This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.mft File: lYj7Sw-weytS4w2SGYmPKM-8mi0.mft (raw, json) Hash identifier: hCi6GJAXfF3skiPJjunCsMGGjGivpg97ZiQ90xYG/Ec= Subject key identifier: 22:35:17:C7:86:F5:62:AB:11:D7:3A:BC:F8:A2:79:91:CC:9A:DA:41 Authority key identifier: 95:88:FB:4B:0F:B0:7B:2B:52:E3:0D:92:19:89:8F:28:CF:BC:9A:2D Certificate issuer: /CN=9588fb4b0fb07b2b52e30d9219898f28cfbc9a2d Certificate serial: 019AF1D23BCDDFA9D9D06E1F2C6D4FAE1FF9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lYj7Sw-weytS4w2SGYmPKM-8mi0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.mft Manifest number: 14DE Signing time: Sat 06 Dec 2025 04:01:17 +0000 Manifest this update: Sat 06 Dec 2025 04:01:17 +0000 Manifest next update: Sun 07 Dec 2025 04:01:17 +0000 Files and hashes: 1: cpaYv-AQ-t9zhgKKXsvKBzFcSaQ.roa (hash: QH8X2hDISDdQVFPt9W1N705nATkeCHCrQhlKJMRWx8A=) 2: lYj7Sw-weytS4w2SGYmPKM-8mi0.crl (hash: /zgbluStK01WRv6mp6UPKxs1+fxELVuh7h39vLLHLTo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.mft rsync://rpki.ripe.net/repository/DEFAULT/lYj7Sw-weytS4w2SGYmPKM-8mi0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:3b:cd:df:a9:d9:d0:6e:1f:2c:6d:4f:ae:1f:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9588fb4b0fb07b2b52e30d9219898f28cfbc9a2d Validity Not Before: Dec 6 04:01:17 2025 GMT Not After : Dec 7 04:01:17 2025 GMT Subject: CN=223517c786f562ab11d73abcf8a27991cc9ada41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5f:76:a9:1a:55:d9:65:0c:f7:10:96:68:22: 7b:28:68:60:b7:fa:09:48:d3:b2:78:0f:c5:54:e2: 00:8d:cd:fd:ee:5a:9b:83:0f:2e:30:aa:0c:2c:15: 69:cf:fb:82:4e:75:5c:68:3c:a1:f8:2a:af:7c:89: 12:3a:13:12:df:48:57:64:f4:a0:44:78:b5:3c:50: 6c:91:7d:10:04:56:52:6f:7c:79:48:f4:79:70:c8: 33:50:5e:f6:e7:26:98:80:6b:69:c6:1d:db:fa:a0: 86:3e:30:2d:ff:22:3a:6e:67:f4:1f:bf:0d:fe:a4: b3:8f:77:13:5a:30:75:51:41:86:b8:da:d2:f7:21: 53:f7:f8:23:bf:87:ee:3e:c5:7e:ef:ab:eb:cf:9d: c5:cb:5c:08:77:3b:4b:db:1d:f5:4f:52:70:c5:2c: 39:fb:21:cf:30:19:00:73:be:a0:5c:2d:1c:f0:ed: fd:5b:e3:29:03:02:0f:db:f1:1a:56:cd:2a:b4:e3: 4e:51:08:85:72:1f:7c:8c:10:b9:3b:36:36:bd:34: 77:97:98:89:5c:e5:ff:d3:76:c3:10:99:bc:57:8b: df:7a:f1:98:97:0c:57:b0:fa:f8:fb:e3:40:b3:90: 2a:54:aa:eb:61:b4:d4:a5:96:32:85:73:6b:8b:84: 5e:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:35:17:C7:86:F5:62:AB:11:D7:3A:BC:F8:A2:79:91:CC:9A:DA:41 X509v3 Authority Key Identifier: