This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft File: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft (raw, json) Hash identifier: waMZshJOIAC+bAQpyiPGBoxaEvkFMW8GwNxqMFjIkiE= Subject key identifier: 4F:B6:55:A7:DF:36:75:4F:25:34:3E:E4:D4:39:82:7F:7E:A3:48:1C Authority key identifier: CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D Certificate issuer: /CN=cbb525e263a95b1652064bdff8964d4bf62b533d Certificate serial: 019AF088950FB37A28B3D79BF194D335707E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft Manifest number: 0414 Signing time: Fri 05 Dec 2025 22:01:14 +0000 Manifest this update: Fri 05 Dec 2025 22:01:14 +0000 Manifest next update: Sat 06 Dec 2025 22:01:14 +0000 Files and hashes: 1: q6cfXUDveWHdgQWTYKqVwvvOAe0.roa (hash: BJPMM6GNYN6IqCj9i2G5fXzbZjuTVnz0OtAPd8t+eZk=) 2: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl (hash: PrRvaCobgHYgb8K/MIn7lPrFllPvJgpmfJH0/SUwhAs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:95:0f:b3:7a:28:b3:d7:9b:f1:94:d3:35:70:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbb525e263a95b1652064bdff8964d4bf62b533d Validity Not Before: Dec 5 22:01:14 2025 GMT Not After : Dec 6 22:01:14 2025 GMT Subject: CN=4fb655a7df36754f25343ee4d439827f7ea3481c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:b2:9c:4d:23:8a:bb:77:05:0c:0e:70:ca:37: cc:b7:26:92:9e:6b:81:84:33:70:36:e4:6b:1b:eb: 84:69:39:7b:87:b7:72:05:e0:ed:6b:bb:50:4b:1f: 04:d4:fa:41:93:e9:16:d0:e7:5b:89:18:31:74:aa: 11:bf:5d:97:5b:b7:43:f1:fb:a9:e7:45:b5:75:d9: cb:9a:63:5d:c2:9c:aa:c5:8b:57:97:51:f4:04:7d: 43:c4:e7:13:a9:2b:b5:e1:c6:6a:2a:a7:41:69:10: 34:5f:f4:27:cc:65:a6:ad:3e:8f:e2:08:0e:ab:b3: 51:c5:44:de:ea:f7:cf:e9:18:4e:7a:4b:de:48:8f: 3a:fd:7f:ec:f1:9e:4e:70:26:45:05:c4:da:38:5d: 81:6a:f1:34:d9:85:b2:be:b6:91:fb:4e:0a:39:10: 99:7f:98:cd:7d:79:e4:45:88:f4:35:89:7b:3a:df: 05:c4:3b:d3:29:37:4d:d9:fb:d9:18:0e:85:5e:e3: 28:3d:8f:9a:ea:da:b5:5a:e6:26:e9:ff:fa:09:a6: 95:a3:69:18:9a:79:f7:1e:ca:4a:5d:fc:9b:9b:28: 13:4a:3f:1f:10:e8:2c:39:da:1b:8b:0d:5b:15:3e: 48:01:6d:05:70:79:88:7a:39:5c:fa:19:5d:cc:cb: 13:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:B6:55:A7:DF:36:75:4F:25:34:3E:E4:D4:39:82:7F:7E:A3:48:1C X509v3 Authority Key Identifier: keyid:CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:38:ea:d2:17:ec:77:d9:13:9d:88:a2:8a:50:8d:80:ae:7f: 9a:81:a1:42:44:d1:33:58:9d:b1:66:18:3f:2e:91:18:bd:02: d0:23:ad:04:24:40:6b:45:81:75:89:07:a7:79:15:c2:c3:97: c5:84:90:51:dd:3a:27:e6:2f:7c:93:cf:64:77:2e:d5:46:f6: 22:ee:fb:0a:ec:0e:b4:25:aa:9d:e0:2b:29:85:46:15:fc:2a: 3e:5a:11:6d:16:8b:2d:47:9f:19:c8:93:6e:2b:b4:93:df:57: 86:ee:17:d6:9f:1b:e3:46:88:ce:37:99:e0:fe:46:22:b6:a5: 99:c8:8c:0e:0c:de:5b:f6:41:33:fc:66:51:52:fa:00:ab:10: 91:d5:6e:bc:0a:67:15:ac:c1:1f:7d:15:a9:6f:75:4c:20:ba: 06:f6:a4:96:17:9b:df:62:07:db:3b:c6:c3:52:9d:3e:f7:47: 1f:8f:99:d4:16:5a:b0:77:a6:b7:f0:b1:c4:9f:24:64:0e:0c: 03:6c:c1:d4:3f:3f:2e:ce:f4:b6:24:38:68:a5:ab:91:b1:60: f7:09:df:35:1e:cb:dd:91:a6:b7:4e:5f:84:99:a9:59:7b:2c: 14:a8:ed:68:6f:41:b8:b7:f3:4d:69:e8:83:26:19:4d:9a:a4: de:a0:ee:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiJUPs3oos9eb8ZTTNXB+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYjUyNWUyNjNhOTViMTY1MjA2NGJkZmY4OTY0ZDRiZjYy YjUzM2QwHhcNMjUxMjA1MjIwMTE0WhcNMjUxMjA2MjIwMTE0WjAzMTEwLwYDVQQD Eyg0ZmI2NTVhN2RmMzY3NTRmMjUzNDNlZTRkNDM5ODI3ZjdlYTM0ODFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7KcTSOKu3cFDA5wyjfMtyaSnmuB hDNwNuRrG+uEaTl7h7dyBeDta7tQSx8E1PpBk+kW0OdbiRgxdKoRv12XW7dD8fup 50W1ddnLmmNdwpyqxYtXl1H0BH1DxOcTqSu14cZqKqdBaRA0X/QnzGWmrT6P4ggO q7NRxUTe6vfP6RhOekveSI86/X/s8Z5OcCZFBcTaOF2BavE02YWyvraR+04KORCZ f5jNfXnkRYj0NYl7Ot8FxDvTKTdN2fvZGA6FXuMoPY+a6tq1WuYm6f/6CaaVo2kY mnn3HspKXfybmygTSj8fEOgsOdobiw1bFT5IAW0FcHmIejlc+hldzMsT/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE+2VaffNnVPJTQ+5NQ5gn9+o0gcMB8GA1UdIwQY MBaAFMu1JeJjqVsWUgZL3/iWTUv2K1M9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQt Yjg5ZGM0ZmQ2ZWUwLzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQtYjg5ZGM0ZmQ2ZWUw LzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtTjq0hfs d9kTnYiiilCNgK5/moGhQkTRM1idsWYYPy6RGL0C0COtBCRAa0WBdYkHp3kVwsOX xYSQUd06J+YvfJPPZHcu1Ub2Iu77CuwOtCWqneArKYVGFfwqPloRbRaLLUefGciT biu0k99Xhu4X1p8b40aIzjeZ4P5GIralmciMDgzeW/ZBM/xmUVL6AKsQkdVuvApn FazBH30VqW91TCC6Bvaklheb32IH2zvGw1KdPvdHH4+Z1BZasHemt/CxxJ8kZA4M A2zB1D8/Ls70tiQ4aKWrkbFg9wnfNR7L3ZGmt05fhJmpWXssFKjtaG9BuLfzTWno gyYZTZqk3qDu0Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:20 2025 by rpki-client