This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json) Hash identifier: AY3ONjVRkjek1zx8JaOcFY/9yfQ+FjNSfugZu+ocDUs= Subject key identifier: 76:B0:57:2D:43:50:09:E9:ED:31:70:48:1F:91:6C:43:C7:A1:AB:A5 Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5 Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5 Certificate serial: 019AF051AB6A19CB86F96603644C6F5F4EAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft Manifest number: 0989 Signing time: Fri 05 Dec 2025 21:01:14 +0000 Manifest this update: Fri 05 Dec 2025 21:01:14 +0000 Manifest next update: Sat 06 Dec 2025 21:01:14 +0000 Files and hashes: 1: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: MUpjwYumU0hJNQrmiqaowUk+/F/Qan27ldxaQ9oGFUE=) 2: S3dIMaIh62_y7HmBxhlxOM_ScHc.roa (hash: wYfLcBDYpc1piz/XiUHEld94m4pY4RAv7rF1GCt4/I0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:ab:6a:19:cb:86:f9:66:03:64:4c:6f:5f:4e:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5 Validity Not Before: Dec 5 21:01:14 2025 GMT Not After : Dec 6 21:01:14 2025 GMT Subject: CN=76b0572d435009e9ed3170481f916c43c7a1aba5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a3:a1:b5:1e:ed:0c:14:3c:8a:eb:0b:a6:aa: 42:22:a6:99:c6:64:d4:1c:a3:7d:89:1f:bb:58:e2: ad:fc:83:0b:7c:ec:f2:a2:fe:74:43:44:24:c2:79: fd:3d:b9:1a:d2:9c:ac:53:1a:3d:8b:3c:31:0b:61: 6e:13:34:7f:89:08:46:16:30:e0:ec:d3:e4:46:18: 21:f3:ba:bf:aa:86:cc:1c:42:2d:88:d8:62:d1:43: 7a:25:d5:18:98:ff:fe:5b:09:56:ea:06:ed:77:de: da:3c:ed:dc:a2:0c:e6:b6:bd:cf:59:9f:6e:b7:74: 44:e8:2a:72:6c:17:ef:cf:80:60:fb:86:cb:a0:10: e1:4d:7c:c5:64:e0:f2:4e:17:b0:04:42:27:85:f8: 97:7c:78:d0:8c:de:42:b3:a2:10:c6:6a:9d:ad:a2: fd:29:93:b6:14:3b:e3:7e:b6:28:4d:84:d7:39:b7: 19:00:8a:4e:59:36:1e:fe:fb:04:33:7a:f6:80:cc: 4c:8d:be:73:4a:07:99:0b:6f:dc:59:8b:f9:06:19: 25:c9:09:7a:46:98:b9:97:ee:bc:ff:3a:df:4d:c5: 3c:5d:50:1d:33:f6:8b:3a:31:a3:f4:0f:be:5b:f8: e9:85:8e:fe:9d:85:b8:86:07:8f:30:59:d8:88:98: a0:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:B0:57:2D:43:50:09:E9:ED:31:70:48:1F:91:6C:43:C7:A1:AB:A5 X509v3 Authority Key Identifier: keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:81:8b:f4:2a:3b:0d:35:02:09:1a:c7:12:c0:ca:6b:4a:22: d7:0d:3e:c1:8c:79:19:14:35:e5:7b:28:03:bc:22:74:d8:ab: 4f:32:df:25:40:9f:23:69:66:3c:36:13:31:c3:64:b3:3c:a1: 83:d2:f6:38:46:c8:38:21:ec:c5:c4:06:48:0c:5e:61:92:e8: 11:55:a5:9b:c8:d0:75:ff:fa:50:de:11:47:eb:70:89:45:11: 45:e6:a6:12:54:89:24:4c:5c:7e:5d:24:a6:cf:05:70:8a:91: bc:b9:ff:11:c1:d6:a2:06:ba:88:d6:e7:51:8f:8b:83:ea:53: a3:86:93:ff:97:8c:6a:18:aa:9d:6e:28:9b:fb:bc:27:32:53: 31:94:24:9b:70:29:e9:0d:9d:27:fc:ef:c7:27:55:69:1c:8c: 32:69:f3:81:19:b0:f1:f0:56:93:29:8a:14:58:35:bc:16:71: 44:1a:9f:1d:29:0d:17:0c:49:d6:ff:ab:1c:64:d7:1e:36:80: 9f:f7:db:80:71:fa:69:34:46:22:9e:63:93:e4:f8:19:40:ad: fa:2f:89:30:8d:34:40:ea:d7:4a:5c:77:3f:6b:02:53:c5:ab: 4e:4f:c1:83:78:24:50:5b:7b:9f:b5:1c:42:be:96:29:2e:9f: ea:84:13:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUatqGcuG+WYDZExvX06rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0 OTNkZDUwHhcNMjUxMjA1MjEwMTE0WhcNMjUxMjA2MjEwMTE0WjAzMTEwLwYDVQQD Eyg3NmIwNTcyZDQzNTAwOWU5ZWQzMTcwNDgxZjkxNmM0M2M3YTFhYmE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqOhtR7tDBQ8iusLpqpCIqaZxmTU HKN9iR+7WOKt/IMLfOzyov50Q0Qkwnn9Pbka0pysUxo9izwxC2FuEzR/iQhGFjDg 7NPkRhgh87q/qobMHEItiNhi0UN6JdUYmP/+WwlW6gbtd97aPO3cogzmtr3PWZ9u t3RE6CpybBfvz4Bg+4bLoBDhTXzFZODyThewBEInhfiXfHjQjN5Cs6IQxmqdraL9 KZO2FDvjfrYoTYTXObcZAIpOWTYe/vsEM3r2gMxMjb5zSgeZC2/cWYv5BhklyQl6 Rpi5l+68/zrfTcU8XVAdM/aLOjGj9A++W/jphY7+nYW4hgePMFnYiJigUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHawVy1DUAnp7TFwSB+RbEPHoaulMB8GA1UdIwQY MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4 LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYGL9Co7 DTUCCRrHEsDKa0oi1w0+wYx5GRQ15XsoA7widNirTzLfJUCfI2lmPDYTMcNkszyh g9L2OEbIOCHsxcQGSAxeYZLoEVWlm8jQdf/6UN4RR+twiUURReamElSJJExcfl0k ps8FcIqRvLn/EcHWoga6iNbnUY+Lg+pTo4aT/5eMahiqnW4om/u8JzJTMZQkm3Ap 6Q2dJ/zvxydVaRyMMmnzgRmw8fBWkymKFFg1vBZxRBqfHSkNFwxJ1v+rHGTXHjaA n/fbgHH6aTRGIp5jk+T4GUCt+i+JMI00QOrXSlx3P2sCU8WrTk/Bg3gkUFt7n7Uc Qr6WKS6f6oQT1g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:20 2025 by rpki-client