This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.mft File: 0YZHAF-osG5H7i77_e3Jegx3Vfg.mft (raw, json) Hash identifier: SuLV9BiffYCPLBpEdfs7TfFAv3g7nc636So4NS8pStI= Subject key identifier: 11:0E:F8:1E:2D:08:EC:8B:E7:9C:AE:4E:72:35:2D:AF:B2:C4:B5:83 Authority key identifier: D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8 Certificate issuer: /CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8 Certificate serial: 019B2175E9ED066351FAF2A206CA6CB5F9B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.mft Manifest number: 177A Signing time: Mon 15 Dec 2025 10:02:14 +0000 Manifest this update: Mon 15 Dec 2025 10:02:14 +0000 Manifest next update: Tue 16 Dec 2025 10:02:14 +0000 Files and hashes: 1: 0YZHAF-osG5H7i77_e3Jegx3Vfg.crl (hash: r50HJwNvCSoiTrWPrvkzXbfK1U9PbhykDzQ5LF00sEs=) 2: ZyIu060SPaMWxMQNL4CIeyP46Zk.roa (hash: GVU/SWZQhKij7yAFfd4z7w9wi6LHgd9IcJaXLlSPbVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.mft rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:e9:ed:06:63:51:fa:f2:a2:06:ca:6c:b5:f9:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d18647005fa8b06e47ee2efbfdedc97a0c7755f8 Validity Not Before: Dec 15 10:02:14 2025 GMT Not After : Dec 16 10:02:14 2025 GMT Subject: CN=110ef81e2d08ec8be79cae4e72352dafb2c4b583 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e6:94:00:f8:88:80:27:99:7e:6e:da:61:fc: f2:93:fa:ec:14:c6:b5:3d:0b:d1:77:50:24:1a:b5: 55:92:8e:fa:f3:1e:8b:17:25:a5:90:15:77:ce:37: 95:b1:c6:84:d6:30:24:7e:ba:9f:1f:03:b3:4a:f5: 27:3c:04:14:7a:c0:67:1f:9b:3a:1d:c5:dd:56:55: 11:5b:9e:10:ac:6f:f2:97:4f:01:20:32:b3:52:2c: 8c:e7:cd:4f:f3:a3:dd:fa:1d:1d:ce:a8:96:fe:1e: 6b:66:72:71:31:42:cb:10:84:f6:1e:af:33:c8:00: 4b:73:8d:8d:f1:b2:39:6f:1f:33:e4:b6:bf:7d:ce: c6:5c:ea:df:02:bd:4d:5e:ab:54:15:28:8c:d4:88: 72:71:07:5a:3d:d3:5a:0a:d2:ca:4d:7a:60:ed:22: 82:09:b0:67:b3:a1:3d:cd:62:d1:88:15:bd:29:c9: f7:45:b2:20:38:32:7f:f9:ff:f9:dd:0d:c0:47:36: 52:bc:1b:56:94:d4:0c:75:e7:cb:61:1f:ea:6b:34: c0:9d:50:ae:7c:92:4b:0c:54:2c:2c:88:ce:9f:25: e3:4a:3c:c7:a2:8d:9e:2c:0f:ec:d9:73:2d:10:a2: 7a:4f:95:c8:43:a4:9b:79:d7:c5:dc:40:e2:c4:76: 9b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:0E:F8:1E:2D:08:EC:8B:E7:9C:AE:4E:72:35:2D:AF:B2:C4:B5:83 X509v3 Authority Key Identifier: keyid:D1:86:47:00:5F:A8:B0:6E:47:EE:2E:FB:FD:ED:C9:7A:0C:77:55:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YZHAF-osG5H7i77_e3Jegx3Vfg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7fa791-b3c9-48ae-8034-c2104673c20b/1/0YZHAF-osG5H7i77_e3Jegx3Vfg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:5b:cb:3e:f8:fd:2e:75:d9:3b:64:24:43:58:57:16:32:b4: