This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft File: Ym0k1r81OWP-WvolsKWWZxUqhtA.mft (raw, json) Hash identifier: AkXCMrYqIAuzetVE6Jq9XjvW6wFALpbwnIA070Aqoc4= Subject key identifier: E8:7A:7A:50:AE:85:68:CA:13:3A:20:06:1E:87:DF:35:EA:68:E8:D0 Authority key identifier: 62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0 Certificate issuer: /CN=626d24d6bf353963fe5afa25b0a59667152a86d0 Certificate serial: 019B3A21D9099E4727DDB9E5FD81EFDF215E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft Manifest number: 0F16 Signing time: Sat 20 Dec 2025 05:00:55 +0000 Manifest this update: Sat 20 Dec 2025 05:00:55 +0000 Manifest next update: Sun 21 Dec 2025 05:00:55 +0000 Files and hashes: 1: XsLpmpu2xvBP4JjcplMw-4A56mY.roa (hash: zDQ4NxbIV24C02r59jK+8GO4r9TIoUq4yC6lv1rRxf0=) 2: Ym0k1r81OWP-WvolsKWWZxUqhtA.crl (hash: Op/9ACfHOy0X2+GgZeZ1VwkV1eKzSokPW53uR+T5BTk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:21:d9:09:9e:47:27:dd:b9:e5:fd:81:ef:df:21:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626d24d6bf353963fe5afa25b0a59667152a86d0 Validity Not Before: Dec 20 05:00:55 2025 GMT Not After : Dec 21 05:00:55 2025 GMT Subject: CN=e87a7a50ae8568ca133a20061e87df35ea68e8d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e7:d3:7f:a4:5a:c6:0e:7c:a0:93:85:69:d2: 82:79:89:83:ec:df:2f:e8:85:b9:cc:03:ea:11:65: 13:9a:82:50:28:e5:be:a1:8f:36:06:e2:02:6f:ee: 44:a3:1b:4d:73:6d:aa:b8:03:52:36:d3:3a:ba:30: c3:e3:18:dc:ec:44:6f:53:10:c9:f8:9d:e9:1f:6c: 6a:40:d6:3f:9b:09:50:4c:24:c2:4c:fd:30:12:48: ed:bf:98:c4:29:3e:71:f0:f0:fa:7c:cd:0c:93:72: 0a:d7:b0:6c:3c:83:45:0a:f1:0f:57:ac:49:6e:5c: b3:3b:8f:27:2b:48:e7:09:44:d9:f7:8e:fb:ad:08: 39:8e:24:f5:ea:6d:2c:6a:48:68:9d:00:16:e6:a3: 4d:88:78:a7:03:46:7b:d5:eb:a5:78:30:c6:0b:ff: 23:17:db:a4:d1:e4:57:7f:0f:57:37:d3:b6:f7:7e: 64:66:2b:db:f7:0f:1a:d2:ee:cf:e0:d8:e8:12:a1: 7b:e8:35:8b:e8:76:f0:b8:99:67:8f:72:ce:fd:d0: 68:b9:e8:b1:3f:bc:c3:62:44:f1:5a:2e:13:91:19: 31:88:92:2b:52:6f:9e:c0:d9:dd:08:a8:31:30:10: ba:d4:c4:d6:c6:af:43:66:4d:c0:56:a6:52:18:25: 9d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:7A:7A:50:AE:85:68:CA:13:3A:20:06:1E:87:DF:35:EA:68:E8:D0 X509v3 Authority Key Identifier: keyid:62:6D:24:D6:BF:35:39:63:FE:5A:FA:25:B0:A5:96:67:15:2A:86:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ym0k1r81OWP-WvolsKWWZxUqhtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/63432a-e5d9-46e2-9c01-ac809bbae737/1/Ym0k1r81OWP-WvolsKWWZxUqhtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:fa:b7:cb:d3:e9:e1:b1:f2:0c:6c:7c:ef:30:e2:f7:b1:18: 