This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft File: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json) Hash identifier: iigZyawbe4QAcgz7vKz884DMIbqvreBQeJJbCtERHR0= Subject key identifier: A8:3E:FF:51:41:29:48:0A:8A:A3:F0:59:41:49:FF:96:E2:19:43:1C Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 Certificate issuer: /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Certificate serial: 019AF12D921540F8E5BDC36CCC64BD2E8921 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:01:26 +0000 Manifest this update: Sat 06 Dec 2025 01:01:26 +0000 Manifest next update: Sun 07 Dec 2025 01:01:26 +0000 Files and hashes: 1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: yuNPS7S5W/fLj/z7c7uModlBkAIZEhCUz+cHFAHf5cU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:92:15:40:f8:e5:bd:c3:6c:cc:64:bd:2e:89:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942 Validity Not Before: Dec 6 01:01:26 2025 GMT Not After : Dec 7 01:01:26 2025 GMT Subject: CN=a83eff514129480a8aa3f0594149ff96e219431c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6c:d2:87:03:23:49:ec:08:8f:04:f4:e7:ad: 1b:12:0c:ef:31:b6:75:d4:a8:5d:fd:57:4a:85:7c: 4b:11:31:4e:e3:be:ac:9b:9a:64:c5:b6:6e:90:59: 8e:f1:6f:1e:f6:d2:3c:0b:94:c7:46:cd:53:08:cc: 3a:cf:34:9a:ef:30:fd:4b:55:63:43:88:2d:aa:ae: 8c:6f:c2:01:c5:43:93:cf:1d:f0:8f:20:d1:50:08: 15:78:30:78:9c:b2:69:98:65:9f:17:68:3e:d5:a0: 6a:35:51:ff:fc:0a:f1:51:83:7e:26:dc:67:4b:fe: db:95:7e:ca:bc:ca:9d:2f:b2:21:b1:6a:d5:1c:71: f3:6b:cc:ca:10:75:c2:7e:5a:9b:a3:e0:0f:b7:42: 39:63:8d:0e:94:d1:8f:79:c0:1f:80:d2:d0:a9:bf: d7:6a:e0:81:c0:d8:f4:ab:33:9a:d5:7a:b7:07:33: f7:1d:49:54:38:e5:49:f2:40:12:72:b2:bc:5e:30: 24:99:7c:2c:2d:18:e9:5a:30:5e:2e:58:54:ab:25: b7:b9:4e:d0:cf:19:75:fa:20:7a:af:b0:d7:d3:fc: 59:b4:b5:93:a6:d6:c4:c5:d8:03:d6:96:b1:91:4f: 05:64:6f:3f:33:b7:74:97:fd:96:74:91:8f:da:04: b4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:3E:FF:51:41:29:48:0A:8A:A3:F0:59:41:49:FF:96:E2:19:43:1C X509v3 Authority Key Identifier: keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:47:63:b7:c9:93:5e:cb:fb:7d:26:1f:4e:74:46:55:c0:94: 2a:71:15:a7:db:7d:6a:26:b9:dd:7d:c2:bf:f0:4e:9b:ae:36: ef:a0:09:d3:5f:7d:98:53:44:2b:7b:88:74:61:06:f8:c8:90: 44:ef:86:a6:f6:4c:23:b0:16:5b:1f:45:6b:dd:41:ff:63:6b: da:f1:4c:a4:26:ed:6f:28:cc:69:38:38:f4:03:1d:0f:24:17: f1:d1:59:2b:d8:db:1d:60:fc:d6:b0:c7:89:2f:1e:f2:50:93: 4f:90:0c:86:b0:02:16:65:0d:c5:84:10:bb:10:a7:cf:dd:4c: 2f:ba:ea:b8:cc:dc:0f:52:2b:e8:7f:d3:75:16:39:3b:00:ff: 38:1a:bb:59:17:e6:b7:1f:11:4f:f9:ca:29:92:68:70:4c:67: df:e6:e2:3a:48:fe:07:3d:23:c5:bd:25:c8:d9:48:73:16:49: d4:ed:f6:56:94:bb:7d:3a:5e:a4:68:f1:dc:5a:56:79:82:d2: be:6f:68:49:66:5d:c4:e0:03:7f:9a:49:3b:b2:e8:f4:5e:6d: 96:af:c5:99:e2:50:c7:01:d3:41:bd:77:14:bc:8f:76:75:b3: 02:2c:ef:cb:99:f0:b2:59:c3:ba:aa:29:5a:57:df:9e:fa:e9: 62:5f:96:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLZIVQPjlvcNszGS9LokhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy OGE5NDIwHhcNMjUxMjA2MDEwMTI2WhcNMjUxMjA3MDEwMTI2WjAzMTEwLwYDVQQD EyhhODNlZmY1MTQxMjk0ODBhOGFhM2YwNTk0MTQ5ZmY5NmUyMTk0MzFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWzShwMjSewIjwT0560bEgzvMbZ1 1Khd/VdKhXxLETFO476sm5pkxbZukFmO8W8e9tI8C5THRs1TCMw6zzSa7zD9S1Vj Q4gtqq6Mb8IBxUOTzx3wjyDRUAgVeDB4nLJpmGWfF2g+1aBqNVH//ArxUYN+Jtxn S/7blX7KvMqdL7IhsWrVHHHza8zKEHXCflqbo+APt0I5Y40OlNGPecAfgNLQqb/X auCBwNj0qzOa1Xq3BzP3HUlUOOVJ8kAScrK8XjAkmXwsLRjpWjBeLlhUqyW3uU7Q zxl1+iB6r7DX0/xZtLWTptbExdgD1paxkU8FZG8/M7d0l/2WdJGP2gS04QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKg+/1FBKUgKiqPwWUFJ/5biGUMcMB8GA1UdIwQY MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdkdjt8mT Xsv7fSYfTnRGVcCUKnEVp9t9aia53X3Cv/BOm64276AJ0199mFNEK3uIdGEG+MiQ RO+GpvZMI7AWWx9Fa91B/2Nr2vFMpCbtbyjMaTg49AMdDyQX8dFZK9jbHWD81rDH iS8e8lCTT5AMhrACFmUNxYQQuxCnz91ML7rquMzcD1Ir6H/TdRY5OwD/OBq7WRfm tx8RT/nKKZJocExn3+biOkj+Bz0jxb0lyNlIcxZJ1O32VpS7fTpepGjx3FpWeYLS vm9oSWZdxOADf5pJO7Lo9F5tlq/FmeJQxwHTQb13FLyPdnWzAizvy5nwslnDuqop WlffnvrpYl+WAw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:00 2025 by rpki-client