This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft File: yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft (raw, json) Hash identifier: a+tbUv8RYUayqN8SNnZqRvAPi5tE97P51pW83Nh7A1o= Subject key identifier: 96:A2:91:B8:99:57:15:13:CA:E4:5D:07:48:7B:48:60:8E:8D:45:27 Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49 Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49 Certificate serial: 019B5F77C1EA33DC6EDEE5904D248AD0B159 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft Manifest number: 170F Signing time: Sat 27 Dec 2025 11:00:42 +0000 Manifest this update: Sat 27 Dec 2025 11:00:42 +0000 Manifest next update: Sun 28 Dec 2025 11:00:42 +0000 Files and hashes: 1: kclBuRKTMfByXqrmrwIbc_lZEnM.roa (hash: MQr5fqlXn7Xd/Z8IgiENjDF+OVj4PMx+/5QB1sHm+8E=) 2: yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl (hash: vdzPF4kpEYNBxQCOpC7zT8iz/BarCsP4VKyHJSx//wQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 08:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:77:c1:ea:33:dc:6e:de:e5:90:4d:24:8a:d0:b1:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49 Validity Not Before: Dec 27 11:00:42 2025 GMT Not After : Dec 28 11:00:42 2025 GMT Subject: CN=96a291b899571513cae45d07487b48608e8d4527 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:10:f0:6b:d6:b1:4e:21:9d:f6:f3:67:0b:ce: da:d6:53:06:ee:ba:aa:f0:58:d2:1b:a8:f8:df:99: 68:e6:78:db:ae:56:f2:48:11:ca:81:14:1e:7a:4f: 19:f7:22:f5:08:9f:32:16:92:4f:aa:0d:0b:70:29: 49:82:6d:e5:df:99:04:79:4e:a5:ea:41:df:01:52: 05:dd:0b:70:9f:09:98:71:dc:c0:ee:d0:92:f4:5c: cb:4c:6f:d7:cc:b5:eb:59:88:9b:fa:0c:21:d3:aa: 6e:46:be:5c:51:99:4f:de:40:00:f4:80:c1:1f:35: f2:ab:c0:bf:3b:cb:ec:fa:0b:cb:e4:90:5c:bb:cb: 55:0d:1c:17:ee:41:ec:da:e8:c5:db:1b:30:c5:1c: e0:ec:a2:c7:cb:f0:24:8f:c2:71:99:9f:42:a6:bb: e1:77:58:4d:f7:af:a5:0f:6b:3b:c1:00:21:4d:65: 07:38:2d:26:17:5e:d1:b0:28:42:36:e5:ae:1d:0f: d7:8e:9c:4c:1e:c0:3f:05:af:1d:bd:e7:75:72:17: 7f:c7:ed:39:50:36:54:1b:e8:74:84:69:b8:f5:20: a9:57:14:96:80:5f:74:2e:54:c4:ab:40:16:96:51: 4a:32:27:0c:01:4a:f4:95:dc:fb:b7:84:40:64:f2: f3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:A2:91:B8:99:57:15:13:CA:E4:5D:07:48:7B:48:60:8E:8D:45:27 X509v3 Authority Key Identifier: keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:9f:a5:21:bb:52:b2:07:92:8d:81:7b:0a:0a:27:60:05:3c: a1:24:54:20:b9:19:ed:e1:65:80:26:9d:62:a6:40:e9:ab:3b: 35:6c:c8:81:c9:a7:da:a5:be:35:ba:11:d9:aa:67:e6:71:7b: f8:61:cc:47:2a:12:93:c2:71:fa:b4:27:1c:78:69:7a:9e:0d: 8b:14:fc:6e:2a:f7:e2:1c:74:59:fb:ec:ce:69:09:96:56:b6: 0b:12:47:11:26:f6:2a:33:3b:a7:1f:05:59:7c:8c:d3:20:0f: 4f:eb:d9:14:c9:1b:ab:33:94:98:05:51:dc:20:62:ed:8d:93: a5:5b:c2:b2:8d:7b:b3:09:a5:91:0c:c7:1d:ba:38:d6:37:2d: 29:88:5b:72:46:eb:4a:78:c9:f0:45:f8:a4:ea:02:99:62:3d: 74:6e:80:42:50:28:2e:ab:f8:05:fd:25:89:9d:0c:08:38:52: 57:58:16:5a:a2:8c:8b:c8:65:21:2d:4b:90:ee:a9:33:0f:a3: e7:31:af:84:ee:83:44:22:2d:2c:a5:4b:5f:7f:7f:22:a3:64: 49:52:e8:72:c2:fd:43:89:9a:e3:68:86:1a:95:e8:23:a9:8b: db:e9:e5:b0:42:06:a6:a5:73:78:8c:6f:75:c1:09:d1:69:d2: 08:84:7a:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtfd8HqM9xu3uWQTSSK0LFZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZTUwY2ExNzEzNDgzN2E1MGQzMDYzZDQzZDQ0MzM4NWFi ZTZmNDkwHhcNMjUxMjI3MTEwMDQyWhcNMjUxMjI4MTEwMDQyWjAzMTEwLwYDVQQD Eyg5NmEyOTFiODk5NTcxNTEzY2FlNDVkMDc0ODdiNDg2MDhlOGQ0NTI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhDwa9axTiGd9vNnC87a1lMG7rqq 8FjSG6j435lo5njbrlbySBHKgRQeek8Z9yL1CJ8yFpJPqg0LcClJgm3l35kEeU6l 6kHfAVIF3QtwnwmYcdzA7tCS9FzLTG/XzLXrWYib+gwh06puRr5cUZlP3kAA9IDB HzXyq8C/O8vs+gvL5JBcu8tVDRwX7kHs2ujF2xswxRzg7KLHy/Akj8JxmZ9Cprvh d1hN96+lD2s7wQAhTWUHOC0mF17RsChCNuWuHQ/XjpxMHsA/Ba8dved1chd/x+05 UDZUG+h0hGm49SCpVxSWgF90LlTEq0AWllFKMicMAUr0ldz7t4RAZPLzPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJaikbiZVxUTyuRdB0h7SGCOjUUnMB8GA1UdIwQY MBaAFMjlDKFxNIN6UNMGPUPUQzhavm9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUt NWVmZjczZTg5ZmJiLzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9iMTMwYjUtNWZjYy00MTk2LTkwNzUtNWVmZjczZTg5ZmJi LzEveU9VTW9YRTBnM3BRMHdZOVE5UkRPRnEtYjBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ5+lIbtS sgeSjYF7CgonYAU8oSRUILkZ7eFlgCadYqZA6as7NWzIgcmn2qW+NboR2apn5nF7 +GHMRyoSk8Jx+rQnHHhpep4NixT8bir34hx0WfvszmkJlla2CxJHESb2KjM7px8F WXyM0yAPT+vZFMkbqzOUmAVR3CBi7Y2TpVvCso17swmlkQzHHbo41jctKYhbckbr SnjJ8EX4pOoCmWI9dG6AQlAoLqv4Bf0liZ0MCDhSV1gWWqKMi8hlIS1LkO6pMw+j 5zGvhO6DRCItLKVLX39/IqNkSVLocsL9Q4ma42iGGpXoI6mL2+nlsEIGpqVzeIxv dcEJ0WnSCIR60g== -----END CERTIFICATE-----Generated at Sat Dec 27 15:34:27 2025 by rpki-client