This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft File: DyKg7jvG4y2JLt3iV8u3mRefLNY.mft (raw, json) Hash identifier: 6qt7XAW+v5Dorq+dPNbQ+Coi0GnGuZ0s13+00wxBIRw= Subject key identifier: 3F:CC:63:E8:A3:C2:2E:D3:C2:2C:3D:62:7F:BC:A4:34:C0:0A:6B:6E Authority key identifier: 0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6 Certificate issuer: /CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6 Certificate serial: 019B5AF6C324D8F3BAA7B380A4FD27DB3B91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft Manifest number: 0902 Signing time: Fri 26 Dec 2025 14:01:19 +0000 Manifest this update: Fri 26 Dec 2025 14:01:19 +0000 Manifest next update: Sat 27 Dec 2025 14:01:19 +0000 Files and hashes: 1: 3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa (hash: Lzgk9VM3/0+YuHabQnt8dL/9QNx4stqWd1uOafztoy0=) 2: DyKg7jvG4y2JLt3iV8u3mRefLNY.crl (hash: w5o0Mut3A0gTs20rQCio6DhaMHfobsp9lKBhDIxuPlo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:c3:24:d8:f3:ba:a7:b3:80:a4:fd:27:db:3b:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6 Validity Not Before: Dec 26 14:01:19 2025 GMT Not After : Dec 27 14:01:19 2025 GMT Subject: CN=3fcc63e8a3c22ed3c22c3d627fbca434c00a6b6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:83:1c:8d:75:21:40:09:ac:c2:c6:19:2c:38: 47:5c:6b:52:46:92:1d:5f:4f:92:02:01:4c:63:8e: 0b:ac:79:d8:fe:ba:c6:69:fa:b3:cd:dc:02:1f:c7: 23:05:eb:b4:8c:ad:2f:40:31:1b:38:8c:ef:cc:a9: 22:8d:a1:45:c6:f4:e1:11:71:e7:c2:39:f3:5c:d7: 37:f6:65:2b:e0:a9:fe:e5:f4:1c:76:c1:c0:1b:77: 83:a6:c9:7f:61:b2:c5:ae:70:2e:89:19:b5:04:13: 94:30:cf:2e:a1:ce:77:be:73:b0:bb:a5:1c:7f:71: eb:cd:56:fb:52:1a:d3:2a:57:e8:a9:04:52:8c:d0: de:68:9e:df:0b:b6:5c:9c:09:97:80:26:bd:6e:da: cf:a6:d6:7d:31:9e:51:ae:5e:7f:45:af:b4:90:c1: 09:cc:63:f0:cc:54:d0:94:ea:58:ba:bc:21:6f:65: 12:ee:ff:9a:3a:ab:6b:bc:d8:55:78:40:11:61:dc: 65:02:b1:67:5e:dd:9f:96:bc:6b:d6:82:75:3f:38: 00:c8:c7:ff:47:f4:3e:67:81:75:b2:28:2c:34:15: 81:94:fd:6b:87:7f:78:cd:e1:05:78:f3:c9:d1:af: 78:bc:32:b1:75:bd:2a:1d:fc:3a:30:06:0c:87:2a: f1:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:CC:63:E8:A3:C2:2E:D3:C2:2C:3D:62:7F:BC:A4:34:C0:0A:6B:6E X509v3 Authority Key Identifier: keyid:0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:fd:8c:48:94:e8:23:09:df:92:9b:be:69:e5:ae:d0:9c:7c: b9:52:c3:ac:eb:6f:32:ef:e7:80:f6:b3:1b:02:8e:3c:e6:ee: 56:7b:96:8e:12:1c:5c:33:3f:07:4c:63:ab:93:26:ee:fb:49: ad:a7:ee:cb:50:3d:c9:a5:6a:87:7e:1b:40:32:37:80:48:14: ee:91:af:d9:f4:6f:54:41:f6:5c:3f:db:1c:99:61:b3:1c:71: 23:f5:d8:14:c8:85:1b:3a:f5:e9:94:a4:67:13:55:5b:c3:08: a6:4b:78:42:0b:c1:89:6f:07:56:e3:d3:19:6f:ac:05:cf:7f: c2:2b:04:3c:3e:88:6b:b3:12:86:b4:3d:f3:37:bc:08:c3:3d: 0c:b6:21:cb:55:7d:68:ad:f6:20:0d:f8:08:11:9d:dd:d6:da: b7:00:8a:67:7c:c0:91:80:16:bf:bf:43:7f:34:1d:70:d2:e1: 6f:c1:57:37:1c:61:7a:e9:57:d2:1e:ff:e3:4c:7c:69:86:b1: 86:3d:e6:70:8b:b2:5d:30:7c:ab:f1:c8:1e:28:30:56:9b:ac: 05:a4:f6:c1:1c:af:9d:3b:ed:bd:89:2e:46:b7:4a:74:08:dc: 0f:89:d6:22:28:ab:fa:fa:12:0c:c7:03:a7:35:74:75:0d:1a: bf:cf:ca:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9sMk2PO6p7OApP0n2zuRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMjJhMGVlM2JjNmUzMmQ4OTJlZGRlMjU3Y2JiNzk5MTc5 ZjJjZDYwHhcNMjUxMjI2MTQwMTE5WhcNMjUxMjI3MTQwMTE5WjAzMTEwLwYDVQQD EygzZmNjNjNlOGEzYzIyZWQzYzIyYzNkNjI3ZmJjYTQzNGMwMGE2YjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4McjXUhQAmswsYZLDhHXGtSRpId X0+SAgFMY44LrHnY/rrGafqzzdwCH8cjBeu0jK0vQDEbOIzvzKkijaFFxvThEXHn wjnzXNc39mUr4Kn+5fQcdsHAG3eDpsl/YbLFrnAuiRm1BBOUMM8uoc53vnOwu6Uc f3HrzVb7UhrTKlfoqQRSjNDeaJ7fC7ZcnAmXgCa9btrPptZ9MZ5Rrl5/Ra+0kMEJ zGPwzFTQlOpYurwhb2US7v+aOqtrvNhVeEARYdxlArFnXt2flrxr1oJ1PzgAyMf/ R/Q+Z4F1sigsNBWBlP1rh394zeEFePPJ0a94vDKxdb0qHfw6MAYMhyrxOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD/MY+ijwi7Twiw9Yn+8pDTACmtuMB8GA1UdIwQY MBaAFA8ioO47xuMtiS7d4lfLt5kXnyzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDct NDJkNjc4NDA5NDRkLzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDctNDJkNjc4NDA5NDRk LzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbf2MSJTo Iwnfkpu+aeWu0Jx8uVLDrOtvMu/ngPazGwKOPObuVnuWjhIcXDM/B0xjq5Mm7vtJ rafuy1A9yaVqh34bQDI3gEgU7pGv2fRvVEH2XD/bHJlhsxxxI/XYFMiFGzr16ZSk ZxNVW8MIpkt4QgvBiW8HVuPTGW+sBc9/wisEPD6Ia7MShrQ98ze8CMM9DLYhy1V9 aK32IA34CBGd3dbatwCKZ3zAkYAWv79DfzQdcNLhb8FXNxxheulX0h7/40x8aYax hj3mcIuyXTB8q/HIHigwVpusBaT2wRyvnTvtvYkuRrdKdAjcD4nWIiir+voSDMcD pzV0dQ0av8/Kmg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:29 2025 by rpki-client