This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.mft File: ryto8Mg63Zo6O4arJPuRCpYCYsY.mft (raw, json) Hash identifier: 61hMVbYW7gnUVsQr/t1CotFAtYv8denMo1fx9MA811c= Subject key identifier: 36:32:0E:BF:60:3A:33:BF:CF:EB:CF:E6:92:36:FE:29:48:06:C1:E3 Authority key identifier: AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6 Certificate issuer: /CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6 Certificate serial: 019B39B3B129D467F1FEA1659440B7764B34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.mft Manifest number: 12F8 Signing time: Sat 20 Dec 2025 03:00:36 +0000 Manifest this update: Sat 20 Dec 2025 03:00:36 +0000 Manifest next update: Sun 21 Dec 2025 03:00:36 +0000 Files and hashes: 1: oS-zf8LykP6dfOwgBh2b6irIbAA.roa (hash: es5RiKPg30TZ9v6YIMiSfrSdGJ7vWC4nZhRx1zHM27Q=) 2: ryto8Mg63Zo6O4arJPuRCpYCYsY.crl (hash: OOMPRTj6UETRqIvfFOdEtIgm/96gkjQiReJNNTH9sM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.mft rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 03:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b3:b1:29:d4:67:f1:fe:a1:65:94:40:b7:76:4b:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af2b68f0c83add9a3a3b86ab24fb910a960262c6 Validity Not Before: Dec 20 03:00:36 2025 GMT Not After : Dec 21 03:00:36 2025 GMT Subject: CN=36320ebf603a33bfcfebcfe69236fe294806c1e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:61:43:1f:6f:8a:5f:a1:c1:a7:ae:f8:ac:ea: df:33:48:63:a6:4b:49:b2:55:47:db:40:be:a7:4b: 84:72:6a:fc:1f:d8:fc:e1:99:b9:34:e3:9b:8a:5f: 65:97:58:82:06:4c:3b:1c:33:32:19:d1:2b:6f:43: 93:14:9b:d7:b9:50:5e:84:2b:96:cd:26:97:6f:cf: c5:14:29:f4:fb:fa:e7:bc:dd:e6:8a:77:21:a2:a2: 98:03:bc:f4:7f:a6:39:55:cb:ce:d8:84:59:c1:58: e0:85:0f:e4:45:5b:18:4f:e4:94:ad:3a:37:f9:be: c8:f7:79:90:33:b0:83:36:9e:a1:72:9c:38:db:47: d5:27:84:12:cd:7e:99:2f:99:67:68:93:a2:a2:eb: c1:87:96:7d:88:09:c8:41:01:e5:fe:dd:a5:1e:83: 5c:4a:47:2e:70:83:f8:8d:bd:c1:58:c1:24:14:90: 02:d9:94:60:43:79:2a:05:be:4d:8d:63:17:f6:ba: 24:c2:ed:3f:4d:b9:c5:17:80:29:60:ba:de:d7:ef: 19:4e:7b:41:8e:63:e7:eb:5e:80:34:c7:7a:cf:28: 4b:be:f8:6c:84:6c:6b:17:48:e4:5e:36:3a:58:20: d1:e7:f9:05:aa:70:df:b3:50:e2:54:1c:f2:43:d2: 95:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:32:0E:BF:60:3A:33:BF:CF:EB:CF:E6:92:36:FE:29:48:06:C1:E3 X509v3 Authority Key Identifier: