This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft File: Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft (raw, json) Hash identifier: gSqGautc20OLKtlV0QgC8rjwG+F/eWrP7pesgVYKcg0= Subject key identifier: E8:80:07:98:4B:2E:02:D0:C7:FB:8D:7B:C4:95:48:D6:6A:03:D5:50 Authority key identifier: 63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7 Certificate issuer: /CN=6353829c061a8af26de946fc9e81885c74c174c7 Certificate serial: 019B5B9B5E5E3737B1C883C458F7D088AEB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft Manifest number: 099A Signing time: Fri 26 Dec 2025 17:01:07 +0000 Manifest this update: Fri 26 Dec 2025 17:01:07 +0000 Manifest next update: Sat 27 Dec 2025 17:01:07 +0000 Files and hashes: 1: La2c1GzhO3LCYjtEuOjFcoNgj6s.roa (hash: hdTkzvggjd5erT4guotzR+j9YHEwpmHcJ+YP7gw1WZs=) 2: Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl (hash: ka3kUJ5EJiBXY0BDmuDIP2gUvtPCNw2AQ34duypfWVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:9b:5e:5e:37:37:b1:c8:83:c4:58:f7:d0:88:ae:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6353829c061a8af26de946fc9e81885c74c174c7 Validity Not Before: Dec 26 17:01:07 2025 GMT Not After : Dec 27 17:01:07 2025 GMT Subject: CN=e88007984b2e02d0c7fb8d7bc49548d66a03d550 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:91:26:15:69:c7:f3:7e:58:e6:c5:99:f9:33: 63:0c:38:61:aa:a9:11:20:fc:fb:c1:45:f9:57:16: 8a:71:65:61:70:9e:f7:63:62:1c:12:01:5e:f4:5a: 30:6a:6c:c9:70:2d:fb:ef:b4:73:db:66:11:3b:31: b0:15:34:ca:3c:53:49:dd:67:0c:75:24:45:69:25: ac:c3:35:c5:9e:18:9b:05:97:c1:75:4d:ef:cc:27: 77:ea:bc:bf:b6:64:37:d5:c6:da:f3:a5:9d:61:f4: 86:0e:78:5c:65:b4:97:78:9f:cc:48:23:e6:db:ff: e3:ec:5e:c1:c3:ce:4a:41:6c:90:5e:82:f8:a5:6e: 56:57:20:4a:39:01:69:cc:f8:fd:52:3e:99:d2:57: 68:07:1a:b1:cb:e0:6a:f9:5d:d3:37:ca:1b:a8:19: e0:43:74:e0:c0:2a:7e:7f:b6:66:6f:c4:28:26:0c: 79:96:55:f6:88:ef:28:12:a3:1c:f9:5d:9b:76:bc: a8:84:e5:1d:ba:a2:ad:ce:a9:7d:f4:dc:b5:23:10: 34:30:d3:21:c7:b0:69:bc:36:5f:5b:24:20:1b:37: 7b:ea:45:df:9c:74:8a:d6:1c:ae:a1:d2:c7:9d:62: e0:23:2f:d7:6d:c5:26:b8:db:3d:86:95:27:d2:27: 7b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:80:07:98:4B:2E:02:D0:C7:FB:8D:7B:C4:95:48:D6:6A:03:D5:50 X509v3 Authority Key Identifier: keyid:63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:95:69:67:c1:2a:9d:b0:8e:c6:49:b9:71:97:d4:aa:ba:ee: c7:91:45:8e:80:52:d3:db:2b:f2:e9:e8:df:81:e2:1f:1c:e3: 0b:5f:00:48:3b:0a:5b:08:e2:4c:bc:0a:1f:8b:08:00:a7:68: 8d:e1:86:79:dc:2d:dc:17:f7:e0:4e:ae:fb:b3:d9:3a:b9:64: af:db:e0:f4:9b:1b:a9:0b:16:51:54:09:22:86:3f:0f:cf:de: 9e:b1:ac:0f:d4:a0:c4:62:b0:9c:2e:09:2f:23:c0:03:15:fa: ef:cb:9e:4b:99:fe:78:88:ab:53:f0:3a:35:c3:0f:0e:9f:9a: 7e:7c:6c:4d:ad:25:89:60:a8:5b:9e:6c:40:3b:fb:ba:1b:7b: 8b:c8:bd:88:90:5e:44:a3:0d:df:0f:82:da:8d:2f:c9:3b:df: 79:24:a2:3d:d2:df:8f:b0:39:f1:2e:84:3e:fd:2a:17:b3:3d: 30:fa:e9:6b:dd:4e:63:7b:95:a3:d1:1a:5d:3e:d1:4a:b2:d5: 29:1c:49:d9:96:2f:f7:c0:e3:97:33:77:06:92:4e:6d:af:8c: 86:3c:5f:8b:ad:41:a6:6a:e4:42:0b:8f:a5:e6:f0:bb:67:0d: 4f:09:37:bf:2a:6f:89:27:76:00:fd:66:ec:a2:db:4b:06:08: 3e:fb:74:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbm15eNzexyIPEWPfQiK62MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNTM4MjljMDYxYThhZjI2ZGU5NDZmYzllODE4ODVjNzRj MTc0YzcwHhcNMjUxMjI2MTcwMTA3WhcNMjUxMjI3MTcwMTA3WjAzMTEwLwYDVQQD EyhlODgwMDc5ODRiMmUwMmQwYzdmYjhkN2JjNDk1NDhkNjZhMDNkNTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZEmFWnH835Y5sWZ+TNjDDhhqqkR IPz7wUX5VxaKcWVhcJ73Y2IcEgFe9FowamzJcC3777Rz22YROzGwFTTKPFNJ3WcM dSRFaSWswzXFnhibBZfBdU3vzCd36ry/tmQ31cba86WdYfSGDnhcZbSXeJ/MSCPm 2//j7F7Bw85KQWyQXoL4pW5WVyBKOQFpzPj9Uj6Z0ldoBxqxy+Bq+V3TN8obqBng Q3TgwCp+f7Zmb8QoJgx5llX2iO8oEqMc+V2bdryohOUduqKtzql99Ny1IxA0MNMh x7BpvDZfWyQgGzd76kXfnHSK1hyuodLHnWLgIy/XbcUmuNs9hpUn0id7zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOiAB5hLLgLQx/uNe8SVSNZqA9VQMB8GA1UdIwQY MBaAFGNTgpwGGorybelG/J6BiFx0wXTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEt ODE2MjAzZDIxZDEyLzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEtODE2MjAzZDIxZDEy LzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5VpZ8Eq nbCOxkm5cZfUqrrux5FFjoBS09sr8uno34HiHxzjC18ASDsKWwjiTLwKH4sIAKdo jeGGedwt3Bf34E6u+7PZOrlkr9vg9JsbqQsWUVQJIoY/D8/enrGsD9SgxGKwnC4J LyPAAxX678ueS5n+eIirU/A6NcMPDp+afnxsTa0liWCoW55sQDv7uht7i8i9iJBe RKMN3w+C2o0vyTvfeSSiPdLfj7A58S6EPv0qF7M9MPrpa91OY3uVo9EaXT7RSrLV KRxJ2ZYv98DjlzN3BpJOba+Mhjxfi61BpmrkQguPpebwu2cNTwk3vypviSd2AP1m 7KLbSwYIPvt0kw== -----END CERTIFICATE-----Generated at Fri Dec 26 21:14:39 2025 by rpki-client