This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft File: y2bnZjRVc9cVnWeU7a7bc5okH48.mft (raw, json) Hash identifier: PMMFmW5qi+/j1W1SAhovJrKFfgslKQ7PbW+tS8x0TwA= Subject key identifier: BB:E7:11:51:2A:D2:65:8E:E9:82:00:02:80:47:DE:0C:90:D7:34:14 Authority key identifier: CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F Certificate issuer: /CN=cb66e766345573d7159d6794edaedb739a241f8f Certificate serial: 019AF276E1D0A2C2F39DF21DEE92320759E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft Manifest number: 07B0 Signing time: Sat 06 Dec 2025 07:01:08 +0000 Manifest this update: Sat 06 Dec 2025 07:01:08 +0000 Manifest next update: Sun 07 Dec 2025 07:01:08 +0000 Files and hashes: 1: GP-mcsPVfkxFR6BakAdLWMHzvnk.roa (hash: 46Gy5AnSQQR4RzlnLScg9/HmedHrQU8V47NDaOoaI7E=) 2: y2bnZjRVc9cVnWeU7a7bc5okH48.crl (hash: eSKs47B2/zTaGPuuBm+HeOqYXRuBjcDO4gBioSK9wt4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 07:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:e1:d0:a2:c2:f3:9d:f2:1d:ee:92:32:07:59:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb66e766345573d7159d6794edaedb739a241f8f Validity Not Before: Dec 6 07:01:08 2025 GMT Not After : Dec 7 07:01:08 2025 GMT Subject: CN=bbe711512ad2658ee98200028047de0c90d73414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:1b:aa:59:3b:87:9f:6f:85:6c:17:5d:9e:88: 63:47:f6:be:0b:6b:88:6d:f8:39:51:5e:36:bb:39: 6d:90:53:62:c5:ec:61:b2:e0:3c:fb:78:40:8d:c7: 48:f2:9e:fd:fc:9e:70:79:81:2c:78:ea:89:fd:8c: 7f:fb:ec:d0:c5:49:e7:a0:0f:2d:85:16:15:37:cc: d5:b9:9f:57:28:84:02:c9:03:1c:52:32:bc:17:11: 09:db:a5:e9:fb:b1:5d:5d:8e:2a:f1:b9:22:b7:d4: 2a:0e:8b:9a:ac:48:33:2c:d6:7d:dc:48:30:2f:88: f8:00:5b:36:b0:6e:6d:dd:37:28:41:4c:a9:c1:10: 77:e5:4d:56:11:d6:68:9d:b5:ab:8f:3d:fa:54:0d: e1:c8:f8:1c:19:52:d9:88:2f:c5:26:2e:f6:30:24: 99:f4:39:46:99:03:96:08:f2:9f:0f:5c:3c:93:61: 88:01:8f:19:4f:bd:31:ce:a3:ef:12:86:15:15:ae: 06:7b:ba:56:6b:ec:5f:73:71:f4:37:9c:2c:5a:f3: 63:ef:36:52:05:a7:88:c5:49:3b:ea:b6:c7:e4:e0: 20:3a:00:ef:b6:10:9a:06:2b:02:a7:4b:fc:fc:c7: 1a:92:b9:c6:50:c7:91:02:12:93:1b:d0:95:8b:db: 60:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:E7:11:51:2A:D2:65:8E:E9:82:00:02:80:47:DE:0C:90:D7:34:14 X509v3 Authority Key Identifier: keyid:CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:4a:46:14:86:3c:75:01:ec:d2:55:20:c2:1a:da:ca:8a:0f: ef:5e:48:07:46:3d:1b:69:6e:07:b2:96:a1:64:79:6a:ed:b3: 44:ef:b2:1a:a5:a7:71:6b:4c:92:58:ac:20:95:23:ed:86:e4: fe:ab:aa:40:eb:f1:82:13:6c:3d:2c:93:1d:16:40:28:69:f8: f8:df:99:70:f1:e6:17:db:1e:e8:9a:33:b4:5a:7a:13:90:35: 2c:b4:e2:64:46:5e:84:0b:43:cc:d8:d6:25:fd:80:a0:23:9f: 02:d7:d4:8e:09:2d:0c:f2:f6:e7:fe:bc:bf:55:f5:3d:80:06: eb:89:07:06:1a:f3:72:c2:1d:e6:16:49:20:be:e7:5f:dc:23: b5:a1:cc:c5:f6:90:63:57:ca:76:7d:43:05:ee:70:5e:06:c5: f0:25:c8:47:9e:ef:1a:c1:57:30:80:5f:b8:3d:37:3b:c5:02: 61:da:fb:27:90:40:b0:ec:b1:1f:96:c7:b0:49:d5:01:15:1a: ee:a2:b2:ca:b5:37:32:b9:11:33:2b:ff:3f:98:7f:a7:91:eb: d4:ba:67:a6:6b:68:0e:9d:62:47:61:4f:25:c7:66:f3:dd:5c: e9:ff:dc:83:65:c9:b5:de:d5:99:a2:88:53:a0:a8:e0:72:fd: c7:83:09:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryduHQosLznfId7pIyB1nmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiNjZlNzY2MzQ1NTczZDcxNTlkNjc5NGVkYWVkYjczOWEy NDFmOGYwHhcNMjUxMjA2MDcwMTA4WhcNMjUxMjA3MDcwMTA4WjAzMTEwLwYDVQQD EyhiYmU3MTE1MTJhZDI2NThlZTk4MjAwMDI4MDQ3ZGUwYzkwZDczNDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhuqWTuHn2+FbBddnohjR/a+C2uI bfg5UV42uzltkFNixexhsuA8+3hAjcdI8p79/J5weYEseOqJ/Yx/++zQxUnnoA8t hRYVN8zVuZ9XKIQCyQMcUjK8FxEJ26Xp+7FdXY4q8bkit9QqDouarEgzLNZ93Egw L4j4AFs2sG5t3TcoQUypwRB35U1WEdZonbWrjz36VA3hyPgcGVLZiC/FJi72MCSZ 9DlGmQOWCPKfD1w8k2GIAY8ZT70xzqPvEoYVFa4Ge7pWa+xfc3H0N5wsWvNj7zZS BaeIxUk76rbH5OAgOgDvthCaBisCp0v8/McakrnGUMeRAhKTG9CVi9tgJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLvnEVEq0mWO6YIAAoBH3gyQ1zQUMB8GA1UdIwQY MBaAFMtm52Y0VXPXFZ1nlO2u23OaJB+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEt NjViZjc5YjBhOTg5LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEtNjViZjc5YjBhOTg5 LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEpGFIY8 dQHs0lUgwhrayooP715IB0Y9G2luB7KWoWR5au2zRO+yGqWncWtMklisIJUj7Ybk /quqQOvxghNsPSyTHRZAKGn4+N+ZcPHmF9se6JoztFp6E5A1LLTiZEZehAtDzNjW Jf2AoCOfAtfUjgktDPL25/68v1X1PYAG64kHBhrzcsId5hZJIL7nX9wjtaHMxfaQ Y1fKdn1DBe5wXgbF8CXIR57vGsFXMIBfuD03O8UCYdr7J5BAsOyxH5bHsEnVARUa 7qKyyrU3MrkRMyv/P5h/p5Hr1LpnpmtoDp1iR2FPJcdm891c6f/cg2XJtd7VmaKI U6Co4HL9x4MJmQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:40:45 2025 by rpki-client