keyid:95:88:FB:4B:0F:B0:7B:2B:52:E3:0D:92:19:89:8F:28:CF:BC:9A:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYj7Sw-weytS4w2SGYmPKM-8mi0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/fb85d3-6660-430e-9ac7-86d2c311db17/1/lYj7Sw-weytS4w2SGYmPKM-8mi0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:91:42:6c:ed:ec:0e:78:fc:2d:14:63:09:59:b6:ca:c6:b2: 1a:88:9a:ae:86:01:7a:97:9f:c5:bf:3f:be:3f:91:91:0a:40: 0a:57:ab:da:bb:d8:06:05:1b:22:4f:56:9f:a4:05:48:ad:f6: 97:d8:d7:57:0e:84:51:f8:63:5c:de:9c:fd:4a:dd:c1:56:ef: 5a:f9:2c:d4:64:c9:f9:03:d9:6f:bc:9e:fe:78:c4:eb:ea:0b: ee:cd:64:f6:2e:80:e9:db:97:32:99:8e:41:e3:0a:4d:31:3b: 2b:d2:f9:6c:23:94:d6:69:a1:89:1b:5a:49:09:a4:a1:ce:4c: 13:1b:04:57:3d:de:18:6a:d6:b6:6e:76:08:b7:92:78:96:0d: a0:d5:f5:df:3c:ec:66:d4:02:24:53:2f:53:2f:d6:f9:05:54: b1:3e:29:9a:a0:ad:22:d0:2e:80:76:e1:a9:ef:3b:c1:7c:28: 16:f4:79:d0:0b:6d:1d:04:3d:d6:7f:5d:0b:8c:f2:35:5d:e6: 31:21:c0:bb:21:fe:fe:58:2f:42:04:14:7c:94:40:c0:f2:10: 9c:b2:32:dd:23:d5:71:55:70:18:37:4d:89:db:85:00:f2:00: 82:75:ca:26:d2:3f:5e:9c:20:8e:64:7c:b6:58:ac:67:81:d9: b5:8a:9e:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jvN36nZ0G4fLG1Prh/5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ODhmYjRiMGZiMDdiMmI1MmUzMGQ5MjE5ODk4ZjI4Y2Zi YzlhMmQwHhcNMjUxMjA2MDQwMTE3WhcNMjUxMjA3MDQwMTE3WjAzMTEwLwYDVQQD EygyMjM1MTdjNzg2ZjU2MmFiMTFkNzNhYmNmOGEyNzk5MWNjOWFkYTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V92qRpV2WUM9xCWaCJ7KGhgt/oJ SNOyeA/FVOIAjc397lqbgw8uMKoMLBVpz/uCTnVcaDyh+CqvfIkSOhMS30hXZPSg RHi1PFBskX0QBFZSb3x5SPR5cMgzUF725yaYgGtpxh3b+qCGPjAt/yI6bmf0H78N /qSzj3cTWjB1UUGGuNrS9yFT9/gjv4fuPsV+76vrz53Fy1wIdztL2x31T1JwxSw5 +yHPMBkAc76gXC0c8O39W+MpAwIP2/EaVs0qtONOUQiFch98jBC5OzY2vTR3l5iJ XOX/03bDEJm8V4vfevGYlwxXsPr4++NAs5AqVKrrYbTUpZYyhXNri4ReoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCI1F8eG9WKrEdc6vPiieZHMmtpBMB8GA1UdIwQY MBaAFJWI+0sPsHsrUuMNkhmJjyjPvJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFlqN1N3LXdleXRTNHcyU0dZbVBLTS04bWkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mYjg1ZDMtNjY2MC00MzBlLTlhYzct ODZkMmMzMTFkYjE3LzEvbFlqN1N3LXdleXRTNHcyU0dZbVBLTS04bWkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9mYjg1ZDMtNjY2MC00MzBlLTlhYzctODZkMmMzMTFkYjE3 LzEvbFlqN1N3LXdleXRTNHcyU0dZbVBLTS04bWkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpFCbO3s Dnj8LRRjCVm2ysayGoiaroYBepefxb8/vj+RkQpACler2rvYBgUbIk9Wn6QFSK32 l9jXVw6EUfhjXN6c/UrdwVbvWvks1GTJ+QPZb7ye/njE6+oL7s1k9i6A6duXMpmO QeMKTTE7K9L5bCOU1mmhiRtaSQmkoc5MExsEVz3eGGrWtm52CLeSeJYNoNX13zzs ZtQCJFMvUy/W+QVUsT4pmqCtItAugHbhqe87wXwoFvR50AttHQQ91n9dC4zyNV3m MSHAuyH+/lgvQgQUfJRAwPIQnLIy3SPVcVVwGDdNiduFAPIAgnXKJtI/XpwgjmR8 tlisZ4HZtYqe8g== -----END CERTIFICATE-----Generated at Sat Dec 6 15:22:56 2025 by rpki-client