This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft File: ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json) Hash identifier: RbkfVGMI0oAw5qyR6UvG+PA7beWWenMsRpItoh9AuM0= Subject key identifier: FC:65:B7:E0:58:74:38:C1:27:5C:2F:C3:4B:74:4D:4B:B7:1C:AB:FC Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75 Certificate issuer: /CN=9f2f166d05ea976f69aed58e46a41f7e50524475 Certificate serial: 019B5A51D52B0A21F64B232E0AA29B683E48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft Manifest number: 150E Signing time: Fri 26 Dec 2025 11:01:10 +0000 Manifest this update: Fri 26 Dec 2025 11:01:10 +0000 Manifest next update: Sat 27 Dec 2025 11:01:10 +0000 Files and hashes: 1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: UBE0ERxdTOJ4uKi8N/uw5RsCbK51fKe00wTDkpxhzNs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:d5:2b:0a:21:f6:4b:23:2e:0a:a2:9b:68:3e:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475 Validity Not Before: Dec 26 11:01:10 2025 GMT Not After : Dec 27 11:01:10 2025 GMT Subject: CN=fc65b7e0587438c1275c2fc34b744d4bb71cabfc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b1:8c:d2:88:b2:55:ce:b7:ea:80:fb:65:31: 23:98:7f:57:d6:ec:cb:ac:f6:29:87:1c:50:b9:af: 20:1f:ce:69:12:d1:1b:53:fb:e1:cd:a6:b8:a7:ca: 24:f6:1e:78:ba:65:d0:1c:fe:54:4e:10:42:20:2c: d0:91:8e:b9:e1:bf:9e:72:e2:e4:39:88:5b:9c:e1: e6:54:9b:e5:79:7d:8b:7c:bd:a5:2f:f3:b3:e8:ee: d5:75:2e:e8:ae:aa:7d:a3:56:dd:e0:1e:6b:a8:80: 98:aa:c9:79:70:3b:ac:af:12:d4:79:51:1a:b3:93: c8:be:cb:76:e8:89:8b:77:42:8d:5f:c0:d4:24:d4: 35:0d:47:d2:e2:d6:4a:27:17:26:b1:e8:21:01:fa: cd:71:ad:86:51:f7:e7:ec:82:62:a2:44:d5:53:ce: 4a:5a:c5:a5:b4:9d:8a:ea:47:7e:0a:13:e8:80:ab: 13:f0:5c:4c:4c:ba:9f:b4:a6:2b:a3:de:47:45:6b: da:98:13:b5:6f:7d:7d:b7:b9:fd:73:67:33:93:cb: cc:a2:48:e3:80:33:63:8b:95:9c:82:28:84:69:72: 52:ab:79:e0:5a:fc:59:8d:fe:13:6b:8a:5b:e5:8e: 94:82:95:5f:16:49:3b:e3:fc:45:0c:0a:1d:be:de: 98:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:65:B7:E0:58:74:38:C1:27:5C:2F:C3:4B:74:4D:4B:B7:1C:AB:FC X509v3 Authority Key Identifier: keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:bd:7e:ba:fe:dd:ef:9f:05:36:92:73:0a:5c:67:47:07:60: 2a:0d:54:6a:9b:c0:3f:b8:76:ea:90:d6:e6:1f:af:11:d3:f3: a2:1f:6d:09:58:db:91:e7:97:55:db:10:17:2e:19:36:fd:e8: c2:03:a4:5a:15:fa:44:bb:b6:bd:63:4f:37:8e:af:c9:c7:8f: e0:ac:af:a0:fb:65:95:61:04:07:73:e4:ae:39:a4:b0:8a:21: 0c:c9:cb:c8:6e:9a:78:af:e6:f6:ba:0d:61:b9:6e:ea:5a:d7: 8e:7e:fd:3b:4a:1f:37:fa:be:a2:82:9b:7b:b1:8c:bb:12:05: a2:64:bb:d8:c4:d9:20:a5:5c:9f:ae:9e:9d:bc:88:ab:d7:7a: b7:7b:4a:7e:df:b0:77:25:88:27:1c:a2:bc:6a:5a:0e:5f:35: cb:18:3d:17:a1:4b:ab:3a:7f:82:30:81:8c:be:bc:31:e3:b4: bd:e6:a9:cf:6d:e8:a2:fc:a0:4f:3b:36:d8:21:09:65:d5:eb: ed:ec:79:88:6a:21:1d:00:f3:da:fb:b2:ab:ed:fe:5e:f6:50: b9:1e:1d:f4:1e:1a:ca:f6:62:70:f1:04:26:c2:48:f6:d4:94: 9b:d3:55:9a:b7:79:9a:27:b2:03:2b:eb:05:8b:0a:19:7c:9c: 1f:75:a6:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUdUrCiH2SyMuCqKbaD5IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1 MjQ0NzUwHhcNMjUxMjI2MTEwMTEwWhcNMjUxMjI3MTEwMTEwWjAzMTEwLwYDVQQD EyhmYzY1YjdlMDU4NzQzOGMxMjc1YzJmYzM0Yjc0NGQ0YmI3MWNhYmZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbGM0oiyVc636oD7ZTEjmH9X1uzL rPYphxxQua8gH85pEtEbU/vhzaa4p8ok9h54umXQHP5UThBCICzQkY654b+ecuLk OYhbnOHmVJvleX2LfL2lL/Oz6O7VdS7orqp9o1bd4B5rqICYqsl5cDusrxLUeVEa s5PIvst26ImLd0KNX8DUJNQ1DUfS4tZKJxcmseghAfrNca2GUffn7IJiokTVU85K WsWltJ2K6kd+ChPogKsT8FxMTLqftKYro95HRWvamBO1b319t7n9c2czk8vMokjj gDNji5WcgiiEaXJSq3ngWvxZjf4Ta4pb5Y6UgpVfFkk74/xFDAodvt6YnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxlt+BYdDjBJ1wvw0t0TUu3HKv8MB8GA1UdIwQY MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd71+uv7d 758FNpJzClxnRwdgKg1UapvAP7h26pDW5h+vEdPzoh9tCVjbkeeXVdsQFy4ZNv3o wgOkWhX6RLu2vWNPN46vyceP4KyvoPtllWEEB3PkrjmksIohDMnLyG6aeK/m9roN Yblu6lrXjn79O0ofN/q+ooKbe7GMuxIFomS72MTZIKVcn66enbyIq9d6t3tKft+w dyWIJxyivGpaDl81yxg9F6FLqzp/gjCBjL68MeO0veapz23oovygTzs22CEJZdXr 7ex5iGohHQDz2vuyq+3+XvZQuR4d9B4ayvZicPEEJsJI9tSUm9NVmrd5mieyAyvr BYsKGXycH3WmVQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:19:47 2025 by rpki-client