46:c2:05:d7:3c:14:34:11:ca:e4:67:ad:d6:42:ec:52:66:e2: 10:09:09:5e:d9:79:56:d1:0b:cc:4b:6d:ab:40:f3:09:c5:59: 22:fb:a9:7b:4a:22:99:f0:21:41:f9:28:7e:41:b5:08:d4:c0: 34:9b:fa:9c:81:d2:77:d1:48:3a:4c:7d:4a:bb:d7:63:b5:fb: 09:18:07:5a:25:f5:9f:b0:58:41:12:a2:40:f7:d0:0f:f3:6b: d0:cf:55:91:c8:d4:18:6e:03:0a:21:ed:48:c5:d9:e3:c5:99: 41:e0:c9:21:32:76:25:04:78:fe:c8:3d:34:ec:9b:5f:35:75: b8:34:d0:b5:61:e9:9e:32:5f:03:ce:58:1a:2a:de:45:14:8c: 65:9c:07:ab:8d:19:c7:61:05:43:78:04:fc:a4:bf:34:58:6d: 53:e1:78:a8:65:f9:cc:ce:39:4b:dc:02:81:5e:76:31:1a:fb: ac:02:04:65:64:5d:ea:72:34:3c:4e:72:54:24:04:3b:9d:9c: 75:55:5d:2f:ec:7e:6d:97:95:0a:47:74:f6:3f:c7:20:40:6c: 80:39:78:ea:57:54:36:c1:0a:94:91:9a:e1:34:a1:d0:4f:85: bc:98:71:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6IdkJnkcn3bnl/YHv3yFeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmQyNGQ2YmYzNTM5NjNmZTVhZmEyNWIwYTU5NjY3MTUy YTg2ZDAwHhcNMjUxMjIwMDUwMDU1WhcNMjUxMjIxMDUwMDU1WjAzMTEwLwYDVQQD EyhlODdhN2E1MGFlODU2OGNhMTMzYTIwMDYxZTg3ZGYzNWVhNjhlOGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+fTf6Raxg58oJOFadKCeYmD7N8v 6IW5zAPqEWUTmoJQKOW+oY82BuICb+5EoxtNc22quANSNtM6ujDD4xjc7ERvUxDJ +J3pH2xqQNY/mwlQTCTCTP0wEkjtv5jEKT5x8PD6fM0Mk3IK17BsPINFCvEPV6xJ blyzO48nK0jnCUTZ9477rQg5jiT16m0sakhonQAW5qNNiHinA0Z71euleDDGC/8j F9uk0eRXfw9XN9O2935kZivb9w8a0u7P4NjoEqF76DWL6HbwuJlnj3LO/dBoueix P7zDYkTxWi4TkRkxiJIrUm+ewNndCKgxMBC61MTWxq9DZk3AVqZSGCWdPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOh6elCuhWjKEzogBh6H3zXqaOjQMB8GA1UdIwQY MBaAFGJtJNa/NTlj/lr6JbCllmcVKobQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEt YWM4MDliYmFlNzM3LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC82MzQzMmEtZTVkOS00NmUyLTljMDEtYWM4MDliYmFlNzM3 LzEvWW0wazFyODFPV1AtV3ZvbHNLV1daeFVxaHRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALfq3y9Pp 4bHyDGx87zDi97EYRsIF1zwUNBHK5Get1kLsUmbiEAkJXtl5VtELzEttq0DzCcVZ Ivupe0oimfAhQfkofkG1CNTANJv6nIHSd9FIOkx9SrvXY7X7CRgHWiX1n7BYQRKi QPfQD/Nr0M9VkcjUGG4DCiHtSMXZ48WZQeDJITJ2JQR4/sg9NOybXzV1uDTQtWHp njJfA85YGireRRSMZZwHq40Zx2EFQ3gE/KS/NFhtU+F4qGX5zM45S9wCgV52MRr7 rAIEZWRd6nI0PE5yVCQEO52cdVVdL+x+bZeVCkd09j/HIEBsgDl46ldUNsEKlJGa 4TSh0E+FvJhxpg== -----END CERTIFICATE-----Generated at Sat Dec 20 07:40:00 2025 by rpki-client