This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft File: yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json) Hash identifier: TK6yAaz8D1Y00p0KoED9TB9tu8B3dWzNvM6jhZEWQZU= Subject key identifier: A1:CB:68:21:6B:DB:29:BD:79:6D:21:59:25:BA:E2:DB:40:F8:DD:60 Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 Certificate issuer: /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Certificate serial: 019AF0F5E516B7B0DB3152CA6B8061B95235 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft Manifest number: 12CE Signing time: Sat 06 Dec 2025 00:00:37 +0000 Manifest this update: Sat 06 Dec 2025 00:00:37 +0000 Manifest next update: Sun 07 Dec 2025 00:00:37 +0000 Files and hashes: 1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: vK81LY2O8FDb34OQ0Sa7AEEr6GsD1uMeE8b2mWL9a7g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:e5:16:b7:b0:db:31:52:ca:6b:80:61:b9:52:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3 Validity Not Before: Dec 6 00:00:37 2025 GMT Not After : Dec 7 00:00:37 2025 GMT Subject: CN=a1cb68216bdb29bd796d215925bae2db40f8dd60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9a:e2:4f:77:a8:e3:4e:00:dd:95:d8:a6:8c: f3:31:66:6e:26:b7:77:d2:e6:5b:81:37:e5:c2:52: 93:98:0f:c6:fb:6c:15:05:dd:4f:af:51:4e:ab:3e: 22:32:b4:48:8d:26:fc:52:da:2a:d5:79:93:72:6b: f7:d1:80:ca:0e:62:78:6e:16:26:a3:4c:5b:4b:3f: 53:a1:77:73:3b:1d:02:41:a8:8c:5f:b0:c7:1a:ed: 87:7b:75:26:57:46:33:46:45:10:13:bc:1e:e3:95: c5:f3:5e:1e:21:ae:8d:87:98:6a:21:19:a4:50:bd: ed:20:f7:4e:de:13:b8:28:c1:74:37:b0:6f:71:76: 37:f7:7a:a6:7e:01:b1:8b:77:4b:8e:12:2f:0f:b4: 20:25:a6:cd:a7:41:e1:c0:0d:22:84:ca:97:e8:83: ee:58:a2:35:bc:b2:46:4a:c8:97:5c:11:a6:9f:fb: c4:cd:ba:09:f8:4f:48:e9:4a:0d:9c:cf:26:a6:b9: 95:ed:92:d3:9b:a6:82:4f:00:52:e3:45:b5:df:49: 2b:2b:f7:c6:77:eb:f9:72:2e:6b:e3:bc:74:6e:62: 81:34:b2:97:3f:29:4c:a1:d6:42:ab:93:4e:b6:f1: d0:21:e6:ac:06:c5:95:58:f5:28:ed:e3:2d:09:c6: b6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:CB:68:21:6B:DB:29:BD:79:6D:21:59:25:BA:E2:DB:40:F8:DD:60 X509v3 Authority Key Identifier: keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:c3:d0:5b:ac:85:8b:81:e4:64:8b:a3:ce:f1:65:60:4e:f8: a5:50:b6:57:93:d2:ef:7c:8a:5e:80:84:7a:2d:1c:d3:59:53: ae:c7:26:52:76:f0:86:3a:cb:4b:33:a2:b6:9a:d6:a5:30:ec: 30:62:43:7c:b6:82:74:99:78:bd:b6:2a:c8:a8:31:69:8f:de: 61:58:a2:54:af:e4:53:28:68:28:c0:d7:0c:bb:bf:f6:5e:1e: 9b:fd:bb:bc:40:ca:6c:80:8c:d9:d3:a2:1e:2f:c8:ba:e1:2f: 79:ee:3c:5b:9e:4d:8f:45:24:3b:d0:b6:19:12:bf:17:bb:ea: 15:cc:69:21:8a:c1:2d:c3:f4:76:2e:4d:46:e7:38:c8:df:16: 59:64:0d:87:8d:fc:78:a9:4e:57:b4:2e:28:cb:4e:29:9d:d8: a8:f8:8a:ac:7c:18:93:6b:97:ed:b6:a7:35:c5:4e:77:62:87: f0:35:c7:2e:2b:d8:2a:e6:8a:72:80:13:04:c1:1b:05:20:75: 4f:ae:fe:68:27:22:ee:c8:65:e6:24:9e:33:40:e2:bf:de:df: 11:c2:f7:50:9c:8c:b7:ef:57:e7:5f:e3:3a:53:36:3f:22:45: d5:84:7d:94:9f:c5:e1:df:32:29:b2:50:19:80:f6:e1:9f:25: 4d:f8:bc:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9eUWt7DbMVLKa4BhuVI1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm NGU5YzMwHhcNMjUxMjA2MDAwMDM3WhcNMjUxMjA3MDAwMDM3WjAzMTEwLwYDVQQD EyhhMWNiNjgyMTZiZGIyOWJkNzk2ZDIxNTkyNWJhZTJkYjQwZjhkZDYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5riT3eo404A3ZXYpozzMWZuJrd3 0uZbgTflwlKTmA/G+2wVBd1Pr1FOqz4iMrRIjSb8Utoq1XmTcmv30YDKDmJ4bhYm o0xbSz9ToXdzOx0CQaiMX7DHGu2He3UmV0YzRkUQE7we45XF814eIa6Nh5hqIRmk UL3tIPdO3hO4KMF0N7BvcXY393qmfgGxi3dLjhIvD7QgJabNp0HhwA0ihMqX6IPu WKI1vLJGSsiXXBGmn/vEzboJ+E9I6UoNnM8mprmV7ZLTm6aCTwBS40W130krK/fG d+v5ci5r47x0bmKBNLKXPylModZCq5NOtvHQIeasBsWVWPUo7eMtCca26wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKHLaCFr2ym9eW0hWSW64ttA+N1gMB8GA1UdIwQY MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5 LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMPQW6yF i4HkZIujzvFlYE74pVC2V5PS73yKXoCEei0c01lTrscmUnbwhjrLSzOitprWpTDs MGJDfLaCdJl4vbYqyKgxaY/eYViiVK/kUyhoKMDXDLu/9l4em/27vEDKbICM2dOi Hi/IuuEvee48W55Nj0UkO9C2GRK/F7vqFcxpIYrBLcP0di5NRuc4yN8WWWQNh438 eKlOV7QuKMtOKZ3YqPiKrHwYk2uX7banNcVOd2KH8DXHLivYKuaKcoATBMEbBSB1 T67+aCci7shl5iSeM0Div97fEcL3UJyMt+9X51/jOlM2PyJF1YR9lJ/F4d8yKbJQ GYD24Z8lTfi8sA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:23:43 2025 by rpki-client