keyid:AF:2B:68:F0:C8:3A:DD:9A:3A:3B:86:AB:24:FB:91:0A:96:02:62:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryto8Mg63Zo6O4arJPuRCpYCYsY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/793e00-0c53-49c4-a51b-eda316a2afb8/1/ryto8Mg63Zo6O4arJPuRCpYCYsY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:13:bb:08:9e:37:72:9d:f8:15:2d:56:32:53:d2:6e:d3:92: 13:07:c0:c9:98:87:60:57:76:18:c6:80:2f:dc:1f:5f:f6:5e: 29:f9:e9:a5:a5:7e:d1:81:c1:bf:77:30:c7:7e:21:9f:1d:50: 93:8d:2e:31:16:d4:15:ba:b5:00:87:d4:50:ac:01:07:52:b0: bf:38:ba:f6:a2:38:f7:b9:e3:a2:b6:13:e7:b1:f6:d2:98:67: a6:b5:90:98:67:59:16:38:d9:e8:e3:98:0f:cd:a3:12:5e:4d: 61:df:92:3a:88:9f:49:27:c1:58:72:c5:fe:19:9b:09:87:8f: 4d:a8:4a:ed:b5:1b:a6:4c:fd:9c:02:f1:19:32:d5:09:52:08: bb:9e:fb:2a:31:3d:eb:e2:7b:f5:ce:05:e4:70:9b:2c:05:7e: 97:ab:19:41:10:61:be:eb:eb:14:d8:0f:81:d9:25:3c:9c:3e: 32:6d:a2:ed:c9:18:f0:d5:3d:64:f4:7f:ad:d2:fd:5d:f3:f0: f3:52:1e:c1:f4:be:5e:c5:d9:5d:f5:ea:86:90:f5:57:65:3e: dd:1f:f8:93:12:85:4d:df:58:b5:c4:37:41:8f:3d:2b:26:48: fa:20:6e:3d:4c:1b:b2:fb:d3:32:42:31:2d:bc:dd:32:d2:05: bb:52:52:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5s7Ep1Gfx/qFllEC3dks0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMmI2OGYwYzgzYWRkOWEzYTNiODZhYjI0ZmI5MTBhOTYw MjYyYzYwHhcNMjUxMjIwMDMwMDM2WhcNMjUxMjIxMDMwMDM2WjAzMTEwLwYDVQQD EygzNjMyMGViZjYwM2EzM2JmY2ZlYmNmZTY5MjM2ZmUyOTQ4MDZjMWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2FDH2+KX6HBp674rOrfM0hjpktJ slVH20C+p0uEcmr8H9j84Zm5NOObil9ll1iCBkw7HDMyGdErb0OTFJvXuVBehCuW zSaXb8/FFCn0+/rnvN3minchoqKYA7z0f6Y5VcvO2IRZwVjghQ/kRVsYT+SUrTo3 +b7I93mQM7CDNp6hcpw420fVJ4QSzX6ZL5lnaJOiouvBh5Z9iAnIQQHl/t2lHoNc SkcucIP4jb3BWMEkFJAC2ZRgQ3kqBb5NjWMX9rokwu0/TbnFF4ApYLre1+8ZTntB jmPn616ANMd6zyhLvvhshGxrF0jkXjY6WCDR5/kFqnDfs1DiVBzyQ9KVMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDYyDr9gOjO/z+vP5pI2/ilIBsHjMB8GA1UdIwQY MBaAFK8raPDIOt2aOjuGqyT7kQqWAmLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWIt ZWRhMzE2YTJhZmI4LzEvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy83OTNlMDAtMGM1My00OWM0LWE1MWItZWRhMzE2YTJhZmI4 LzEvcnl0bzhNZzYzWm82TzRhckpQdVJDcFlDWXNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBO7CJ43 cp34FS1WMlPSbtOSEwfAyZiHYFd2GMaAL9wfX/ZeKfnppaV+0YHBv3cwx34hnx1Q k40uMRbUFbq1AIfUUKwBB1Kwvzi69qI497njorYT57H20phnprWQmGdZFjjZ6OOY D82jEl5NYd+SOoifSSfBWHLF/hmbCYePTahK7bUbpkz9nALxGTLVCVIIu577KjE9 6+J79c4F5HCbLAV+l6sZQRBhvuvrFNgPgdklPJw+Mm2i7ckY8NU9ZPR/rdL9XfPw 81IewfS+XsXZXfXqhpD1V2U+3R/4kxKFTd9YtcQ3QY89KyZI+iBuPUwbsvvTMkIx LbzdMtIFu1JS/Q== -----END CERTIFICATE-----Generated at Sat Dec 20 12:25:53 2025 by rpki-client