This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.mft File: ryNYW_zdBhypRuLZ6ouX5FucMdY.mft (raw, json) Hash identifier: 3fufJiYZQv+yBvKOAnk3tcl50Swnmvu286iPMhQ3zpg= Subject key identifier: B3:52:51:4C:F8:A1:5B:8A:E3:F4:D1:D8:75:04:F8:A5:7F:52:56:4C Authority key identifier: AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6 Certificate issuer: /CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6 Certificate serial: 019B25F6971D4C52038F023C53A9DA332CD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.mft Manifest number: 16E2 Signing time: Tue 16 Dec 2025 07:01:15 +0000 Manifest this update: Tue 16 Dec 2025 07:01:15 +0000 Manifest next update: Wed 17 Dec 2025 07:01:15 +0000 Files and hashes: 1: SeufauaKg6Zpqe8UY9h9PfD262s.roa (hash: f9EK4NXbDLFnpfyftEzrpn9paJMCGETNbGO1nrHQTYE=) 2: ryNYW_zdBhypRuLZ6ouX5FucMdY.crl (hash: 26jFPq6xryteRUiLGPuojytrcvkL42gavynuPeCAouQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.mft rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:f6:97:1d:4c:52:03:8f:02:3c:53:a9:da:33:2c:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6 Validity Not Before: Dec 16 07:01:15 2025 GMT Not After : Dec 17 07:01:15 2025 GMT Subject: CN=b352514cf8a15b8ae3f4d1d87504f8a57f52564c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ab:78:6d:97:8d:f2:21:e3:48:02:db:8e:25: 84:97:55:11:3e:b1:aa:b0:53:c2:3b:58:d9:a8:13: 99:f4:2c:e5:47:cd:4b:3d:88:49:74:7d:48:4d:5c: 62:e2:d7:8d:b0:7d:c5:43:5b:bd:d8:63:85:86:48: 88:05:a9:08:36:af:17:69:d6:73:d0:1b:98:30:c0: bc:2e:85:31:20:e2:ff:66:c8:83:3c:b4:00:f7:04: 7c:7c:30:34:87:49:3a:d6:1d:4d:c2:12:67:57:64: 68:0b:4e:ab:52:1a:21:bc:4e:1a:9a:bc:0e:80:4c: 32:d5:ae:8f:8e:3e:1c:6c:bf:53:bf:40:14:9c:4b: 08:09:77:b8:5f:7a:7b:93:55:49:8d:9e:59:57:e9: eb:b9:cf:cb:b3:2c:a6:32:7a:c0:f1:08:13:f1:96: bd:e1:f9:e9:24:19:14:d0:0c:1b:ae:35:89:5c:58: 9c:10:4d:24:47:fa:52:13:a6:23:c9:69:b8:a8:5c: 66:7f:8f:04:c0:1d:ea:41:48:be:ce:bf:0f:56:d2: 03:02:65:8d:6e:b4:b7:44:8b:eb:40:e3:f9:78:f3: eb:29:c1:e9:43:1c:f6:06:c4:2c:b5:78:c8:3d:a1: cc:75:4f:63:af:d1:95:25:d5:9b:7b:d3:18:da:ae: f3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:52:51:4C:F8:A1:5B:8A:E3:F4:D1:D8:75:04:F8:A5:7F:52:56:4C X509v3 Authority Key Identifier: keyid:AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:9a:d9:32:33:5f:42:1d:58:cc:a9:5c:46:d9:0d:b7:0e:3c: af:f3:2a:37:63:7a:39:77:94:c7:5d:35:2c:c4:8e:96:b1:ad: fc:08:4b:38:58:0f:b1:95:ac:9f:b3:13:e5:28:63:0d:78:32: de:c8:d7:5b:55:d8:ab:62:6d:66:57:c8:be:dc:d7:a1:be:ea: cc:e6:32:b6:d3:ad:41:bc:8e:93:08:b5:8c:59:32:34:f3:1b: 24:f3:ac:8b:3d:07:a1:4d:f9:e6:de:e0:82:59:40:88:43:06: 97:a7:08:2e:5a:ba:fd:67:d3:d5:d3:23:6d:b0:01:a4:f9:ec: 84:72:b6:6e:5c:dd:13:16:68:15:5c:0f:08:6c:be:bf:58:db: f3:76:14:3e:0d:42:b5:2d:36:b1:e5:39:f7:95:d6:b5:a2:53: f6:3b:d9:21:16:14:e0:e1:1f:71:df:e1:f7:eb:63:f7:fc:e5: cc:29:47:6a:8d:58:73:49:2b:bb:7e:d8:b7:98:84:f0:b1:7b: b5:e1:66:aa:c8:92:83:e4:b6:1f:94:c0:6d:46:5d:90:88:7d: 13:6c:91:c9:d5:db:ea:e0:bc:47:6a:fe:a6:21:75:b4:1b:a7: 30:30:c1:81:9a:85:c9:59:b8:75:cc:30:3d:e4:97:0f:4a:be: 61:4b:25:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsl9pcdTFIDjwI8U6naMyzXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMjM1ODViZmNkZDA2MWNhOTQ2ZTJkOWVhOGI5N2U0NWI5 YzMxZDYwHhcNMjUxMjE2MDcwMTE1WhcNMjUxMjE3MDcwMTE1WjAzMTEwLwYDVQQD EyhiMzUyNTE0Y2Y4YTE1YjhhZTNmNGQxZDg3NTA0ZjhhNTdmNTI1NjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqat4bZeN8iHjSALbjiWEl1URPrGq sFPCO1jZqBOZ9CzlR81LPYhJdH1ITVxi4teNsH3FQ1u92GOFhkiIBakINq8XadZz 0BuYMMC8LoUxIOL/ZsiDPLQA9wR8fDA0h0k61h1NwhJnV2RoC06rUhohvE4amrwO gEwy1a6Pjj4cbL9Tv0AUnEsICXe4X3p7k1VJjZ5ZV+nruc/LsyymMnrA8QgT8Za9 4fnpJBkU0AwbrjWJXFicEE0kR/pSE6YjyWm4qFxmf48EwB3qQUi+zr8PVtIDAmWN brS3RIvrQOP5ePPrKcHpQxz2BsQstXjIPaHMdU9jr9GVJdWbe9MY2q7z0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLNSUUz4oVuK4/TR2HUE+KV/UlZMMB8GA1UdIwQY MBaAFK8jWFv83QYcqUbi2eqLl+RbnDHWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMt NzkzNDRkYTNhMmU2LzEvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMtNzkzNDRkYTNhMmU2 LzEvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdprZMjNf Qh1YzKlcRtkNtw48r/MqN2N6OXeUx101LMSOlrGt/AhLOFgPsZWsn7MT5ShjDXgy 3sjXW1XYq2JtZlfIvtzXob7qzOYyttOtQbyOkwi1jFkyNPMbJPOsiz0HoU355t7g gllAiEMGl6cILlq6/WfT1dMjbbABpPnshHK2blzdExZoFVwPCGy+v1jb83YUPg1C tS02seU595XWtaJT9jvZIRYU4OEfcd/h9+tj9/zlzClHao1Yc0kru37Yt5iE8LF7 teFmqsiSg+S2H5TAbUZdkIh9E2yRydXb6uC8R2r+piF1tBunMDDBgZqFyVm4dcww PeSXD0q+YUsleQ== -----END CERTIFICATE-----Generated at Tue Dec 16 10:53:47 2025 by rpki-client