This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft File: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft (raw, json) Hash identifier: YP/FH741SkHddaz8DEtwO5z/vPWGq3Z2YSKM4rU4HcA= Subject key identifier: 1C:18:6A:C4:F4:97:D3:94:B2:6A:C0:B4:37:13:4F:28:78:3A:95:A2 Authority key identifier: 63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90 Certificate issuer: /CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890 Certificate serial: 019B28522DBFD4E9592F8CAA0F1A6BEFEB17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft Manifest number: 0D60 Signing time: Tue 16 Dec 2025 18:00:32 +0000 Manifest this update: Tue 16 Dec 2025 18:00:32 +0000 Manifest next update: Wed 17 Dec 2025 18:00:32 +0000 Files and hashes: 1: 2ATvNbnGawNlZZ5eknfDSbXFIzQ.roa (hash: tXSd9lU5fCgD64Z/fTQv/A1ZJJrB3ZcLdqsIZET5sKI=) 2: Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl (hash: BewAZKUutbKKlPz0jt03nJBlPpVMOAXj1WdSNeRRvSE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:52:2d:bf:d4:e9:59:2f:8c:aa:0f:1a:6b:ef:eb:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=638c83f9a3a3d2160a0178ca19ccb43a0d2f1890 Validity Not Before: Dec 16 18:00:32 2025 GMT Not After : Dec 17 18:00:32 2025 GMT Subject: CN=1c186ac4f497d394b26ac0b437134f28783a95a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3b:7b:a2:08:48:c4:e7:16:dd:52:45:97:ee: fe:28:91:e7:82:44:81:48:d2:fd:a6:b9:b2:82:0a: 32:c2:c1:de:6d:75:a3:e8:ce:6c:33:aa:03:ed:af: 67:8b:d2:9a:26:e0:7f:5b:45:ad:29:61:94:17:4a: 37:c1:75:e5:30:73:0f:00:7a:10:1d:3f:5f:a3:81: f9:27:fa:96:ed:fc:8c:b4:52:c3:9c:2c:3e:95:bc: 81:66:2f:cd:da:84:f5:88:d2:f4:21:83:bd:79:38: e5:20:11:ea:87:2a:5d:1b:9a:83:5e:0e:67:27:96: 5f:e0:02:b2:af:0d:56:dd:c6:40:7e:4e:b9:36:35: 96:38:3b:42:54:df:05:a8:34:67:84:ac:a3:c8:1d: a7:f5:9f:1a:ef:85:c5:21:5c:c3:22:fa:b8:98:b7: 94:b5:81:c1:d0:ee:5d:0d:b7:6a:c4:65:f1:93:6e: 66:cc:7c:16:45:6b:13:d9:cb:75:86:50:42:26:e5: bd:ba:2f:ee:0c:ca:09:75:c1:a4:02:f9:4c:03:01: a9:0f:35:9b:d4:69:1f:70:e0:d6:0a:d5:ea:b8:38: 5d:0d:b4:5a:6e:b5:89:ae:fd:35:42:c2:47:9f:c0: f5:b0:d7:e5:dc:fe:e8:d9:24:49:2f:00:12:e6:7c: b0:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:18:6A:C4:F4:97:D3:94:B2:6A:C0:B4:37:13:4F:28:78:3A:95:A2 X509v3 Authority Key Identifier: