This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft File: 20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json) Hash identifier: jxlsmaI6jTTzJlz0d/mmIRWnavJzrfmi9yF3r0ETlAs= Subject key identifier: 23:3D:6D:F9:E1:67:BD:1F:4A:E7:71:BD:F3:81:C1:40:54:AD:51:5C Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 Certificate issuer: /CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Certificate serial: 019AF1D188CF8684E7A482DE38A29B7F982C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 04:00:32 +0000 Manifest this update: Sat 06 Dec 2025 04:00:32 +0000 Manifest next update: Sun 07 Dec 2025 04:00:32 +0000 Files and hashes: 1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: tzyKViZ3oJdBoDRNWqJsQwWZck8Dd60Cl8B8H+9Kysw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:88:cf:86:84:e7:a4:82:de:38:a2:9b:7f:98:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Validity Not Before: Dec 6 04:00:32 2025 GMT Not After : Dec 7 04:00:32 2025 GMT Subject: CN=233d6df9e167bd1f4ae771bdf381c14054ad515c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6f:f4:23:23:e9:44:1b:31:81:b7:23:92:59: 42:3a:1f:86:1f:18:79:b2:56:3a:20:23:36:81:e4: 31:69:d7:ca:56:15:8b:67:f5:5b:c0:00:ba:96:36: 71:3e:16:cc:32:34:36:8b:a1:09:89:82:93:9a:96: 53:90:5b:64:a7:21:c3:43:21:17:af:8c:42:69:9d: a7:cc:18:7e:72:9d:df:db:65:6e:cd:74:c8:45:3c: e9:4f:30:04:8c:49:58:c4:9c:cf:ea:64:a6:b8:7f: 92:88:34:93:5c:55:4e:13:0f:ce:ef:f6:b7:81:8c: 2d:9d:95:4c:fc:95:09:df:8c:0a:c9:cd:e6:50:04: b6:46:fa:fd:05:6a:41:ff:f9:1e:29:77:67:b2:ed: c8:4c:f2:f4:5d:d7:93:ca:e3:12:fb:2a:06:68:dd: bc:dc:41:fe:37:13:b3:43:87:da:1d:d5:70:74:9b: f5:6d:4f:f3:7a:c9:b3:78:76:4d:71:3b:89:36:e8: 8e:b9:55:73:53:04:e9:44:34:6a:0e:22:90:ff:9d: 5a:b8:fd:5a:84:6a:21:9b:46:32:eb:0a:01:06:a2: 9a:f4:94:8c:a3:d2:66:3e:b6:80:55:3a:c4:c8:52: b4:f6:46:1e:03:0a:b3:bc:1f:f4:df:61:3c:9b:51: b5:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:3D:6D:F9:E1:67:BD:1F:4A:E7:71:BD:F3:81:C1:40:54:AD:51:5C X509v3 Authority Key Identifier: keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:05:30:d6:26:05:6b:57:78:c8:c9:87:03:83:7a:df:e9:ed: f4:34:8f:5d:c4:a0:e0:7c:a1:27:42:18:91:d6:18:bf:6e:52: 93:9a:aa:c4:4c:16:e0:47:6b:55:80:8e:f1:43:c6:87:d7:e2: 37:a3:19:1a:fd:b6:94:39:eb:48:fc:d2:46:be:30:d1:16:80: e3:cb:22:e9:b2:99:e5:09:17:9d:96:55:18:5a:d2:f3:b9:15: 93:7e:c7:43:f6:aa:4b:20:5d:01:97:79:1d:7b:fe:18:fd:35: 73:14:5e:53:17:de:c9:0b:7b:84:f3:a3:bd:48:f5:80:60:b7: 4a:96:f6:65:4a:83:04:e3:ec:64:8c:a6:a8:a6:91:7a:9e:8a: a8:c1:80:3a:46:8c:91:de:bf:b2:14:2e:cd:41:22:cd:e3:7d: 83:1f:73:4b:97:fc:5d:51:0a:5c:0d:76:dd:2e:98:6d:6e:50: fd:c4:90:47:41:73:c5:15:fb:43:d6:2e:97:0d:ed:f1:2d:89: 6a:f2:04:f1:bd:77:16:4a:43:25:8f:dd:82:fe:59:05:fd:01: 0f:75:fa:65:d0:f1:3e:65:44:91:1f:cd:3d:d3:ce:77:02:71: d7:f1:95:a7:f0:28:77:16:ea:7b:8e:57:a8:88:75:34:3e:07: 81:a7:75:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0YjPhoTnpILeOKKbf5gsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4 Yjc4NTIwHhcNMjUxMjA2MDQwMDMyWhcNMjUxMjA3MDQwMDMyWjAzMTEwLwYDVQQD EygyMzNkNmRmOWUxNjdiZDFmNGFlNzcxYmRmMzgxYzE0MDU0YWQ1MTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom/0IyPpRBsxgbcjkllCOh+GHxh5 slY6ICM2geQxadfKVhWLZ/VbwAC6ljZxPhbMMjQ2i6EJiYKTmpZTkFtkpyHDQyEX r4xCaZ2nzBh+cp3f22VuzXTIRTzpTzAEjElYxJzP6mSmuH+SiDSTXFVOEw/O7/a3 gYwtnZVM/JUJ34wKyc3mUAS2Rvr9BWpB//keKXdnsu3ITPL0XdeTyuMS+yoGaN28 3EH+NxOzQ4faHdVwdJv1bU/zesmzeHZNcTuJNuiOuVVzUwTpRDRqDiKQ/51auP1a hGohm0Yy6woBBqKa9JSMo9JmPraAVTrEyFK09kYeAwqzvB/032E8m1G1AwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCM9bfnhZ70fSudxvfOBwUBUrVFcMB8GA1UdIwQY MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3 LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgUw1iYF a1d4yMmHA4N63+nt9DSPXcSg4HyhJ0IYkdYYv25Sk5qqxEwW4EdrVYCO8UPGh9fi N6MZGv22lDnrSPzSRr4w0RaA48si6bKZ5QkXnZZVGFrS87kVk37HQ/aqSyBdAZd5 HXv+GP01cxReUxfeyQt7hPOjvUj1gGC3Spb2ZUqDBOPsZIymqKaRep6KqMGAOkaM kd6/shQuzUEizeN9gx9zS5f8XVEKXA123S6YbW5Q/cSQR0FzxRX7Q9Yulw3t8S2J avIE8b13FkpDJY/dgv5ZBf0BD3X6ZdDxPmVEkR/NPdPOdwJx1/GVp/Aodxbqe45X qIh1ND4Hgad1kQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:19:12 2025 by rpki-client