This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft File: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json) Hash identifier: 4ECl2WeHmK7fUbNIQfFePfr1r6F5qsW/FegGPeHmDG0= Subject key identifier: CA:7F:A9:B7:B9:F6:AC:9C:FF:97:8C:BE:D9:D0:F6:ED:B4:6C:97:5E Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 Certificate issuer: /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Certificate serial: 019B3C7F1409DFB693FF417645CE80594E3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft Manifest number: 1784 Signing time: Sat 20 Dec 2025 16:01:59 +0000 Manifest this update: Sat 20 Dec 2025 16:01:59 +0000 Manifest next update: Sun 21 Dec 2025 16:01:59 +0000 Files and hashes: 1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: SeQl0Ots9bP/6q+esbJtd1E5M1pQOdxiLHe5gRlHgpU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:14:09:df:b6:93:ff:41:76:45:ce:80:59:4e:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Validity Not Before: Dec 20 16:01:59 2025 GMT Not After : Dec 21 16:01:59 2025 GMT Subject: CN=ca7fa9b7b9f6ac9cff978cbed9d0f6edb46c975e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:39:88:30:b8:c3:d4:1c:64:69:d8:1a:de:73: bf:31:a4:23:29:11:17:08:30:be:19:36:de:0d:f9: d0:41:fc:ac:ba:07:af:19:ab:cb:f5:14:bb:c8:c9: 01:43:8e:34:6a:87:be:99:b6:37:44:72:97:bf:8c: 73:ba:a6:c3:fa:f5:b4:74:e4:0a:06:27:be:be:3f: f7:ba:6d:00:5e:0e:71:cf:1d:94:c7:e1:d8:42:36: 99:d7:7c:98:ec:9d:2a:bb:f2:9c:23:c7:bf:45:6f: c0:62:c5:42:d1:c2:cb:0e:4b:ff:af:a7:e2:13:55: 5e:93:f5:22:17:14:b4:7d:51:d1:8e:d2:13:a4:e4: b1:9e:eb:43:87:b3:2b:2a:da:35:da:22:03:59:9c: 45:f7:64:2c:75:59:6a:f7:12:4e:e9:72:dc:cc:c1: 4e:34:f6:7a:cb:6c:7c:ff:b5:9d:6a:ff:bb:4e:a6: 35:c9:25:b3:9c:c7:69:b3:9c:a9:f9:df:cd:22:1a: e4:d0:2f:76:f7:70:8f:14:87:3f:1a:2b:75:56:3a: 35:ba:14:3c:9f:e2:ae:14:62:a6:fe:75:1f:cb:33: 09:de:a0:3f:19:8a:19:8a:27:8c:71:ba:4f:ce:f6: 26:7a:8b:91:a0:09:70:11:01:44:b2:65:3d:a4:7c: b4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:7F:A9:B7:B9:F6:AC:9C:FF:97:8C:BE:D9:D0:F6:ED:B4:6C:97:5E X509v3 Authority Key Identifier: keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:43:f6:18:0d:23:78:3e:7c:7e:33:f3:31:ba:66:4a:0b:83: e7:0f:d5:eb:16:46:f3:af:68:ba:07:0a:85:ff:a3:9f:0a:66: f6:66:c6:e9:b3:8c:82:82:a1:92:3d:1d:de:9a:7b:1d:5c:24: 99:7b:b4:c3:48:6b:5d:1b:d6:f3:d7:3b:a5:9c:1b:21:77:ce: 5e:cb:97:e2:da:54:9e:f5:17:2a:27:bf:b3:60:b7:b4:6b:6b: 7c:b1:c6:4d:3a:11:b4:b2:24:3b:ac:e8:04:cc:00:7d:d5:ae: 4c:36:81:df:d5:fd:70:1e:cb:70:be:2a:39:3b:d5:50:34:b6: 0b:c5:d3:16:77:69:eb:ac:98:ac:bb:dc:2b:89:9c:be:ce:5e: bf:7b:3b:54:3b:fc:12:39:ed:ed:56:23:a2:ae:86:1c:a6:af: 31:3e:a8:31:73:e4:8b:52:62:c4:a3:f1:8d:c1:1d:6b:0d:e5: 0b:68:cf:80:5f:1c:97:66:db:6a:83:af:c6:10:83:78:25:9f: 01:2f:ba:a3:a5:0a:18:f9:94:2e:59:56:17:e4:7e:f1:a2:a0: 22:28:bf:ec:79:59:37:b5:16:c9:8f:89:dd:af:d4:a4:19:79: a2:a2:c1:6f:7f:37:e6:4d:0b:64:44:b9:9f:57:21:f0:5a:92: 8d:54:f2:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fxQJ37aT/0F2Rc6AWU48MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy OGE5NDIwHhcNMjUxMjIwMTYwMTU5WhcNMjUxMjIxMTYwMTU5WjAzMTEwLwYDVQQD EyhjYTdmYTliN2I5ZjZhYzljZmY5NzhjYmVkOWQwZjZlZGI0NmM5NzVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTmIMLjD1Bxkadga3nO/MaQjKREX CDC+GTbeDfnQQfysugevGavL9RS7yMkBQ440aoe+mbY3RHKXv4xzuqbD+vW0dOQK Bie+vj/3um0AXg5xzx2Ux+HYQjaZ13yY7J0qu/KcI8e/RW/AYsVC0cLLDkv/r6fi E1Vek/UiFxS0fVHRjtITpOSxnutDh7MrKto12iIDWZxF92QsdVlq9xJO6XLczMFO NPZ6y2x8/7Wdav+7TqY1ySWznMdps5yp+d/NIhrk0C9293CPFIc/Git1Vjo1uhQ8 n+KuFGKm/nUfyzMJ3qA/GYoZiieMcbpPzvYmeouRoAlwEQFEsmU9pHy0UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMp/qbe59qyc/5eMvtnQ9u20bJdeMB8GA1UdIwQY MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfUP2GA0j eD58fjPzMbpmSguD5w/V6xZG869ougcKhf+jnwpm9mbG6bOMgoKhkj0d3pp7HVwk mXu0w0hrXRvW89c7pZwbIXfOXsuX4tpUnvUXKie/s2C3tGtrfLHGTToRtLIkO6zo BMwAfdWuTDaB39X9cB7LcL4qOTvVUDS2C8XTFndp66yYrLvcK4mcvs5ev3s7VDv8 Ejnt7VYjoq6GHKavMT6oMXPki1JixKPxjcEdaw3lC2jPgF8cl2bbaoOvxhCDeCWf AS+6o6UKGPmULllWF+R+8aKgIii/7HlZN7UWyY+J3a/UpBl5oqLBb3835k0LZES5 n1ch8FqSjVTygQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:21:47 2025 by rpki-client