This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft File: 20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json) Hash identifier: pePv/yYpCpzIyQStqMY3+kVnv9n+2WgMR8kQSo5bOVE= Subject key identifier: 70:63:5D:A0:5E:A6:AC:BF:7D:52:35:C2:70:74:F3:3B:AF:79:B4:FA Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 Certificate issuer: /CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Certificate serial: 019B2F9E3DF777A039B85149CD2AD8DDDEBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft Manifest number: 177D Signing time: Thu 18 Dec 2025 04:00:58 +0000 Manifest this update: Thu 18 Dec 2025 04:00:58 +0000 Manifest next update: Fri 19 Dec 2025 04:00:58 +0000 Files and hashes: 1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: AqQ7AKxVO9RzFqDdI0YT7lq5NUU2rWyFGLEHN6Qc5z0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:3d:f7:77:a0:39:b8:51:49:cd:2a:d8:dd:de:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852 Validity Not Before: Dec 18 04:00:58 2025 GMT Not After : Dec 19 04:00:58 2025 GMT Subject: CN=70635da05ea6acbf7d5235c27074f33baf79b4fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5f:25:56:41:ee:d6:dc:60:a4:73:e9:cc:cb: e4:ec:82:25:88:56:82:34:75:d6:0c:53:8c:ee:31: 12:55:7d:8f:a7:8c:1f:ad:e5:a2:36:d5:3a:0f:5b: 88:9d:eb:2b:c3:cf:b7:f8:68:31:9c:2e:6b:43:15: f5:61:bf:7f:66:49:f4:9b:bc:74:b0:88:8f:a5:77: e0:7b:25:f3:e2:08:1c:ae:de:5e:1c:3b:30:a2:d2: ae:07:98:95:1b:3a:b1:ec:f1:bf:2c:44:27:3c:0c: aa:f1:6b:23:ab:45:e7:31:82:12:5f:6a:d2:23:48: 99:29:fe:1a:89:8e:31:31:4c:b9:8e:6f:96:3b:ab: 5d:08:82:ce:4e:51:8a:b7:4b:53:bd:bb:e8:7b:de: 72:7e:8e:46:09:53:bc:f0:bf:5f:63:f9:de:32:be: b6:74:3b:51:20:b0:09:4b:a8:59:6b:f1:58:57:2a: 2e:8c:4a:f2:ea:2c:49:ce:2a:52:88:1e:cc:f8:a0: ba:73:35:6c:ea:b1:31:b3:46:d8:20:36:da:e8:b6: 81:c8:86:9a:e5:2e:68:aa:11:8d:67:4f:89:d8:33: dd:d7:90:cd:42:c1:63:88:07:04:7c:7f:f9:ea:d6: 98:9e:5d:2a:d1:ca:f3:bf:b2:fe:19:f9:be:b4:85: 58:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:63:5D:A0:5E:A6:AC:BF:7D:52:35:C2:70:74:F3:3B:AF:79:B4:FA X509v3 Authority Key Identifier: keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:7c:c6:b7:89:13:be:0d:ba:c9:64:99:3b:4e:30:1e:8c:28: 7d:84:46:2e:6e:89:a1:23:75:70:bd:33:a2:88:eb:1f:95:31: e8:a8:36:7d:50:1a:90:cd:e1:43:0f:51:4a:ca:fd:8e:1d:8e: 10:8c:c0:35:86:cc:99:17:b3:1f:fc:6e:d0:29:ac:c6:2e:a2: 2f:9a:6a:64:d3:73:aa:ce:fa:c9:d9:f3:d6:9d:cb:39:06:21: 83:bf:e0:d1:fe:a1:3f:ae:4b:c0:00:fd:5f:33:af:33:db:67: 9e:90:2b:4d:83:4e:a1:d5:45:33:44:82:24:1d:5f:02:3d:07: 70:a2:65:c2:49:0c:f4:29:61:5d:90:93:5d:ee:cd:0c:a7:77: 9d:b5:8a:53:1a:a4:00:14:a7:c8:c9:ee:08:88:63:00:1e:37: 44:dd:e4:23:70:b3:58:48:85:81:5c:1f:88:d4:ff:11:82:00: 2a:2a:a8:d9:43:81:b8:65:fe:4a:f0:0e:3a:ac:e6:77:6f:aa: 6e:7c:a2:5d:44:63:a4:a3:8a:8d:9f:e9:4c:11:03:76:ab:2c: c6:42:f2:d4:85:93:4e:1b:f0:4f:3f:2c:a9:55:50:08:52:eb: ed:39:8a:03:a2:87:e3:ae:f1:2d:c5:7d:70:70:39:5f:67:d3: ed:cc:34:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnj33d6A5uFFJzSrY3d6/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4 Yjc4NTIwHhcNMjUxMjE4MDQwMDU4WhcNMjUxMjE5MDQwMDU4WjAzMTEwLwYDVQQD Eyg3MDYzNWRhMDVlYTZhY2JmN2Q1MjM1YzI3MDc0ZjMzYmFmNzliNGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl8lVkHu1txgpHPpzMvk7IIliFaC NHXWDFOM7jESVX2Pp4wfreWiNtU6D1uInesrw8+3+GgxnC5rQxX1Yb9/Zkn0m7x0 sIiPpXfgeyXz4ggcrt5eHDswotKuB5iVGzqx7PG/LEQnPAyq8Wsjq0XnMYISX2rS I0iZKf4aiY4xMUy5jm+WO6tdCILOTlGKt0tTvbvoe95yfo5GCVO88L9fY/neMr62 dDtRILAJS6hZa/FYVyoujEry6ixJzipSiB7M+KC6czVs6rExs0bYIDba6LaByIaa 5S5oqhGNZ0+J2DPd15DNQsFjiAcEfH/56taYnl0q0crzv7L+Gfm+tIVYgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHBjXaBepqy/fVI1wnB08zuvebT6MB8GA1UdIwQY MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3 LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXzGt4kT vg26yWSZO04wHowofYRGLm6JoSN1cL0zoojrH5Ux6Kg2fVAakM3hQw9RSsr9jh2O EIzANYbMmRezH/xu0Cmsxi6iL5pqZNNzqs76ydnz1p3LOQYhg7/g0f6hP65LwAD9 XzOvM9tnnpArTYNOodVFM0SCJB1fAj0HcKJlwkkM9ClhXZCTXe7NDKd3nbWKUxqk ABSnyMnuCIhjAB43RN3kI3CzWEiFgVwfiNT/EYIAKiqo2UOBuGX+SvAOOqzmd2+q bnyiXURjpKOKjZ/pTBEDdqssxkLy1IWTThvwTz8sqVVQCFLr7TmKA6KH467xLcV9 cHA5X2fT7cw0xw== -----END CERTIFICATE-----Generated at Thu Dec 18 09:58:11 2025 by rpki-client