This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.mft File: YdOLN5gKDfrpz5osW1at6X-vUC4.mft (raw, json) Hash identifier: DpW6yir+9F0oiwLWciuH0cCa/Xlb2ySoaD+6uJxEcac= Subject key identifier: 4A:C8:1C:F8:FB:A9:52:29:5B:F2:DC:86:65:0B:7E:62:47:E1:04:83 Authority key identifier: 61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E Certificate issuer: /CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e Certificate serial: 019B1D98C76EB58D00EA2CAE1FCFE030B975 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.mft Manifest number: 0C03 Signing time: Sun 14 Dec 2025 16:01:50 +0000 Manifest this update: Sun 14 Dec 2025 16:01:50 +0000 Manifest next update: Mon 15 Dec 2025 16:01:50 +0000 Files and hashes: 1: C_VxgsrOTNHfcbo19nO36kuNZTY.roa (hash: elP/uo536peeHFglZZfLB7X6uPEm9F3vZkqB1C65yyw=) 2: YdOLN5gKDfrpz5osW1at6X-vUC4.crl (hash: ybQop4YNHMP3F02LYAAdNlwefD/9ZwBk/3X3lkw+Nb8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.mft rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:98:c7:6e:b5:8d:00:ea:2c:ae:1f:cf:e0:30:b9:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e Validity Not Before: Dec 14 16:01:50 2025 GMT Not After : Dec 15 16:01:50 2025 GMT Subject: CN=4ac81cf8fba952295bf2dc86650b7e6247e10483 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ec:00:1f:3d:c4:ca:38:88:79:a4:6e:66:8b: cc:5c:05:af:b4:07:39:67:b7:92:b2:b5:6b:87:46: 48:c7:b7:a0:86:d7:ef:05:93:d1:e3:2a:d2:0d:e5: 02:d8:ef:0e:95:a4:d6:56:a7:9e:e8:cb:1e:fd:b7: ec:09:95:96:52:5f:c6:49:78:1f:db:6f:ba:19:6e: cb:33:51:b2:46:67:e4:9e:1c:cc:c8:1e:a3:d1:d7: 67:7c:1a:d8:34:6d:75:ca:b5:c3:c9:8e:e6:54:ab: ae:58:1e:4d:1a:12:18:b8:01:a7:98:74:11:21:71: cc:74:d1:ee:d7:18:02:76:4d:ca:7d:11:6e:91:b4: 76:61:47:6d:b5:c9:27:fc:9a:57:07:71:2d:6b:16: c7:35:14:cc:13:8a:f4:50:96:f6:9d:41:d7:01:91: 87:37:54:5b:fd:c5:93:e3:76:7f:43:74:9e:db:47: 0f:06:b1:f3:34:57:27:96:d6:2a:5f:da:d8:b5:06: a5:ce:82:de:78:22:02:3e:d4:5e:91:a2:42:2f:6d: c9:2a:8a:00:6c:63:84:3f:a8:ce:2a:8e:c1:a2:a2: 8f:53:52:bb:dd:3a:39:59:0a:3b:1e:d1:d8:5b:42: 2f:6a:d0:4e:f7:5c:1c:2e:f2:81:33:67:93:46:ad: 5e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:C8:1C:F8:FB:A9:52:29:5B:F2:DC:86:65:0B:7E:62:47:E1:04:83 X509v3 Authority Key Identifier: keyid:61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:a9:38:92:af:33:f5:1b:fe:59:53:92:bc:2c:e8:e8:3f:32: 91:d0:77:9d:bb:90:57:cb:c7:b2:58:d9:10:73:d2:85:da:2f: 9c:8e:9d:1b:d4:d8:ef:26:2f:7b:a5:56:61:7c:9d:a2:82:6a: 7d:8d:88:3f:4b:8d:b9:b6:59:ad:bd:b2:fd:d2:f1:72:e7:17: 32:60:70:a4:52:f2:88:a0:6f:27:d0:54:ad:e7:22:f7:d2:0c: d2:d9:38:69:20:21:83:bf:1e:9c:e4:fa:a9:eb:09:84:84:6a: 33:10:b0:74:a5:36:f3:13:87:4a:0f:cc:61:da:28:08:ca:23: 09:87:0e:e4:fe:a7:fb:43:a8:b4:51:3d:53:8e:ab:37:01:df: d5:36:74:84:fb:4b:c6:02:d1:8a:09:11:82:66:a1:e8:93:85: 85:07:34:72:e3:63:63:88:c9:f1:3e:f0:14:e5:7e:e8:e2:3a: d3:a4:d0:e8:94:a5:67:d8:3d:03:03:f3:e2:1a:ec:5a:56:cc: db:8a:65:4c:05:73:91:a5:6e:21:ee:ba:6b:98:81:64:d4:e1: 35:4d:18:8d:4b:6f:44:c1:2e:3f:3d:d2:09:cf:76:39:ec:6f: 81:e2:8d:7b:63:41:77:3b:2b:f2:0c:34:0e:b5:5c:3f:aa:dc: 23:db:4a:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsdmMdutY0A6iyuH8/gMLl1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxZDM4YjM3OTgwYTBkZmFlOWNmOWEyYzViNTZhZGU5N2Zh ZjUwMmUwHhcNMjUxMjE0MTYwMTUwWhcNMjUxMjE1MTYwMTUwWjAzMTEwLwYDVQQD Eyg0YWM4MWNmOGZiYTk1MjI5NWJmMmRjODY2NTBiN2U2MjQ3ZTEwNDgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuewAHz3EyjiIeaRuZovMXAWvtAc5 Z7eSsrVrh0ZIx7eghtfvBZPR4yrSDeUC2O8OlaTWVqee6Mse/bfsCZWWUl/GSXgf 22+6GW7LM1GyRmfknhzMyB6j0ddnfBrYNG11yrXDyY7mVKuuWB5NGhIYuAGnmHQR IXHMdNHu1xgCdk3KfRFukbR2YUdttckn/JpXB3EtaxbHNRTME4r0UJb2nUHXAZGH N1Rb/cWT43Z/Q3Se20cPBrHzNFcnltYqX9rYtQalzoLeeCICPtRekaJCL23JKooA bGOEP6jOKo7BoqKPU1K73To5WQo7HtHYW0IvatBO91wcLvKBM2eTRq1eyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFErIHPj7qVIpW/LchmULfmJH4QSDMB8GA1UdIwQY MBaAFGHTizeYCg366c+aLFtWrel/r1AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODct N2Q0NDhiMzk2Nzc2LzEvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODctN2Q0NDhiMzk2Nzc2 LzEvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqk4kq8z 9Rv+WVOSvCzo6D8ykdB3nbuQV8vHsljZEHPShdovnI6dG9TY7yYve6VWYXydooJq fY2IP0uNubZZrb2y/dLxcucXMmBwpFLyiKBvJ9BUreci99IM0tk4aSAhg78enOT6 qesJhIRqMxCwdKU28xOHSg/MYdooCMojCYcO5P6n+0OotFE9U46rNwHf1TZ0hPtL xgLRigkRgmah6JOFhQc0cuNjY4jJ8T7wFOV+6OI606TQ6JSlZ9g9AwPz4hrsWlbM 24plTAVzkaVuIe66a5iBZNThNU0YjUtvRMEuPz3SCc92OexvgeKNe2NBdzsr8gw0 DrVcP6rcI9tK2w== -----END CERTIFICATE-----Generated at Sun Dec 14 22:56:23 2025 by rpki-client