This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft File: CYZDIBoqokoLh3o638p6iSBH2_w.mft (raw, json) Hash identifier: kiK4yI6wgJppBP8xP9W0/1iIb61t8xbRnq6txdOWCWw= Subject key identifier: 16:AC:BC:FD:CD:89:A7:DB:A9:FA:DE:96:4A:68:18:1E:D2:3B:62:BE Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc Certificate serial: 019B2BF8972DD9F0F6CDB3D878F6CF3C7119 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft Manifest number: 1399 Signing time: Wed 17 Dec 2025 11:01:10 +0000 Manifest this update: Wed 17 Dec 2025 11:01:10 +0000 Manifest next update: Thu 18 Dec 2025 11:01:10 +0000 Files and hashes: 1: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (hash: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=) 2: CYZDIBoqokoLh3o638p6iSBH2_w.crl (hash: v0z5pKBgL1PW/BRcgZ4KH4egyXzlgmgQvHHo4yce014=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:97:2d:d9:f0:f6:cd:b3:d8:78:f6:cf:3c:71:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc Validity Not Before: Dec 17 11:01:10 2025 GMT Not After : Dec 18 11:01:10 2025 GMT Subject: CN=16acbcfdcd89a7dba9fade964a68181ed23b62be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:df:cf:5d:1f:3d:8e:2d:77:0c:a3:2d:b9:79: c9:f4:47:81:37:bd:76:60:32:8f:72:d8:b0:1f:fa: e8:a9:a7:be:5c:07:06:11:ed:4f:80:db:0f:7a:4e: e9:d0:4b:e8:6e:15:e5:84:f3:3a:0c:e3:93:21:33: b3:11:a8:95:82:ba:f9:f4:7a:58:dd:38:a1:03:2a: 3d:e2:d7:35:dd:ec:12:f1:79:e5:ee:7d:2b:ee:f0: e6:ed:5e:7a:31:52:9b:ae:f5:3a:06:5b:11:34:50: d3:d0:ab:0c:ae:95:d4:40:1f:4b:c8:53:2d:5b:69: 46:96:a1:44:03:29:ce:54:a6:8c:23:7c:d6:1b:b0: 17:9f:64:fa:8c:cf:4c:63:e4:cb:9e:25:73:3f:54: 96:07:ed:1a:54:2d:0d:61:ef:d6:e9:ff:56:7f:94: 44:f2:63:d1:53:47:1b:fd:ee:6d:82:07:c4:05:7f: 83:b8:4c:c2:19:0c:b1:1f:11:5c:ab:01:1f:84:7b: 07:ba:3d:6b:9c:33:5d:ec:b9:ff:ce:40:b8:d0:c3: 45:05:09:33:43:e9:9a:3f:5c:f3:ed:d2:dd:18:0a: 79:14:5d:21:90:cc:f4:aa:99:11:db:e7:a1:96:0a: de:52:e0:1d:90:23:cf:b4:da:29:4c:4a:ab:25:b5: fc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:AC:BC:FD:CD:89:A7:DB:A9:FA:DE:96:4A:68:18:1E:D2:3B:62:BE X509v3 Authority Key Identifier: keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:41:21:cc:88:6b:db:84:3a:29:51:02:cb:d6:5e:97:11:70: 59:50:e5:74:76:b5:57:72:94:da:8c:26:92:6e:e4:02:83:30: c3:86:65:8f:30:51:26:52:5b:56:48:83:bb:8f:9c:84:f9:8e: 13:12:d6:95:3c:01:28:1a:97:1d:1b:70:6b:1d:18:d6:8b:9e: 80:b2:2c:6f:7b:13:11:86:59:f5:ad:fc:1b:74:98:b7:c9:89: 50:96:31:16:44:6d:45:76:cb:3a:66:53:57:6f:30:31:97:e2: 28:db:a4:37:b4:29:01:ac:d8:b5:59:64:64:4d:9e:6b:5b:61: 31:4d:7d:0c:8a:23:fc:8c:e7:ed:82:a6:e7:da:bb:69:04:25: 36:0c:85:70:4f:c8:f4:ca:68:71:69:47:b9:7e:2f:fe:55:a1: 05:98:11:00:fd:91:77:67:ce:3c:d5:81:ee:46:f1:06:76:0b: 0d:28:94:83:8b:97:1b:5e:be:4b:62:60:c5:82:2f:ae:f2:de: ba:a0:92:eb:57:9a:79:68:23:ce:c3:35:07:eb:a3:eb:95:5d: cf:65:56:72:5e:90:4c:ed:ee:f2:40:f6:10:9e:32:97:e7:54: c8:f8:ff:97:7e:d3:7d:36:e4:55:79:be:b9:e7:d2:a4:01:f0: 8e:ae:6d:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+Jct2fD2zbPYePbPPHEZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0 N2RiZmMwHhcNMjUxMjE3MTEwMTEwWhcNMjUxMjE4MTEwMTEwWjAzMTEwLwYDVQQD EygxNmFjYmNmZGNkODlhN2RiYTlmYWRlOTY0YTY4MTgxZWQyM2I2MmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4N/PXR89ji13DKMtuXnJ9EeBN712 YDKPctiwH/roqae+XAcGEe1PgNsPek7p0EvobhXlhPM6DOOTITOzEaiVgrr59HpY 3TihAyo94tc13ewS8Xnl7n0r7vDm7V56MVKbrvU6BlsRNFDT0KsMrpXUQB9LyFMt W2lGlqFEAynOVKaMI3zWG7AXn2T6jM9MY+TLniVzP1SWB+0aVC0NYe/W6f9Wf5RE 8mPRU0cb/e5tggfEBX+DuEzCGQyxHxFcqwEfhHsHuj1rnDNd7Ln/zkC40MNFBQkz Q+maP1zz7dLdGAp5FF0hkMz0qpkR2+ehlgreUuAdkCPPtNopTEqrJbX8TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBasvP3NiafbqfrelkpoGB7SO2K+MB8GA1UdIwQY MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt NzhiZmQyNGNmMTA3LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3 LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkEhzIhr 24Q6KVECy9ZelxFwWVDldHa1V3KU2owmkm7kAoMww4ZljzBRJlJbVkiDu4+chPmO ExLWlTwBKBqXHRtwax0Y1ouegLIsb3sTEYZZ9a38G3SYt8mJUJYxFkRtRXbLOmZT V28wMZfiKNukN7QpAazYtVlkZE2ea1thMU19DIoj/Izn7YKm59q7aQQlNgyFcE/I 9MpocWlHuX4v/lWhBZgRAP2Rd2fOPNWB7kbxBnYLDSiUg4uXG16+S2JgxYIvrvLe uqCS61eaeWgjzsM1B+uj65Vdz2VWcl6QTO3u8kD2EJ4yl+dUyPj/l37TfTbkVXm+ uefSpAHwjq5thg== -----END CERTIFICATE-----Generated at Wed Dec 17 16:41:38 2025 by rpki-client