This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft File: dy9wNcKJOyjNBP0amzys0kKMjf0.mft (raw, json) Hash identifier: UajhmTTORiEicVhoxptMwEakf6N6wTVyvj9aVpqZYAc= Subject key identifier: B2:2B:A5:2D:14:43:0F:6E:CD:47:43:4D:47:F6:1B:98:0F:F9:72:A8 Authority key identifier: 77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD Certificate issuer: /CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd Certificate serial: 019B4B154ED3563A27E59B0B7940AF93E08B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft Manifest number: 04AB Signing time: Tue 23 Dec 2025 12:00:46 +0000 Manifest this update: Tue 23 Dec 2025 12:00:46 +0000 Manifest next update: Wed 24 Dec 2025 12:00:46 +0000 Files and hashes: 1: 9jS2v21J95xARBtQOtdTT0EtYBQ.roa (hash: BeiYvaVP67aUM+eVkzjpflxlaHwkNmiJmUTQZAVqkOQ=) 2: dy9wNcKJOyjNBP0amzys0kKMjf0.crl (hash: xW3RmFoO5TrRUj9IZOCFXIVAKCPAToyKgG2vBmeqigE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 12:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:15:4e:d3:56:3a:27:e5:9b:0b:79:40:af:93:e0:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd Validity Not Before: Dec 23 12:00:46 2025 GMT Not After : Dec 24 12:00:46 2025 GMT Subject: CN=b22ba52d14430f6ecd47434d47f61b980ff972a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d8:6c:7c:ba:f9:16:fd:ea:af:4d:b3:fd:ff: b8:3c:fa:f8:cd:55:76:dd:75:47:17:98:8c:d7:ad: 41:f3:3b:e9:51:74:19:a7:7e:9f:93:17:95:d7:af: 3c:dd:37:4b:6c:03:a8:23:8f:60:50:dc:44:39:48: 15:bd:05:86:b1:10:2c:d6:b6:d4:b3:fb:9d:a7:b5: 96:02:46:12:6e:09:3d:a6:e1:9f:4c:9c:7a:4d:6c: 60:c7:31:f4:2d:67:f8:86:a1:3e:d8:18:1d:76:a9: 98:93:f0:04:5e:32:11:14:93:48:1d:b8:74:7c:87: bf:ca:45:db:f8:f6:1e:fb:f1:b2:03:e4:01:88:e6: ee:b1:e6:c7:af:c7:8a:e1:62:65:be:30:f1:c0:31: ce:90:d6:d1:f4:4a:b5:72:43:f3:e5:dc:f5:dc:97: c1:f4:16:77:f2:0f:35:50:3b:2f:3e:8f:8c:9b:9b: 9c:75:3b:ed:19:a3:b6:e0:c7:55:d4:f8:78:be:f5: 19:67:92:b5:56:d8:af:83:46:30:f1:b8:5c:c4:b6: c0:0e:fb:3f:2f:8b:ca:52:72:f5:67:f4:26:04:2f: c4:fa:84:64:1d:8c:68:1d:00:cb:b9:5f:0c:a2:34: 9b:27:86:67:8d:7f:e4:8d:f7:5b:11:53:12:25:42: 53:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2B:A5:2D:14:43:0F:6E:CD:47:43:4D:47:F6:1B:98:0F:F9:72:A8 X509v3 Authority Key Identifier: keyid:77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:5b:43:f8:b7:0f:18:03:c6:7f:67:df:70:9e:5a:9e:92:4c: 89:4e:49:6e:5f:22:80:d4:6e:d4:51:91:5a:bf:a9:9c:1f:a0: 44:c0:ce:0a:07:9b:64:19:e6:48:54:6e:fa:28:89:0a:e4:72: 08:1e:34:d2:c0:b7:73:0b:0d:b0:ed:87:70:19:8e:43:07:53: 61:58:ea:ca:41:1e:28:5f:a8:7d:61:02:71:c6:e9:9f:97:9e: 62:0d:58:34:06:79:3d:e6:5f:54:db:a7:03:50:af:43:a0:aa: ae:ec:f2:9f:5f:a8:4b:45:ab:d3:ab:09:df:80:b3:d9:38:e2: 40:b0:e8:cc:3d:ae:13:65:26:9d:27:13:7c:18:48:28:79:1c: 23:74:f4:a2:d9:c7:dd:cb:10:c4:0c:85:70:87:af:b4:1a:af: 21:a8:a5:4c:e4:43:be:d8:8a:d8:f2:f4:f8:ab:3c:a2:76:6f: a4:26:bf:29:b8:6c:a3:0e:cc:1f:56:c9:68:65:4c:73:d1:c2: 8c:4c:b0:1c:58:f7:20:87:e9:95:54:10:69:d4:f8:2e:75:cd: d3:3d:46:57:78:bb:45:f4:90:82:14:84:da:46:78:ee:18:6b: ed:58:3f:cd:17:4e:39:02:b1:3a:bf:d1:5f:e6:e3:26:ff:87: f4:7d:e4:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLFU7TVjon5ZsLeUCvk+CLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MmY3MDM1YzI4OTNiMjhjZDA0ZmQxYTliM2NhY2QyNDI4 YzhkZmQwHhcNMjUxMjIzMTIwMDQ2WhcNMjUxMjI0MTIwMDQ2WjAzMTEwLwYDVQQD EyhiMjJiYTUyZDE0NDMwZjZlY2Q0NzQzNGQ0N2Y2MWI5ODBmZjk3MmE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnthsfLr5Fv3qr02z/f+4PPr4zVV2 3XVHF5iM161B8zvpUXQZp36fkxeV16883TdLbAOoI49gUNxEOUgVvQWGsRAs1rbU s/udp7WWAkYSbgk9puGfTJx6TWxgxzH0LWf4hqE+2BgddqmYk/AEXjIRFJNIHbh0 fIe/ykXb+PYe+/GyA+QBiObusebHr8eK4WJlvjDxwDHOkNbR9Eq1ckPz5dz13JfB 9BZ38g81UDsvPo+Mm5ucdTvtGaO24MdV1Ph4vvUZZ5K1Vtivg0Yw8bhcxLbADvs/ L4vKUnL1Z/QmBC/E+oRkHYxoHQDLuV8MojSbJ4ZnjX/kjfdbEVMSJUJTeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLIrpS0UQw9uzUdDTUf2G5gP+XKoMB8GA1UdIwQY MBaAFHcvcDXCiTsozQT9Gps8rNJCjI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQt ODMwMzVhZmU0YTM3LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQtODMwMzVhZmU0YTM3 LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqVtD+LcP GAPGf2ffcJ5anpJMiU5Jbl8igNRu1FGRWr+pnB+gRMDOCgebZBnmSFRu+iiJCuRy CB400sC3cwsNsO2HcBmOQwdTYVjqykEeKF+ofWECccbpn5eeYg1YNAZ5PeZfVNun A1CvQ6Cqruzyn1+oS0Wr06sJ34Cz2TjiQLDozD2uE2UmnScTfBhIKHkcI3T0otnH 3csQxAyFcIevtBqvIailTORDvtiK2PL0+Ks8onZvpCa/Kbhsow7MH1bJaGVMc9HC jEywHFj3IIfplVQQadT4LnXN0z1GV3i7RfSQghSE2kZ47hhr7Vg/zRdOOQKxOr/R X+bjJv+H9H3koQ== -----END CERTIFICATE-----Generated at Tue Dec 23 16:46:26 2025 by rpki-client