This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft File: yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json) Hash identifier: /OHVV8wO2GRXjnkSSwzmPCvmqBf1PnkbiIYhyg2mKF4= Subject key identifier: C5:07:D4:F2:3F:7D:D9:B6:77:7A:36:D4:AA:97:0B:F8:AF:74:0E:44 Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 Certificate issuer: /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Certificate serial: 019B44007A1CB6D71819085CF44D8D098314 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft Manifest number: 12F9 Signing time: Mon 22 Dec 2025 03:00:40 +0000 Manifest this update: Mon 22 Dec 2025 03:00:40 +0000 Manifest next update: Tue 23 Dec 2025 03:00:40 +0000 Files and hashes: 1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: ZUfKaxqUtCgQ7Dm93ptwAmz0IhTQW5CnWDuQ1dnyD5Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:00:7a:1c:b6:d7:18:19:08:5c:f4:4d:8d:09:83:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Validity Not Before: Dec 22 03:00:40 2025 GMT Not After : Dec 23 03:00:40 2025 GMT Subject: CN=c507d4f23f7dd9b6777a36d4aa970bf8af740e44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:44:69:6d:e7:b9:04:d9:3d:88:7d:cc:51:c6: 6e:7e:91:27:ae:5b:08:2a:c1:f7:4b:66:fd:45:ba: 2d:c4:63:7b:b2:62:0d:98:b1:d7:53:30:eb:bf:1c: d9:7c:20:1b:fc:04:52:be:3d:a8:79:ac:87:60:72: 54:de:ed:7c:ba:93:b5:89:50:ab:eb:a0:41:98:ba: 73:84:62:55:4b:36:8f:07:8d:a8:a5:a0:75:f7:18: 01:22:5d:b2:a4:09:f1:f6:80:fe:bf:13:8f:86:b2: 7f:35:6c:af:36:49:61:a1:8d:e4:e7:d0:dd:ee:2a: 0d:fd:99:68:b1:53:14:34:7e:4c:c5:ff:75:c3:0d: d1:23:e7:5d:9b:ef:fb:f1:f5:84:21:e0:94:d5:6b: a1:1f:24:85:b5:db:ff:19:42:72:c3:55:5e:32:14: 90:c2:25:5f:f5:90:ee:fc:51:bd:0f:9d:02:0d:98: 7d:63:1f:db:ca:5d:8e:aa:ab:23:39:b2:c6:56:28: 0a:8d:06:39:90:3b:74:de:a4:b4:6e:86:bb:34:65: ae:7c:d0:1b:e5:ec:e5:51:3e:b3:3e:28:b1:99:7c: 39:38:84:fb:86:86:4c:1f:19:7e:13:28:1a:03:a3: 40:7e:7b:53:6a:9e:84:3a:ee:0c:40:f2:90:0f:83: 2d:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:07:D4:F2:3F:7D:D9:B6:77:7A:36:D4:AA:97:0B:F8:AF:74:0E:44 X509v3 Authority Key Identifier: keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:48:4b:15:84:01:78:36:63:9c:d3:8d:44:49:f1:49:49:cd: cb:8f:a6:48:19:c7:eb:f6:c4:d0:2e:68:eb:39:de:c8:14:08: f1:17:0b:99:3a:9c:41:10:fc:88:0f:31:ff:ef:88:7e:58:76: d4:1d:aa:c6:e4:84:ff:dc:56:25:6b:f8:af:c6:a5:24:95:c5: b0:22:a4:f4:63:1d:9a:11:70:80:48:76:85:d8:c6:c1:74:18: f0:12:a2:3a:95:99:49:2a:03:92:e2:78:89:ac:d4:a7:89:6d: f8:6c:03:c8:b1:38:60:8f:d0:fe:87:6a:fb:cb:70:d8:59:ee: 1f:95:75:fb:66:c7:12:ab:d9:35:2c:68:c5:f8:78:5c:d5:ab: 5f:0e:92:bd:f1:eb:8b:e4:27:8f:be:82:5d:24:1e:76:63:34: 45:2c:4a:4d:2d:0d:19:7c:2e:5c:e4:61:1c:8b:af:6d:44:6a: 67:bd:ac:85:42:d9:f7:52:6e:65:67:ac:65:4c:96:0f:44:2a: 7f:04:31:88:1a:1d:56:cb:bd:22:f2:a7:39:f8:82:b1:2f:c3: 69:07:96:95:b0:6f:97:5d:d3:16:2d:1c:91:62:b9:ec:3b:e4: 45:44:13:5b:07:d8:87:15:2b:ee:09:15:8f:5c:13:04:75:fe: c0:23:95:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEAHocttcYGQhc9E2NCYMUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm NGU5YzMwHhcNMjUxMjIyMDMwMDQwWhcNMjUxMjIzMDMwMDQwWjAzMTEwLwYDVQQD EyhjNTA3ZDRmMjNmN2RkOWI2Nzc3YTM2ZDRhYTk3MGJmOGFmNzQwZTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10Rpbee5BNk9iH3MUcZufpEnrlsI KsH3S2b9RbotxGN7smINmLHXUzDrvxzZfCAb/ARSvj2oeayHYHJU3u18upO1iVCr 66BBmLpzhGJVSzaPB42opaB19xgBIl2ypAnx9oD+vxOPhrJ/NWyvNklhoY3k59Dd 7ioN/ZlosVMUNH5Mxf91ww3RI+ddm+/78fWEIeCU1WuhHySFtdv/GUJyw1VeMhSQ wiVf9ZDu/FG9D50CDZh9Yx/byl2OqqsjObLGVigKjQY5kDt03qS0boa7NGWufNAb 5ezlUT6zPiixmXw5OIT7hoZMHxl+EygaA6NAfntTap6EOu4MQPKQD4MtzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMUH1PI/fdm2d3o21KqXC/ivdA5EMB8GA1UdIwQY MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5 LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK0hLFYQB eDZjnNONREnxSUnNy4+mSBnH6/bE0C5o6zneyBQI8RcLmTqcQRD8iA8x/++Iflh2 1B2qxuSE/9xWJWv4r8alJJXFsCKk9GMdmhFwgEh2hdjGwXQY8BKiOpWZSSoDkuJ4 iazUp4lt+GwDyLE4YI/Q/odq+8tw2FnuH5V1+2bHEqvZNSxoxfh4XNWrXw6SvfHr i+Qnj76CXSQedmM0RSxKTS0NGXwuXORhHIuvbURqZ72shULZ91JuZWesZUyWD0Qq fwQxiBodVsu9IvKnOfiCsS/DaQeWlbBvl13TFi0ckWK57DvkRUQTWwfYhxUr7gkV j1wTBHX+wCOV7g== -----END CERTIFICATE-----Generated at Mon Dec 22 05:35:13 2025 by rpki-client