZb+ao=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:be:22:f4:4b:50:79:23:a4:cb:76:93:94:0e:bd:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb66e766345573d7159d6794edaedb739a241f8f Validity Not Before: Dec 15 16:00:44 2025 GMT Not After : Dec 16 16:00:44 2025 GMT Subject: CN=da56014afd8490866a2f4e2de684d973071d2705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d7:c3:a6:22:d5:34:9e:7e:16:4e:fd:82:e3: c3:3a:b4:c0:5f:33:6c:aa:31:c7:21:e9:4b:6b:af: d7:f3:37:e8:b4:9c:23:46:b3:1a:2c:8b:3a:c2:3a: 1e:d1:aa:44:4f:76:0a:40:21:3d:ae:1b:78:c0:a2: e0:07:53:a7:23:7f:1b:8e:64:2d:05:0f:b4:62:fc: b2:4c:00:40:a4:04:24:3e:06:4b:66:42:15:b6:bf: 27:4a:fb:4a:13:59:60:f6:01:08:00:96:54:e2:09: 47:9a:ee:6c:8a:47:a0:a9:7a:f3:d5:fb:9d:9d:a6: 99:f0:5e:af:dd:5e:06:a2:e3:e4:41:1d:1b:e2:4a: a6:4b:26:59:74:fc:a3:b7:44:51:02:34:b4:91:24: b4:ed:65:a5:75:11:03:5e:90:9d:c8:c3:ef:b8:ec: 62:fe:cb:7d:38:6f:a1:e7:ac:d1:d2:28:9c:ec:e4: b5:3f:b0:d7:b3:be:67:54:c6:a0:6f:da:75:81:5c: 82:81:b3:2b:c2:88:aa:f5:6d:df:8e:4d:5d:34:f2: 47:6f:ca:0c:78:fc:3d:ec:15:71:49:bb:07:d6:7b: 09:36:c8:75:45:3e:6b:27:29:4e:4c:ea:d4:91:5e: 4d:0f:35:4a:dd:2b:47:06:49:f2:67:f8:f7:89:9d: 7b:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:56:01:4A:FD:84:90:86:6A:2F:4E:2D:E6:84:D9:73:07:1D:27:05 X509v3 Authority Key Identifier: keyid:CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:88:84:b7:6d:17:5c:9f:42:d0:18:bc:a8:0c:62:00:48:de: 35:ea:d1:2a:0f:84:87:f2:c8:65:1e:98:8c:e4:20:2b:c9:7c: f3:64:5f:62:8d:1c:ca:de:d0:bc:0a:c9:3d:5e:6e:cd:51:03: e5:ae:e5:c2:07:52:4f:c8:77:1c:1a:5a:24:69:e7:76:21:3a: 95:d5:ba:55:6d:3e:31:f3:d1:33:b2:d5:11:e8:d0:17:7f:c6: 3f:82:b2:14:23:ac:26:6e:2c:12:9d:b3:0a:9f:91:a5:be:77: c0:32:04:fd:1b:e4:72:cf:69:08:90:91:f8:a5:64:b1:c4:f3: 30:bc:03:ac:76:5f:b7:bd:24:a4:bd:c9:a4:76:ec:7e:f7:a1: 36:27:d8:d7:e6:b2:83:ee:f0:90:88:c8:b6:71:da:fb:dd:9b: c9:23:78:95:e8:37:fd:ee:ba:bf:e5:f3:7a:0c:cd:88:76:3f: 9a:6e:51:a2:46:38:a2:dc:44:8b:c0:e8:91:98:47:d4:62:a4: 4f:d4:78:17:90:d1:de:bc:dc:4e:c9:60:da:4a:d6:4d:36:bc: 9a:1d:3a:1c:3c:89:81:11:63:33:b5:7f:b1:69:06:3b:79:eb: 19:71:43:f3:88:07:70:d9:0b:fe:a6:c4:7f:fd:2f:99:3a:a7: 0b:5b:7d:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsiviL0S1B5I6TLdpOUDr2IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNjZlNzY2MzQ1NTczZDcxNTlkNjc5NGVkYWVkYjczOWEy NDFmOGYwHhcNMjUxMjE1MTYwMDQ0WhcNMjUxMjE2MTYwMDQ0WjAzMTEwLwYDVQQD EyhkYTU2MDE0YWZkODQ5MDg2NmEyZjRlMmRlNjg0ZDk3MzA3MWQyNzA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNfDpiLVNJ5+Fk79guPDOrTAXzNs qjHHIelLa6/X8zfotJwjRrMaLIs6wjoe0apET3YKQCE9rht4wKLgB1OnI38bjmQt BQ+0YvyyTABApAQkPgZLZkIVtr8nSvtKE1lg9gEIAJZU4glHmu5sikegqXrz1fud naaZ8F6v3V4GouPkQR0b4kqmSyZZdPyjt0RRAjS0kSS07WWldREDXpCdyMPvuOxi /st9OG+h56zR0iic7OS1P7DXs75nVMagb9p1gVyCgbMrwoiq9W3fjk1dNPJHb8oM ePw97BVxSbsH1nsJNsh1RT5rJylOTOrUkV5NDzVK3StHBknyZ/j3iZ17BQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNpWAUr9hJCGai9OLeaE2XMHHScFMB8GA1UdIwQY MBaAFMtm52Y0VXPXFZ1nlO2u23OaJB+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEt NjViZjc5YjBhOTg5LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEtNjViZjc5YjBhOTg5 LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmIiEt20X XJ9C0Bi8qAxiAEjeNerRKg+Eh/LIZR6YjOQgK8l882RfYo0cyt7QvArJPV5uzVED 5a7lwgdST8h3HBpaJGnndiE6ldW6VW0+MfPRM7LVEejQF3/GP4KyFCOsJm4sEp2z Cp+Rpb53wDIE/Rvkcs9pCJCR+KVkscTzMLwDrHZft70kpL3JpHbsfvehNifY1+ay g+7wkIjItnHa+92bySN4leg3/e66v+XzegzNiHY/mm5RokY4otxEi8DokZhH1GKk T9R4F5DR3rzcTslg2krWTTa8mh06HDyJgRFjM7V/sWkGO3nrGXFD84gHcNkL/qbE f/0vmTqnC1t9xQ== -----END CERTIFICATE-----Generated at Mon Dec 15 21:28:52 2025 by rpki-client