This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.mft File: y6AXGgLV5KdftAY1VFrgBkyMzK0.mft (raw, json) Hash identifier: fxG+opsEBkOvj7J0PAzRIGtqlQCX/820jx/5sgxflOg= Subject key identifier: 0D:D8:B5:1C:9D:B5:A7:7B:36:57:57:CD:EA:98:84:A5:FC:8D:1C:1B Authority key identifier: CB:A0:17:1A:02:D5:E4:A7:5F:B4:06:35:54:5A:E0:06:4C:8C:CC:AD Certificate issuer: /CN=cba0171a02d5e4a75fb40635545ae0064c8cccad Certificate serial: 019B394660D04EFE9DE2E2C0068E317BEDB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y6AXGgLV5KdftAY1VFrgBkyMzK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.mft Manifest number: 1493 Signing time: Sat 20 Dec 2025 01:01:12 +0000 Manifest this update: Sat 20 Dec 2025 01:01:12 +0000 Manifest next update: Sun 21 Dec 2025 01:01:12 +0000 Files and hashes: 1: mj2SP2YUf8OOW3PWyfsSenlnbcQ.roa (hash: 7rYL22HIBA9YP5PrLL9E5bTyxJEJdAa2DC73cuHwaP4=) 2: y6AXGgLV5KdftAY1VFrgBkyMzK0.crl (hash: EplSjVPXSrmJd7jBigpRbiuvMMwifDKUnqT3P+qeRtA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.mft rsync://rpki.ripe.net/repository/DEFAULT/y6AXGgLV5KdftAY1VFrgBkyMzK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:46:60:d0:4e:fe:9d:e2:e2:c0:06:8e:31:7b:ed:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cba0171a02d5e4a75fb40635545ae0064c8cccad Validity Not Before: Dec 20 01:01:12 2025 GMT Not After : Dec 21 01:01:12 2025 GMT Subject: CN=0dd8b51c9db5a77b365757cdea9884a5fc8d1c1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:ad:d3:8a:5e:40:d5:47:58:61:75:aa:8e:23: 33:73:61:64:3b:14:c3:01:47:18:c1:22:73:e9:3c: c9:84:1c:9a:29:4a:a0:2a:35:97:03:07:3b:35:ee: 21:f4:90:36:06:a6:af:f1:32:13:e9:45:dc:d6:79: 71:1f:61:f3:0e:d6:70:bb:e7:d4:d0:5a:d9:a7:c4: 5c:f4:22:f4:fa:ef:1b:03:1f:8f:62:fd:f2:85:54: fb:05:67:4e:3b:4b:c5:b4:37:6d:d1:5b:cf:1d:71: 92:07:83:4d:bb:be:95:da:c9:86:4c:3b:71:a4:ec: 97:cd:b0:33:fd:0e:11:8c:e8:bf:ce:1b:96:09:31: 63:ac:fb:9d:56:ec:bd:85:8e:6c:9e:0d:0e:9b:b1: 89:c8:7c:77:6f:e6:ec:89:28:fe:07:eb:f7:f2:f3: d6:0f:a8:53:20:12:a1:91:0d:df:fd:64:04:95:2f: eb:41:1c:33:b7:93:b4:7f:b9:f5:45:5b:45:94:3a: 56:3a:ad:96:cf:a5:14:c4:fd:b9:ed:4c:fa:19:41: 0e:4a:c0:d8:6e:75:5a:3a:a9:bc:9d:95:34:bb:09: bc:6f:6f:e0:ba:ca:86:98:42:6a:8c:ef:34:b2:ba: 9d:1a:8b:99:97:02:21:d4:75:06:48:b7:ae:bf:c7: 67:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D8:B5:1C:9D:B5:A7:7B:36:57:57:CD:EA:98:84:A5:FC:8D:1C:1B X509v3 Authority Key Identifier: