This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft File: ny83TJpzj63o-FDKq11507kARYQ.mft (raw, json) Hash identifier: k9Y7ouRIxHBIb5Fk1Ruj6JVOzQ6jjL7rDWzfaNFxxQ4= Subject key identifier: 64:D6:8A:81:B6:64:9A:81:74:33:0E:22:F0:B1:A9:9A:8E:79:26:88 Authority key identifier: 9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84 Certificate issuer: /CN=9f2f374c9a738fade8f850caab5d79d3b9004584 Certificate serial: 019B34C4A00492EB259EC8BB39F67EA2B700 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft Manifest number: 1780 Signing time: Fri 19 Dec 2025 04:00:59 +0000 Manifest this update: Fri 19 Dec 2025 04:00:59 +0000 Manifest next update: Sat 20 Dec 2025 04:00:59 +0000 Files and hashes: 1: ny83TJpzj63o-FDKq11507kARYQ.crl (hash: Cj8AHmOrx+Sycb7Cagrd/2M7uMaZ5sVw0YPoxkjol1k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:a0:04:92:eb:25:9e:c8:bb:39:f6:7e:a2:b7:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f2f374c9a738fade8f850caab5d79d3b9004584 Validity Not Before: Dec 19 04:00:59 2025 GMT Not After : Dec 20 04:00:59 2025 GMT Subject: CN=64d68a81b6649a8174330e22f0b1a99a8e792688 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:e1:d1:05:21:e2:86:5a:c2:a7:de:66:c9:f6: a4:e3:7e:21:07:b4:2c:37:9b:bd:43:8b:86:17:2d: 40:bd:50:5f:d1:43:b0:b4:8e:85:53:e8:97:d5:13: f5:a0:cf:69:42:df:31:e0:45:30:a5:e0:3c:29:fe: 54:f3:34:b9:7b:08:e5:30:8e:15:f9:42:7e:b3:2f: 19:89:f8:71:0a:c3:13:56:7b:8c:0e:a3:01:2f:f2: 3d:0b:5c:f3:a6:5f:c1:c9:cb:a4:f3:8f:8a:9c:f0: bb:3f:14:a9:ec:43:fb:32:51:62:92:e9:f5:21:cf: 9d:cd:d2:11:7e:6d:7e:82:ad:0a:84:7d:91:8c:f9: 42:ea:22:76:69:cf:bf:4f:89:d9:36:8e:e3:a9:fb: a6:19:65:27:81:28:7b:21:bb:d6:34:55:c3:03:f0: 5e:2b:40:4b:66:b0:2d:94:07:a5:30:e8:c1:e9:1f: ea:62:b2:9d:3b:2d:39:e0:9f:b0:e8:14:99:85:54: 6c:63:76:0b:87:98:9d:61:e1:7d:25:ef:81:ea:b5: 06:89:98:77:96:c2:ed:ac:b2:ac:d8:2e:09:e1:5a: fe:06:a6:4d:3a:31:e1:71:0e:91:88:92:7d:68:bc: 0a:ca:43:d4:f4:d7:9a:3d:bb:5e:0d:da:6a:7f:27: cd:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:D6:8A:81:B6:64:9A:81:74:33:0E:22:F0:B1:A9:9A:8E:79:26:88 X509v3 Authority Key Identifier: keyid:9F:2F:37:4C:9A:73:8F:AD:E8:F8:50:CA:AB:5D:79:D3:B9:00:45:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny83TJpzj63o-FDKq11507kARYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/634e76-5c5f-44c4-b8a4-524e930e5fd1/1/ny83TJpzj63o-FDKq11507kARYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:72:f9:69:c2:4a:b7:43:77:4d:66:c6:55:0b:fb:81:25:41: