This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft File: dy9wNcKJOyjNBP0amzys0kKMjf0.mft (raw, json) Hash identifier: rvyMh7HI4FPFM62HkBb7RK4D+3ekvMcZb7mjYWJhyoY= Subject key identifier: 8F:50:6B:5B:3A:77:1F:E6:B7:56:E0:38:F2:A1:8C:77:9E:FE:25:D2 Authority key identifier: 77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD Certificate issuer: /CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd Certificate serial: 019AF23FA0FDEA7BF3033D09BE15D18C44C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft Manifest number: 047D Signing time: Sat 06 Dec 2025 06:00:47 +0000 Manifest this update: Sat 06 Dec 2025 06:00:47 +0000 Manifest next update: Sun 07 Dec 2025 06:00:47 +0000 Files and hashes: 1: 9jS2v21J95xARBtQOtdTT0EtYBQ.roa (hash: BeiYvaVP67aUM+eVkzjpflxlaHwkNmiJmUTQZAVqkOQ=) 2: dy9wNcKJOyjNBP0amzys0kKMjf0.crl (hash: GeEGg8zyWmWO4V7Kr43HQQtjwlq35Lb1ZvFqa7H81rQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:a0:fd:ea:7b:f3:03:3d:09:be:15:d1:8c:44:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd Validity Not Before: Dec 6 06:00:47 2025 GMT Not After : Dec 7 06:00:47 2025 GMT Subject: CN=8f506b5b3a771fe6b756e038f2a18c779efe25d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:c5:94:41:8b:f7:76:8a:89:56:ff:91:4b: a9:b0:70:c7:06:43:9b:00:c5:10:3b:3a:47:ee:cd: 2e:4d:14:09:50:ff:79:d1:28:77:a8:d8:bb:ad:d3: 03:b6:e6:11:74:44:14:f5:d5:90:6f:1f:3e:02:4e: fc:4e:a8:ee:38:b4:07:ca:84:4b:07:ee:d5:57:29: 6e:73:a1:87:1d:a2:d3:5b:cf:01:96:27:d2:12:cb: 7b:35:62:f1:d2:d0:2e:57:26:84:22:ab:ac:1b:80: 42:a0:e5:b3:06:40:99:21:d4:2b:9b:c3:63:3b:cc: 73:9f:ed:c8:c9:a7:f5:64:65:64:2e:54:5a:4c:ce: 5d:00:d1:ba:2e:ac:01:c0:ff:f2:e6:a3:72:83:a7: e9:e2:49:71:58:32:82:9d:34:77:31:46:ec:e7:41: 66:d2:a7:63:c6:f0:35:d2:6f:32:4d:f1:dd:9e:ce: 73:b8:a9:67:2c:13:49:96:ad:ad:66:61:41:48:02: 5d:39:1a:fb:1f:1e:a6:0b:e4:50:dd:8c:3d:ee:f2: f2:4a:90:95:2e:0f:7c:8f:5c:a4:67:3a:1f:4d:16: a6:0b:06:aa:6c:4e:4f:fc:c6:53:7a:89:a5:34:c3: 5a:6c:e3:6c:c1:1b:c2:ba:78:00:e1:ea:b9:5f:53: d1:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:50:6B:5B:3A:77:1F:E6:B7:56:E0:38:F2:A1:8C:77:9E:FE:25:D2 X509v3 Authority Key Identifier: keyid:77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:b2:c0:c0:9a:e0:33:53:33:0e:c1:07:bc:bf:5f:c9:53:eb: d2:d1:46:45:8b:47:05:57:2b:1b:d6:8e:5e:d4:f4:53:b3:ba: 4b:6e:df:51:ce:8e:a9:e9:eb:1a:0a:7f:5a:e7:05:12:93:f6: 8f:fc:5f:c9:d6:63:08:84:f3:5a:ab:d1:ee:05:77:c1:88:31: a2:ee:12:19:aa:13:cf:6f:a6:f2:1f:42:ba:7c:88:5f:61:18: 7d:0f:e9:f6:3b:ba:a4:c1:b3:df:e0:4f:49:ec:21:08:cc:f5: 87:4e:7c:fd:12:37:80:04:fe:8a:07:38:b1:80:d8:a8:48:0b: 14:af:a6:dc:2d:b5:80:d4:8a:bd:8b:2c:75:00:5c:f5:57:45: 04:ca:fb:c1:43:cc:94:09:c6:61:1f:cf:bd:0b:e3:de:6a:9b: 3c:f5:92:18:55:4e:14:06:d8:02:89:66:ba:3c:9e:8f:a9:38: 25:c1:b3:3d:c8:31:bc:11:4f:39:03:fd:2e:ea:dc:41:74:bb: 6a:60:9d:29:38:f4:59:f3:d7:3f:5b:c8:a6:6c:a0:52:58:22: 5c:92:3f:44:c5:93:ac:e8:07:ab:ee:9c:f9:df:d0:07:47:e0: dd:ba:b8:6d:37:fd:78:e2:1f:76:03:a6:bd:84:96:95:f3:67: 1c:5e:c6:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP6D96nvzAz0JvhXRjETFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MmY3MDM1YzI4OTNiMjhjZDA0ZmQxYTliM2NhY2QyNDI4 YzhkZmQwHhcNMjUxMjA2MDYwMDQ3WhcNMjUxMjA3MDYwMDQ3WjAzMTEwLwYDVQQD Eyg4ZjUwNmI1YjNhNzcxZmU2Yjc1NmUwMzhmMmExOGM3NzllZmUyNWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGrFlEGL93aKiVb/kUupsHDHBkOb AMUQOzpH7s0uTRQJUP950Sh3qNi7rdMDtuYRdEQU9dWQbx8+Ak78TqjuOLQHyoRL B+7VVyluc6GHHaLTW88BlifSEst7NWLx0tAuVyaEIqusG4BCoOWzBkCZIdQrm8Nj O8xzn+3Iyaf1ZGVkLlRaTM5dANG6LqwBwP/y5qNyg6fp4klxWDKCnTR3MUbs50Fm 0qdjxvA10m8yTfHdns5zuKlnLBNJlq2tZmFBSAJdORr7Hx6mC+RQ3Yw97vLySpCV Lg98j1ykZzofTRamCwaqbE5P/MZTeomlNMNabONswRvCungA4eq5X1PRUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI9Qa1s6dx/mt1bgOPKhjHee/iXSMB8GA1UdIwQY MBaAFHcvcDXCiTsozQT9Gps8rNJCjI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQt ODMwMzVhZmU0YTM3LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQtODMwMzVhZmU0YTM3 LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApbLAwJrg M1MzDsEHvL9fyVPr0tFGRYtHBVcrG9aOXtT0U7O6S27fUc6OqenrGgp/WucFEpP2 j/xfydZjCITzWqvR7gV3wYgxou4SGaoTz2+m8h9CunyIX2EYfQ/p9ju6pMGz3+BP SewhCMz1h058/RI3gAT+igc4sYDYqEgLFK+m3C21gNSKvYssdQBc9VdFBMr7wUPM lAnGYR/PvQvj3mqbPPWSGFVOFAbYAolmujyej6k4JcGzPcgxvBFPOQP9LurcQXS7 amCdKTj0WfPXP1vIpmygUlgiXJI/RMWTrOgHq+6c+d/QB0fg3bq4bTf9eOIfdgOm vYSWlfNnHF7GDg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:28:20 2025 by rpki-client