keyid:CB:A0:17:1A:02:D5:E4:A7:5F:B4:06:35:54:5A:E0:06:4C:8C:CC:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y6AXGgLV5KdftAY1VFrgBkyMzK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/654433-e320-42ae-bb61-570b14833534/1/y6AXGgLV5KdftAY1VFrgBkyMzK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:46:08:3a:5c:c6:33:eb:c1:24:94:2d:bb:dd:11:fc:87:87: db:0c:d5:ad:51:a7:40:ab:e1:57:81:48:77:bd:8a:08:27:0b: ae:e3:8e:a2:fa:71:9e:0b:a1:fc:46:de:bd:0f:64:51:20:e7: 92:b3:76:a9:f2:a4:cd:40:bc:b1:df:68:f3:a5:1e:1d:a6:80: 1c:3b:6a:38:69:a6:08:cb:d3:71:44:cd:aa:28:34:6c:00:93: 64:4d:07:f2:25:15:f4:8a:0f:06:19:f2:b7:e3:28:c9:e3:51: 4e:09:86:85:60:6a:6a:42:39:22:09:65:63:de:b2:75:cc:0d: c7:f7:4d:8e:c5:da:e3:10:42:bf:f8:97:69:5f:cf:cc:13:78: 48:ab:fe:c2:2d:c8:83:e5:8f:cf:35:98:9f:35:4d:0e:78:e5: 3b:40:a7:d5:ef:40:04:c0:56:0a:50:fb:b5:a9:34:78:de:7a: 59:c4:e9:c0:8e:1f:5d:93:dc:9f:7d:ce:c2:44:31:3c:c3:4c: a1:54:54:55:98:ae:b6:54:b8:d7:3f:d8:c4:18:48:dd:46:22: a0:5f:17:0d:ef:78:0a:a6:07:b8:06:69:25:6a:67:4d:6e:a2: d2:e2:f5:16:5d:25:e7:83:26:01:74:f0:b1:65:15:d2:e6:ca: 4a:23:b1:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5RmDQTv6d4uLABo4xe+22MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYTAxNzFhMDJkNWU0YTc1ZmI0MDYzNTU0NWFlMDA2NGM4 Y2NjYWQwHhcNMjUxMjIwMDEwMTEyWhcNMjUxMjIxMDEwMTEyWjAzMTEwLwYDVQQD EygwZGQ4YjUxYzlkYjVhNzdiMzY1NzU3Y2RlYTk4ODRhNWZjOGQxYzFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a3Til5A1UdYYXWqjiMzc2FkOxTD AUcYwSJz6TzJhByaKUqgKjWXAwc7Ne4h9JA2Bqav8TIT6UXc1nlxH2HzDtZwu+fU 0FrZp8Rc9CL0+u8bAx+PYv3yhVT7BWdOO0vFtDdt0VvPHXGSB4NNu76V2smGTDtx pOyXzbAz/Q4RjOi/zhuWCTFjrPudVuy9hY5sng0Om7GJyHx3b+bsiSj+B+v38vPW D6hTIBKhkQ3f/WQElS/rQRwzt5O0f7n1RVtFlDpWOq2Wz6UUxP257Uz6GUEOSsDY bnVaOqm8nZU0uwm8b2/gusqGmEJqjO80srqdGouZlwIh1HUGSLeuv8dnwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA3YtRydtad7NldXzeqYhKX8jRwbMB8GA1UdIwQY MBaAFMugFxoC1eSnX7QGNVRa4AZMjMytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTZBWEdnTFY1S2RmdEFZMVZGcmdCa3lNekswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82NTQ0MzMtZTMyMC00MmFlLWJiNjEt NTcwYjE0ODMzNTM0LzEveTZBWEdnTFY1S2RmdEFZMVZGcmdCa3lNekswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC82NTQ0MzMtZTMyMC00MmFlLWJiNjEtNTcwYjE0ODMzNTM0 LzEveTZBWEdnTFY1S2RmdEFZMVZGcmdCa3lNekswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAREYIOlzG M+vBJJQtu90R/IeH2wzVrVGnQKvhV4FId72KCCcLruOOovpxnguh/EbevQ9kUSDn krN2qfKkzUC8sd9o86UeHaaAHDtqOGmmCMvTcUTNqig0bACTZE0H8iUV9IoPBhny t+MoyeNRTgmGhWBqakI5IgllY96ydcwNx/dNjsXa4xBCv/iXaV/PzBN4SKv+wi3I g+WPzzWYnzVNDnjlO0Cn1e9ABMBWClD7tak0eN56WcTpwI4fXZPcn33OwkQxPMNM oVRUVZiutlS41z/YxBhI3UYioF8XDe94CqYHuAZpJWpnTW6i0uL1Fl0l54MmAXTw sWUV0ubKSiOxgA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:37:11 2025 by rpki-client