This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft File: p_555OY70WvEI3WStoTQBDPL0PY.mft (raw, json) Hash identifier: CNkJYpaDaXAcDw3oUhIu/edDQDTCwep61jw9KHCuZts= Subject key identifier: 1F:B6:35:DF:61:38:A1:39:C1:E9:6B:08:2E:17:6B:79:EF:C4:06:06 Authority key identifier: A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6 Certificate issuer: /CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6 Certificate serial: 019B217644B4F3E316DC6336A8D985988BC9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft Manifest number: 08BC Signing time: Mon 15 Dec 2025 10:02:37 +0000 Manifest this update: Mon 15 Dec 2025 10:02:37 +0000 Manifest next update: Tue 16 Dec 2025 10:02:37 +0000 Files and hashes: 1: p_555OY70WvEI3WStoTQBDPL0PY.crl (hash: ozSMDY3LWI/qvl7+djSY1RweE911QMDNoXuyb4j4pg4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:76:44:b4:f3:e3:16:dc:63:36:a8:d9:85:98:8b:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a7fe79e4e63bd16bc4237592b684d00433cbd0f6 Validity Not Before: Dec 15 10:02:37 2025 GMT Not After : Dec 16 10:02:37 2025 GMT Subject: CN=1fb635df6138a139c1e96b082e176b79efc40606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:58:5f:9e:21:cf:de:c5:0b:82:6e:20:b3:19: 33:59:b3:14:cc:73:27:d6:f8:09:a8:7f:7b:c3:0d: d5:7b:6c:80:d0:1c:2c:65:d6:81:e5:b3:18:f4:23: de:16:9e:16:7c:b2:8e:be:df:4a:dd:2f:6d:0a:86: 93:03:88:df:c8:4b:58:7b:fa:58:12:bf:89:78:45: dc:f3:b4:9b:7b:50:8b:5f:94:1e:37:4f:43:43:67: 31:bc:71:25:c9:7e:cc:59:e2:77:9e:8c:97:6b:2c: 8a:91:b1:ca:86:49:bb:1f:00:33:87:2a:2b:a4:68: 8a:3c:5c:1d:e4:47:e8:33:71:eb:cf:a8:99:42:fe: 36:f0:7b:85:1e:c2:15:03:c3:68:1a:88:3a:2b:9c: 76:8e:57:1d:a6:e7:df:ed:16:ee:eb:2c:bb:7e:6d: 48:d7:99:13:cd:fd:0e:87:08:47:61:56:82:f2:c2: ec:72:fc:12:f6:0c:53:2e:f7:f4:2e:fd:3d:9a:6b: 4d:9c:60:d3:31:fa:b6:83:0f:cb:f9:51:1a:a7:ae: 33:2e:38:c3:55:cc:47:13:97:e7:4b:5e:1f:87:84: 52:af:62:f5:78:25:16:1d:98:2a:67:ee:16:fb:9a: 70:dd:35:f9:b3:5b:1a:03:55:74:53:22:ba:c1:d7: 8a:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:B6:35:DF:61:38:A1:39:C1:E9:6B:08:2E:17:6B:79:EF:C4:06:06 X509v3 Authority Key Identifier: keyid:A7:FE:79:E4:E6:3B:D1:6B:C4:23:75:92:B6:84:D0:04:33:CB:D0:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_555OY70WvEI3WStoTQBDPL0PY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/14b5c1-a333-449b-b280-251a7b13c118/1/p_555OY70WvEI3WStoTQBDPL0PY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:d5:37:09:f8:b5:b0:df:22:0a:b6:18:72:0d:c4:2e:61:5e: