This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft File: PsY-XbBDXC0-dKayitPZww1qjO4.mft (raw, json) Hash identifier: sqPCnuRHUq3Xi/od/BRXKp/tKmYcunvwNlnN38PFFpU= Subject key identifier: 62:2B:C6:70:F7:B1:00:D4:48:1E:69:5D:73:8E:71:9A:2A:4D:FA:EA Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee Certificate serial: 019AF12D2421AA408ED524086B4E4C609674 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft Manifest number: 0F70 Signing time: Sat 06 Dec 2025 01:00:58 +0000 Manifest this update: Sat 06 Dec 2025 01:00:58 +0000 Manifest next update: Sun 07 Dec 2025 01:00:58 +0000 Files and hashes: 1: GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa (hash: u2uTEL6Ts0fKYl8Es1LELd2Ambr6iVn6vwhJ7qDD50c=) 2: PsY-XbBDXC0-dKayitPZww1qjO4.crl (hash: UcM6tJt1+TSRjjjAL1SXuzzlAMnKY2RFY9H/gEs8weE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:24:21:aa:40:8e:d5:24:08:6b:4e:4c:60:96:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee Validity Not Before: Dec 6 01:00:58 2025 GMT Not After : Dec 7 01:00:58 2025 GMT Subject: CN=622bc670f7b100d4481e695d738e719a2a4dfaea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0f:35:03:48:aa:3e:1b:c4:a4:e3:6d:e1:ac: de:52:58:83:1f:70:12:bd:79:2a:61:07:1d:f0:23: 98:4c:8d:25:75:62:31:4e:d2:e3:9d:b9:79:5b:af: ee:f2:43:6a:a0:7f:83:46:e7:31:66:5c:88:4b:b1: 2d:0b:21:04:3d:8a:18:40:27:9b:f9:57:2d:4b:37: f5:df:c0:97:af:9a:d5:fd:c8:86:37:ba:c1:3f:03: 2b:d2:8e:f5:59:a1:7d:db:ed:7d:eb:d4:ca:b6:92: 4f:da:33:6f:c2:4a:42:4f:60:3e:f2:f2:90:af:ac: 78:80:c5:b2:54:53:18:b0:5b:40:49:42:e4:1b:7b: 9a:de:28:c4:5a:9b:cc:a8:c5:ba:13:06:0a:27:f1: dd:7c:53:1c:c3:0b:3e:11:3e:1e:0e:ae:23:d4:40: de:89:9b:23:58:90:92:1a:f3:54:1e:4f:41:d6:90: 29:9a:52:12:d7:f9:c4:d5:1a:2d:8e:70:32:d5:8f: 26:8e:08:be:d2:46:f9:a2:4e:60:a9:c9:d2:4d:24: 0e:57:f3:3e:0f:93:c6:a4:6a:33:cd:04:d4:aa:f7: fd:a6:c2:e1:88:7a:d6:80:8a:df:92:a6:68:ec:2c: 52:2d:cc:ab:89:56:08:0e:7b:9c:36:15:e6:2a:15: de:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:2B:C6:70:F7:B1:00:D4:48:1E:69:5D:73:8E:71:9A:2A:4D:FA:EA X509v3 Authority Key Identifier: keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:3a:47:07:5c:fd:42:0f:48:0d:3f:3f:ca:73:20:17:6e:a1: 94:5c:4b:7c:8b:85:76:d1:a7:23:a4:84:39:80:81:28:63:77: e6:86:12:09:ac:97:fa:ce:bd:2f:fa:2d:f7:da:0c:f4:7a:c7: f2:75:ba:8a:a1:b5:3d:19:a2:3e:20:49:9d:4a:97:65:87:d9: 1f:d6:5c:ea:41:e7:c9:db:1f:78:9b:7d:de:b0:19:ac:c7:ea: 21:4f:c6:61:ff:d3:65:4b:5d:e6:e8:6f:8f:39:9b:99:54:a7: 68:98:ad:db:de:80:68:0f:1a:9f:99:96:02:df:86:e0:67:85: bc:96:1f:75:1a:88:6d:bf:a1:4c:08:78:16:6f:a1:30:aa:97: c4:9c:60:a3:e9:01:9b:af:67:1e:cd:d7:3e:27:b5:35:5b:a1: 76:4a:bc:d3:66:79:dc:0a:d0:1d:8c:19:a2:d0:5f:a5:ba:ed: b8:a5:a5:ca:ed:3f:ca:83:49:ca:b0:c5:90:34:05:a0:ee:d7: 92:76:e2:4d:b7:48:4b:f4:90:f3:4f:4a:d7:27:42:7b:4a:89: 7d:ad:57:c7:ca:3d:cd:2c:d9:68:55:0d:70:c5:98:89:cd:4e: e9:2f:31:4f:08:f0:55:43:37:4e:35:15:f5:0d:45:5e:21:86: 74:69:e6:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLSQhqkCO1SQIa05MYJZ0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2 YThjZWUwHhcNMjUxMjA2MDEwMDU4WhcNMjUxMjA3MDEwMDU4WjAzMTEwLwYDVQQD Eyg2MjJiYzY3MGY3YjEwMGQ0NDgxZTY5NWQ3MzhlNzE5YTJhNGRmYWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg81A0iqPhvEpONt4azeUliDH3AS vXkqYQcd8COYTI0ldWIxTtLjnbl5W6/u8kNqoH+DRucxZlyIS7EtCyEEPYoYQCeb +VctSzf138CXr5rV/ciGN7rBPwMr0o71WaF92+1969TKtpJP2jNvwkpCT2A+8vKQ r6x4gMWyVFMYsFtASULkG3ua3ijEWpvMqMW6EwYKJ/HdfFMcwws+ET4eDq4j1EDe iZsjWJCSGvNUHk9B1pApmlIS1/nE1RotjnAy1Y8mjgi+0kb5ok5gqcnSTSQOV/M+ D5PGpGozzQTUqvf9psLhiHrWgIrfkqZo7CxSLcyriVYIDnucNhXmKhXeewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGIrxnD3sQDUSB5pXXOOcZoqTfrqMB8GA1UdIwQY MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt NTIwNThmOGE5YTFhLzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZjpHB1z9 Qg9IDT8/ynMgF26hlFxLfIuFdtGnI6SEOYCBKGN35oYSCayX+s69L/ot99oM9HrH 8nW6iqG1PRmiPiBJnUqXZYfZH9Zc6kHnydsfeJt93rAZrMfqIU/GYf/TZUtd5uhv jzmbmVSnaJit296AaA8an5mWAt+G4GeFvJYfdRqIbb+hTAh4Fm+hMKqXxJxgo+kB m69nHs3XPie1NVuhdkq802Z53ArQHYwZotBfpbrtuKWlyu0/yoNJyrDFkDQFoO7X knbiTbdIS/SQ809K1ydCe0qJfa1Xx8o9zSzZaFUNcMWYic1O6S8xTwjwVUM3TjUV 9Q1FXiGGdGnmwg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:30:13 2025 by rpki-client