fa:33:24:6c:35:28:88:8d:b2:e7:88:18:81:d4:17:8d:17:4d: 96:5b:59:99:ee:d4:ad:90:03:7d:78:88:79:7b:31:2a:96:fb: 00:c8:62:17:93:57:16:88:0b:9e:06:27:74:1c:fd:7c:9b:3d: 59:b4:69:7f:58:97:e6:24:f9:60:c6:40:7d:e7:67:6d:13:98: 11:56:9a:47:f0:8c:69:3c:85:f8:14:ad:12:fb:ab:fc:6e:ce: 9e:de:6a:00:ca:42:07:ac:d1:ef:f4:b2:64:f8:96:6a:86:3e: 6e:15:6c:cd:23:69:b3:23:b6:a7:c4:76:ac:5d:78:59:7b:89: 5f:64:9c:84:d4:54:c1:48:92:a2:1b:e4:f3:68:de:32:8e:fa: 50:d7:cf:86:31:80:a8:d4:cb:ec:95:93:72:a5:e4:6d:03:b7: 25:05:54:68:da:09:da:a9:2e:e5:6a:da:25:08:e2:1f:a9:54: 53:c6:a8:17:8d:e9:96:d2:1b:2f:25:0d:f7:50:bc:9a:85:f7: f1:fd:d3:d4:94:a0:b1:23:c0:64:bb:7a:2d:90:d7:fc:c7:b8: 6e:07:21:88:70:24:7e:4f:1e:ba:6f:2d:23:d5:a0:e5:d9:dd: 9a:2f:0b:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xKAEkuslnsi7OfZ+orcAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMmYzNzRjOWE3MzhmYWRlOGY4NTBjYWFiNWQ3OWQzYjkw MDQ1ODQwHhcNMjUxMjE5MDQwMDU5WhcNMjUxMjIwMDQwMDU5WjAzMTEwLwYDVQQD Eyg2NGQ2OGE4MWI2NjQ5YTgxNzQzMzBlMjJmMGIxYTk5YThlNzkyNjg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuHRBSHihlrCp95myfak434hB7Qs N5u9Q4uGFy1AvVBf0UOwtI6FU+iX1RP1oM9pQt8x4EUwpeA8Kf5U8zS5ewjlMI4V +UJ+sy8ZifhxCsMTVnuMDqMBL/I9C1zzpl/Bycuk84+KnPC7PxSp7EP7MlFikun1 Ic+dzdIRfm1+gq0KhH2RjPlC6iJ2ac+/T4nZNo7jqfumGWUngSh7IbvWNFXDA/Be K0BLZrAtlAelMOjB6R/qYrKdOy054J+w6BSZhVRsY3YLh5idYeF9Je+B6rUGiZh3 lsLtrLKs2C4J4Vr+BqZNOjHhcQ6RiJJ9aLwKykPU9NeaPbteDdpqfyfNjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGTWioG2ZJqBdDMOIvCxqZqOeSaIMB8GA1UdIwQY MBaAFJ8vN0yac4+t6PhQyqtdedO5AEWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQt NTI0ZTkzMGU1ZmQxLzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS82MzRlNzYtNWM1Zi00NGM0LWI4YTQtNTI0ZTkzMGU1ZmQx LzEvbnk4M1RKcHpqNjNvLUZES3ExMTUwN2tBUllRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYXL5acJK t0N3TWbGVQv7gSVB+jMkbDUoiI2y54gYgdQXjRdNlltZme7UrZADfXiIeXsxKpb7 AMhiF5NXFogLngYndBz9fJs9WbRpf1iX5iT5YMZAfednbROYEVaaR/CMaTyF+BSt Evur/G7Ont5qAMpCB6zR7/SyZPiWaoY+bhVszSNpsyO2p8R2rF14WXuJX2SchNRU wUiSohvk82jeMo76UNfPhjGAqNTL7JWTcqXkbQO3JQVUaNoJ2qku5WraJQjiH6lU U8aoF43pltIbLyUN91C8moX38f3T1JSgsSPAZLt6LZDX/Me4bgchiHAkfk8eum8t I9Wg5dndmi8L8A== -----END CERTIFICATE-----Generated at Fri Dec 19 09:17:06 2025 by rpki-client