b2:7b:86:f1:2c:4f:c7:15:85:dd:d1:0a:67:b2:da:0c:d0:b0: ff:9a:42:e6:e4:43:6f:7f:6e:0d:98:7f:03:c9:b9:31:0f:a1: f1:ac:3c:96:f4:fc:f0:78:93:fc:e2:a2:10:f5:dd:11:a2:0d: 0b:4d:0b:13:e4:c1:5f:75:39:f2:52:98:e5:ac:3a:03:2c:05: 30:71:bd:c2:94:34:09:b6:92:1d:38:59:da:84:3b:85:98:39: 2c:71:0b:8a:cf:89:27:bc:74:b8:8e:a9:8c:ab:7a:a8:b2:d9: cf:e8:14:67:f7:d5:d9:65:ab:31:15:4b:6f:b0:02:30:4f:f8: c5:52:95:b3:7c:a0:c9:c9:0c:a5:f4:4a:07:ff:c6:a6:e0:b1: 89:4f:9e:c0:d2:10:71:28:92:d9:05:96:8d:45:a6:18:85:5f: 0d:41:e5:fb:74:30:e7:28:7b:a3:9e:5b:b5:ae:46:58:6c:00: d9:bc:a8:33:97:05:46:08:aa:9b:ab:1e:81:ab:2d:a6:ac:0e: 6c:5d:11:1c:3b:1f:25:c4:41:a3:3d:0e:94:c8:dd:0a:21:74: b6:16:67:82:f4:bd:8b:c3:8b:e2:c2:c2:79:be:10:5e:a5:f1: b3:61:41:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdentBmNR+vKiBspstfm1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxODY0NzAwNWZhOGIwNmU0N2VlMmVmYmZkZWRjOTdhMGM3 NzU1ZjgwHhcNMjUxMjE1MTAwMjE0WhcNMjUxMjE2MTAwMjE0WjAzMTEwLwYDVQQD EygxMTBlZjgxZTJkMDhlYzhiZTc5Y2FlNGU3MjM1MmRhZmIyYzRiNTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruaUAPiIgCeZfm7aYfzyk/rsFMa1 PQvRd1AkGrVVko768x6LFyWlkBV3zjeVscaE1jAkfrqfHwOzSvUnPAQUesBnH5s6 HcXdVlURW54QrG/yl08BIDKzUiyM581P86Pd+h0dzqiW/h5rZnJxMULLEIT2Hq8z yABLc42N8bI5bx8z5La/fc7GXOrfAr1NXqtUFSiM1IhycQdaPdNaCtLKTXpg7SKC CbBns6E9zWLRiBW9Kcn3RbIgODJ/+f/53Q3ARzZSvBtWlNQMdefLYR/qazTAnVCu fJJLDFQsLIjOnyXjSjzHoo2eLA/s2XMtEKJ6T5XIQ6SbedfF3EDixHabTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBEO+B4tCOyL55yuTnI1La+yxLWDMB8GA1UdIwQY MBaAFNGGRwBfqLBuR+4u+/3tyXoMd1X4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFlaSEFGLW9zRzVIN2k3N19lM0plZ3gzVmZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZmE3OTEtYjNjOS00OGFlLTgwMzQt YzIxMDQ2NzNjMjBiLzEvMFlaSEFGLW9zRzVIN2k3N19lM0plZ3gzVmZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83ZmE3OTEtYjNjOS00OGFlLTgwMzQtYzIxMDQ2NzNjMjBi LzEvMFlaSEFGLW9zRzVIN2k3N19lM0plZ3gzVmZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFvLPvj9 LnXZO2QkQ1hXFjK0snuG8SxPxxWF3dEKZ7LaDNCw/5pC5uRDb39uDZh/A8m5MQ+h 8aw8lvT88HiT/OKiEPXdEaINC00LE+TBX3U58lKY5aw6AywFMHG9wpQ0CbaSHThZ 2oQ7hZg5LHELis+JJ7x0uI6pjKt6qLLZz+gUZ/fV2WWrMRVLb7ACME/4xVKVs3yg yckMpfRKB//GpuCxiU+ewNIQcSiS2QWWjUWmGIVfDUHl+3Qw5yh7o55bta5GWGwA 2byoM5cFRgiqm6segastpqwObF0RHDsfJcRBoz0OlMjdCiF0thZngvS9i8OL4sLC eb4QXqXxs2FBJA== -----END CERTIFICATE-----Generated at Mon Dec 15 16:51:31 2025 by rpki-client