keyid:63:8C:83:F9:A3:A3:D2:16:0A:01:78:CA:19:CC:B4:3A:0D:2F:18:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/cc3c28-7b13-4343-af37-25550ba29127/1/Y4yD-aOj0hYKAXjKGcy0Og0vGJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:85:8d:86:91:af:84:a9:75:9f:82:83:e2:14:d0:36:f6:3b: 1a:18:e3:fa:25:69:d9:4a:d9:cf:f9:71:ea:cf:93:2a:d4:c4: 8f:56:32:eb:b7:2e:5d:6b:75:12:ed:bb:16:38:c0:f7:27:f8: ff:7c:52:08:cf:fc:18:1a:37:86:c6:da:1b:fc:32:ce:b2:27: 69:ec:79:42:89:b6:3a:6b:69:15:82:7f:2b:17:03:56:00:8c: 4a:b0:ad:a3:a3:2c:c9:3b:a2:a8:51:3b:d7:dc:fc:d5:9e:49: c7:ae:03:e4:10:c2:7a:d1:2f:ca:84:54:49:a7:03:82:cd:d9: b3:32:07:56:05:59:7c:28:48:d9:67:53:d2:2e:f8:45:70:26: 1a:58:c3:b8:af:21:8e:e6:f4:36:19:78:8c:d8:0b:da:59:f9: 6f:48:15:96:40:37:66:a0:3c:3a:1f:a9:9f:06:cf:bd:f1:3a: f5:1e:79:3b:42:33:0c:fb:5d:53:0a:20:22:f4:75:aa:fe:a8: 0d:8b:a3:25:90:04:0d:a7:01:91:05:0e:77:af:86:9c:bd:e4: aa:f4:7f:df:6e:81:e5:81:69:09:0f:d7:9e:be:13:65:57:eb: bb:55:a0:b6:97:a6:8c:dd:8c:39:fe:8c:d9:1b:d6:29:7a:4a: 22:fa:88:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsoUi2/1OlZL4yqDxpr7+sXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzOGM4M2Y5YTNhM2QyMTYwYTAxNzhjYTE5Y2NiNDNhMGQy ZjE4OTAwHhcNMjUxMjE2MTgwMDMyWhcNMjUxMjE3MTgwMDMyWjAzMTEwLwYDVQQD EygxYzE4NmFjNGY0OTdkMzk0YjI2YWMwYjQzNzEzNGYyODc4M2E5NWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTt7oghIxOcW3VJFl+7+KJHngkSB SNL9prmyggoywsHebXWj6M5sM6oD7a9ni9KaJuB/W0WtKWGUF0o3wXXlMHMPAHoQ HT9fo4H5J/qW7fyMtFLDnCw+lbyBZi/N2oT1iNL0IYO9eTjlIBHqhypdG5qDXg5n J5Zf4AKyrw1W3cZAfk65NjWWODtCVN8FqDRnhKyjyB2n9Z8a74XFIVzDIvq4mLeU tYHB0O5dDbdqxGXxk25mzHwWRWsT2ct1hlBCJuW9ui/uDMoJdcGkAvlMAwGpDzWb 1GkfcODWCtXquDhdDbRabrWJrv01QsJHn8D1sNfl3P7o2SRJLwAS5nywIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBwYasT0l9OUsmrAtDcTTyh4OpWiMB8GA1UdIwQY MBaAFGOMg/mjo9IWCgF4yhnMtDoNLxiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzct MjU1NTBiYTI5MTI3LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9jYzNjMjgtN2IxMy00MzQzLWFmMzctMjU1NTBiYTI5MTI3 LzEvWTR5RC1hT2owaFlLQVhqS0djeTBPZzB2R0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4WNhpGv hKl1n4KD4hTQNvY7Ghjj+iVp2UrZz/lx6s+TKtTEj1Yy67cuXWt1Eu27FjjA9yf4 /3xSCM/8GBo3hsbaG/wyzrInaex5Qom2OmtpFYJ/KxcDVgCMSrCto6MsyTuiqFE7 19z81Z5Jx64D5BDCetEvyoRUSacDgs3ZszIHVgVZfChI2WdT0i74RXAmGljDuK8h jub0Nhl4jNgL2ln5b0gVlkA3ZqA8Oh+pnwbPvfE69R55O0IzDPtdUwogIvR1qv6o DYujJZAEDacBkQUOd6+GnL3kqvR/326B5YFpCQ/Xnr4TZVfru1WgtpemjN2MOf6M 2RvWKXpKIvqI2A== -----END CERTIFICATE-----Generated at Wed Dec 17 00:30:49 2025 by rpki-client