This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft File: JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json) Hash identifier: ybXw2qguXPMpLkcjjMBjidim/lTnAtrGiO9tJj5yC6Y= Subject key identifier: A4:DF:49:6B:12:A1:A9:88:84:62:8C:E1:73:C5:F3:1E:41:60:03:7F Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b Certificate serial: 019B0FA53CCA53B89D03D9190FEE83B0E8EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft Manifest number: 0ABC Signing time: Thu 11 Dec 2025 23:00:45 +0000 Manifest this update: Thu 11 Dec 2025 23:00:45 +0000 Manifest next update: Fri 12 Dec 2025 23:00:45 +0000 Files and hashes: 1: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (hash: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=) 2: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: LGpcgCvyqjqGa4dCAoNy0NBS3V9s5NOAO+HR3gPauOo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a5:3c:ca:53:b8:9d:03:d9:19:0f:ee:83:b0:e8:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=258f0753c033c1af091866d094264512696ca68b Validity Not Before: Dec 11 23:00:45 2025 GMT Not After : Dec 12 23:00:45 2025 GMT Subject: CN=a4df496b12a1a98884628ce173c5f31e4160037f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:39:b5:68:49:4e:bd:0c:10:d2:88:b8:5d:32: 8f:e7:23:4f:cb:17:56:63:b4:1b:38:3a:06:7f:7e: 03:e5:9e:a4:2b:d3:c5:2e:96:b6:4d:1d:81:8c:87: ba:3c:7b:bc:f5:d9:09:6f:27:0a:5d:5b:b1:73:ae: b7:cc:b7:ab:5b:67:cc:ca:c1:83:ec:95:cb:06:d6: 69:92:db:f0:52:29:22:4d:f0:fc:77:c3:e2:ea:2e: 9d:ac:e2:79:0b:1b:b6:82:97:47:c8:4c:ee:fb:3f: 9d:69:f5:58:94:c0:9b:8f:be:41:8a:20:33:5e:a7: 9a:58:48:e6:36:39:49:3e:c7:80:d6:5d:78:a5:fb: 1b:9d:c9:a8:ac:7d:e0:42:b6:3f:15:45:af:2c:c7: 00:2e:b5:d7:a9:e9:61:e5:b5:1a:46:bc:d1:be:5b: 4a:90:0f:ba:e6:56:25:59:73:89:27:74:56:3d:ae: 04:79:95:c5:57:34:09:1d:41:a4:ca:e4:81:b5:dd: 53:2f:59:b3:3c:a8:e4:0b:e3:14:1c:c0:8f:20:e3: f7:f9:61:ab:88:65:d4:ff:b8:f2:e5:1a:8d:3c:5d: 05:84:37:f3:62:3d:00:91:bd:08:9c:60:02:77:1f: 1c:de:1d:51:44:0f:8c:45:1c:c3:2d:be:5f:b2:11: 73:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:DF:49:6B:12:A1:A9:88:84:62:8C:E1:73:C5:F3:1E:41:60:03:7F X509v3 Authority Key Identifier: keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:8b:9f:9a:cb:f1:34:fd:ea:a2:08:81:a4:36:4e:6a:01:ac: 5a:ad:f2:c6:3d:75:c8:52:8c:80:41:68:4c:b6:55:b4:51:a9: f3:01:35:85:87:8e:f6:c1:7b:48:e9:56:15:30:88:9d:71:93: 9d:d5:ce:49:37:87:22:46:45:3c:fc:ce:3c:d1:e3:95:66:f0: 2b:1b:a0:d3:f0:ce:d6:11:34:fd:c7:58:19:93:22:23:8e:ee: 97:e6:49:d2:1e:1e:26:80:47:78:7d:87:50:5d:1b:55:bc:e8: 8a:fe:7b:99:7f:11:58:c0:2a:89:34:07:2c:ca:d9:5a:2f:af: ca:db:0f:12:17:9b:ce:95:c5:b2:47:b4:32:aa:53:02:83:43: cf:83:22:59:4a:e8:e2:64:e0:12:b6:b0:a7:03:f2:20:b9:d2: b4:44:ad:69:e2:f1:9f:4b:98:c9:06:cb:1c:ff:1e:d8:93:69: 96:70:ef:1f:6d:4c:4a:94:cd:23:cb:21:5e:32:2b:17:ac:7f: 76:9b:99:59:3b:fd:d1:53:7c:c8:e0:74:5a:54:d8:a9:d7:d5: fc:4d:f7:bd:d1:e0:3e:ba:d9:63:06:40:68:47:95:de:b5:e8: a7:45:40:2d:44:b5:47:5a:fb:44:92:d0:76:9c:70:98:18:3a: 30:08:71:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpTzKU7idA9kZD+6DsOjrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2 Y2E2OGIwHhcNMjUxMjExMjMwMDQ1WhcNMjUxMjEyMjMwMDQ1WjAzMTEwLwYDVQQD EyhhNGRmNDk2YjEyYTFhOTg4ODQ2MjhjZTE3M2M1ZjMxZTQxNjAwMzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDm1aElOvQwQ0oi4XTKP5yNPyxdW Y7QbODoGf34D5Z6kK9PFLpa2TR2BjIe6PHu89dkJbycKXVuxc663zLerW2fMysGD 7JXLBtZpktvwUikiTfD8d8Pi6i6drOJ5Cxu2gpdHyEzu+z+dafVYlMCbj75BiiAz XqeaWEjmNjlJPseA1l14pfsbncmorH3gQrY/FUWvLMcALrXXqelh5bUaRrzRvltK kA+65lYlWXOJJ3RWPa4EeZXFVzQJHUGkyuSBtd1TL1mzPKjkC+MUHMCPIOP3+WGr iGXU/7jy5RqNPF0FhDfzYj0Akb0InGACdx8c3h1RRA+MRRzDLb5fshFzjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKTfSWsSoamIhGKM4XPF8x5BYAN/MB8GA1UdIwQY MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2 LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQoufmsvx NP3qogiBpDZOagGsWq3yxj11yFKMgEFoTLZVtFGp8wE1hYeO9sF7SOlWFTCInXGT ndXOSTeHIkZFPPzOPNHjlWbwKxug0/DO1hE0/cdYGZMiI47ul+ZJ0h4eJoBHeH2H UF0bVbzoiv57mX8RWMAqiTQHLMrZWi+vytsPEhebzpXFske0MqpTAoNDz4MiWUro 4mTgErawpwPyILnStEStaeLxn0uYyQbLHP8e2JNplnDvH21MSpTNI8shXjIrF6x/ dpuZWTv90VN8yOB0WlTYqdfV/E33vdHgPrrZYwZAaEeV3rXop0VALUS1R1r7RJLQ dpxwmBg6MAhxgA== -----END CERTIFICATE-----Generated at Fri Dec 12 07:58:51 2025 by rpki-client