This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft File: NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json) Hash identifier: smydqumkIBb+cYVHpBN0wTL7uMciy6ZCiL27S7dYtSk= Subject key identifier: 05:C5:15:61:7A:5D:2B:5E:E6:22:A6:C8:DF:57:C7:79:58:DC:FC:EE Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5 Certificate issuer: /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5 Certificate serial: 019B31FAF86C0942B414AF7135DBCDC04B54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft Manifest number: 04ED Signing time: Thu 18 Dec 2025 15:01:29 +0000 Manifest this update: Thu 18 Dec 2025 15:01:29 +0000 Manifest next update: Fri 19 Dec 2025 15:01:29 +0000 Files and hashes: 1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: avOvSmrbkKtan92Xd3HCr9nlyROy9pDJRt15glZl5VM=) 2: zdd_itkr61DwlSbiF7xORGma-Mg.roa (hash: s7+y8n33Kdf5OFXebrrUAhH6tASSitV8ofo7STn/T1o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:f8:6c:09:42:b4:14:af:71:35:db:cd:c0:4b:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5 Validity Not Before: Dec 18 15:01:29 2025 GMT Not After : Dec 19 15:01:29 2025 GMT Subject: CN=05c515617a5d2b5ee622a6c8df57c77958dcfcee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:5a:5d:c1:aa:0f:5f:80:47:d1:6c:d4:2b:da: 00:1a:36:cc:97:f0:b2:05:ac:0a:44:52:f5:f2:ba: f8:ea:21:44:45:b9:d4:54:df:5b:c0:76:4e:a4:5f: 10:43:ec:fa:00:66:3d:58:a2:5a:1a:95:06:95:00: b2:b8:68:00:75:ae:a5:d8:ab:d7:28:10:53:90:bd: ad:44:77:e8:a4:05:90:54:a4:e8:ff:83:87:68:d3: 15:f3:02:c7:92:c2:e5:95:fa:f5:8e:58:a4:5e:8f: 25:8f:dd:21:5d:87:31:35:07:c5:43:b6:9b:6f:a4: 8a:55:97:d6:b4:25:ff:8f:08:36:84:b6:06:46:40: 16:6d:2b:7b:ba:51:81:73:e4:2f:e5:07:75:49:6d: 86:2c:76:65:da:c4:49:87:13:1b:34:34:2a:d7:24: aa:11:35:fc:7c:f6:59:f4:fe:e6:44:7b:01:f0:dd: a3:63:27:65:01:24:79:77:92:e1:1b:af:f8:c8:8c: cd:84:3a:23:fb:89:c2:91:0e:83:a8:b8:35:6d:58: af:03:77:6b:10:cb:07:fa:06:1c:83:db:6f:43:a4: f3:66:90:31:40:96:ec:1b:16:d3:86:95:3d:33:53: df:67:3c:5e:95:c6:06:45:b0:5e:80:28:4f:16:11: ba:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:C5:15:61:7A:5D:2B:5E:E6:22:A6:C8:DF:57:C7:79:58:DC:FC:EE X509v3 Authority Key Identifier: keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:e3:ca:3a:d0:77:46:c3:20:64:93:77:ff:c4:10:13:00:75: e6:fc:b9:dd:68:fe:29:47:0a:87:ef:4b:56:7d:43:cb:e0:c9: 8e:ff:4a:54:a9:88:88:ab:84:a7:f5:a6:50:88:ec:86:58:23: dd:86:2f:b8:b4:79:00:a8:9b:22:07:a5:b1:8a:03:44:5c:15: f7:62:e1:bd:65:0a:2c:7d:a1:33:99:41:64:92:61:fe:ef:9e: 41:4e:68:f0:19:ff:9c:c7:7f:03:4a:f9:be:e0:88:86:f2:5b: ab:7e:0b:5d:39:28:fe:e4:e0:5f:d3:7d:82:73:84:22:67:c1: f5:9d:77:ed:60:aa:ac:59:0c:a9:f1:8c:32:a1:59:d7:58:f9: bd:3a:b5:92:43:ba:38:74:c7:d7:0b:d7:8c:c5:4c:4d:92:2c: 95:da:38:28:59:3c:74:d2:40:06:0a:90:e0:3a:7a:ba:22:b8: ef:3d:bc:3e:c9:6c:b1:cf:a9:de:3b:4c:87:b9:2e:79:96:b3: 6a:da:63:fe:af:69:1a:db:64:a6:34:c8:19:96:40:15:44:38: 2d:62:c1:ff:ce:ab:05:9b:10:19:17:52:df:de:f4:34:5d:5c: bd:0e:fc:3a:e7:d9:fd:7d:9e:75:7b:c8:3f:36:97:5f:44:63: 3f:c7:05:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+vhsCUK0FK9xNdvNwEtUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk MGJmZDUwHhcNMjUxMjE4MTUwMTI5WhcNMjUxMjE5MTUwMTI5WjAzMTEwLwYDVQQD EygwNWM1MTU2MTdhNWQyYjVlZTYyMmE2YzhkZjU3Yzc3OTU4ZGNmY2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1pdwaoPX4BH0WzUK9oAGjbMl/Cy BawKRFL18rr46iFERbnUVN9bwHZOpF8QQ+z6AGY9WKJaGpUGlQCyuGgAda6l2KvX KBBTkL2tRHfopAWQVKTo/4OHaNMV8wLHksLllfr1jlikXo8lj90hXYcxNQfFQ7ab b6SKVZfWtCX/jwg2hLYGRkAWbSt7ulGBc+Qv5Qd1SW2GLHZl2sRJhxMbNDQq1ySq ETX8fPZZ9P7mRHsB8N2jYydlASR5d5LhG6/4yIzNhDoj+4nCkQ6DqLg1bVivA3dr EMsH+gYcg9tvQ6TzZpAxQJbsGxbThpU9M1PfZzxelcYGRbBegChPFhG6VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXFFWF6XSte5iKmyN9Xx3lY3PzuMB8GA1UdIwQY MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3 LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+PKOtB3 RsMgZJN3/8QQEwB15vy53Wj+KUcKh+9LVn1Dy+DJjv9KVKmIiKuEp/WmUIjshlgj 3YYvuLR5AKibIgelsYoDRFwV92LhvWUKLH2hM5lBZJJh/u+eQU5o8Bn/nMd/A0r5 vuCIhvJbq34LXTko/uTgX9N9gnOEImfB9Z137WCqrFkMqfGMMqFZ11j5vTq1kkO6 OHTH1wvXjMVMTZIsldo4KFk8dNJABgqQ4Dp6uiK47z28Pslssc+p3jtMh7kueZaz atpj/q9pGttkpjTIGZZAFUQ4LWLB/86rBZsQGRdS3970NF1cvQ78OufZ/X2edXvI PzaXX0RjP8cFsw== -----END CERTIFICATE-----Generated at Thu Dec 18 17:53:45 2025 by rpki-client