e4:af:0d:8e:23:28:e8:99:7a:e2:58:89:f8:5d:d5:c3:72:1a: 50:f1:d7:29:1a:5f:63:3c:bd:01:c1:fc:10:38:75:21:e5:17: a5:cf:88:0e:2b:69:a6:95:e3:67:57:f0:2a:53:63:92:30:bc: 1f:44:84:21:bb:7c:53:75:be:49:6d:0f:5f:ac:51:9c:b0:c1: 76:bc:69:19:46:84:b6:5c:a9:c8:b2:37:a4:67:24:95:b5:f9: a7:16:75:b3:a0:d0:0f:53:36:29:48:61:b3:95:d7:30:49:4a: d7:b3:e3:71:c5:71:93:0c:39:f9:ca:36:b8:d1:67:f9:8c:e4: 1d:f0:73:32:09:a2:82:86:12:b3:d3:10:41:26:2b:a3:9d:17: a4:af:ec:e5:e4:12:f3:aa:f0:46:4e:29:8c:b5:78:d7:57:58: 3f:43:8a:be:05:13:89:9f:ab:07:dd:17:d0:8a:35:5b:8e:cf: c9:64:eb:05:37:7f:62:72:a7:3f:e1:3a:36:8d:82:d1:9f:21: aa:06:59:52:92:1f:d6:da:aa:50:69:f9:f9:df:a4:c9:5e:aa: 52:df:9f:8d:ba:ce:35:3f:c2:8e:70:13:9e:3b:34:f9:74:29: 39:85:45:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdkS08+MW3GM2qNmFmIvJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3ZmU3OWU0ZTYzYmQxNmJjNDIzNzU5MmI2ODRkMDA0MzNj YmQwZjYwHhcNMjUxMjE1MTAwMjM3WhcNMjUxMjE2MTAwMjM3WjAzMTEwLwYDVQQD EygxZmI2MzVkZjYxMzhhMTM5YzFlOTZiMDgyZTE3NmI3OWVmYzQwNjA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FhfniHP3sULgm4gsxkzWbMUzHMn 1vgJqH97ww3Ve2yA0BwsZdaB5bMY9CPeFp4WfLKOvt9K3S9tCoaTA4jfyEtYe/pY Er+JeEXc87Sbe1CLX5QeN09DQ2cxvHElyX7MWeJ3noyXayyKkbHKhkm7HwAzhyor pGiKPFwd5EfoM3Hrz6iZQv428HuFHsIVA8NoGog6K5x2jlcdpuff7Rbu6yy7fm1I 15kTzf0OhwhHYVaC8sLscvwS9gxTLvf0Lv09mmtNnGDTMfq2gw/L+VEap64zLjjD VcxHE5fnS14fh4RSr2L1eCUWHZgqZ+4W+5pw3TX5s1saA1V0UyK6wdeKQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB+2Nd9hOKE5welrCC4Xa3nvxAYGMB8GA1UdIwQY MBaAFKf+eeTmO9FrxCN1kraE0AQzy9D2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAt MjUxYTdiMTNjMTE4LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8xNGI1YzEtYTMzMy00NDliLWIyODAtMjUxYTdiMTNjMTE4 LzEvcF81NTVPWTcwV3ZFSTNXU3RvVFFCRFBMMFBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdU3Cfi1 sN8iCrYYcg3ELmFe5K8NjiMo6Jl64liJ+F3Vw3IaUPHXKRpfYzy9AcH8EDh1IeUX pc+IDitpppXjZ1fwKlNjkjC8H0SEIbt8U3W+SW0PX6xRnLDBdrxpGUaEtlypyLI3 pGcklbX5pxZ1s6DQD1M2KUhhs5XXMElK17PjccVxkww5+co2uNFn+YzkHfBzMgmi goYSs9MQQSYro50XpK/s5eQS86rwRk4pjLV411dYP0OKvgUTiZ+rB90X0Io1W47P yWTrBTd/YnKnP+E6No2C0Z8hqgZZUpIf1tqqUGn5+d+kyV6qUt+fjbrONT/CjnAT njs0+XQpOYVFoA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:36:11 2025 by rpki-client