This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft File: ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft (raw, json) Hash identifier: Kr8YS4ySaFjLwpoSuV7w/gl9NFtf7aJqqyKHzgH8+U4= Subject key identifier: 6A:1F:83:2B:7B:8D:BA:ED:7A:F4:D7:69:C3:A3:ED:3D:BD:BC:0A:93 Authority key identifier: AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1 Certificate issuer: /CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1 Certificate serial: 019B31FA47D8553E8D20F0130DD57BD56295 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft Manifest number: 0B90 Signing time: Thu 18 Dec 2025 15:00:44 +0000 Manifest this update: Thu 18 Dec 2025 15:00:44 +0000 Manifest next update: Fri 19 Dec 2025 15:00:44 +0000 Files and hashes: 1: 6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa (hash: 4tclq8R1V/fdbnM4AvEGc3ZJVkHqia0uVMOBrni8yPk=) 2: ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl (hash: wnQs+vtGtXOxpQfoEfe8O2fxiMjdjhAfQ5LBPsgEIjY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:47:d8:55:3e:8d:20:f0:13:0d:d5:7b:d5:62:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1 Validity Not Before: Dec 18 15:00:44 2025 GMT Not After : Dec 19 15:00:44 2025 GMT Subject: CN=6a1f832b7b8dbaed7af4d769c3a3ed3dbdbc0a93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:51:bb:63:72:6a:04:ef:82:e6:15:52:8a:b3: 65:84:86:ee:b3:34:27:ce:54:4f:dc:f4:f1:95:a1: 1f:a3:37:c1:f4:31:05:3b:9e:e1:05:ac:a4:25:d2: e6:ea:af:ed:81:ee:48:72:bf:6d:1f:4d:8d:1a:45: 12:84:c8:4d:f4:e9:38:82:6e:65:28:4b:9d:18:fe: bf:69:bf:81:6b:05:fd:07:6e:1c:01:9a:2b:94:45: 23:6b:11:3e:b8:38:2d:aa:37:d1:f8:24:e8:5d:69: f7:9b:c4:e4:d8:33:3e:47:81:f2:43:0d:da:d0:d0: 84:3c:0e:5a:42:b6:93:1e:85:63:e6:23:02:6d:83: 3e:be:47:7e:8d:67:df:db:af:5b:61:9b:96:2b:ff: 35:63:69:e7:25:0e:9d:b8:a2:20:cf:bf:20:0a:91: e5:eb:d0:07:11:39:87:77:b2:3b:e4:13:93:c5:37: bb:44:4f:9d:93:1e:27:3e:72:29:d3:c7:c2:4f:e8: 83:a7:85:01:96:b9:ac:e4:00:9f:f9:67:35:38:d1: 30:90:68:83:30:5c:b9:b8:a9:64:ef:6b:57:83:90: d9:a2:38:8e:6a:eb:42:c7:7e:db:ef:3e:ed:4b:91: 67:8e:1e:8e:3a:30:f4:54:70:71:ec:3d:d9:5f:d3: 4c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:1F:83:2B:7B:8D:BA:ED:7A:F4:D7:69:C3:A3:ED:3D:BD:BC:0A:93 X509v3 Authority Key Identifier: keyid:AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:ed:7a:f4:19:c1:37:74:67:4b:7a:49:07:68:59:d3:e1:45: c4:f6:f8:bf:3b:fa:2d:27:60:20:60:04:fc:11:cc:d8:e5:ab: 48:b8:03:76:c9:03:f8:e0:63:10:dc:7d:71:38:6c:8a:87:51: 34:9e:c6:8a:bc:bc:a9:10:79:60:f8:78:b9:2e:c6:df:9b:c0: be:ec:ca:0c:50:92:af:4e:91:11:c9:1a:b5:7b:21:83:d9:03: 3c:44:32:60:39:d1:28:70:9a:e9:e4:d6:e9:2f:bf:a0:0b:b2: 7f:4d:c8:29:7e:9c:29:a5:f7:47:31:23:df:11:bd:1d:64:7a: 2f:48:14:0b:e8:e8:aa:cd:2d:ce:df:9a:5b:c5:13:fe:58:ea: 9e:1b:dd:e5:29:7d:b1:d7:41:e9:38:47:42:20:e4:8e:e7:fd: 40:8a:ee:2c:05:07:b8:c4:8d:49:75:57:4e:2a:75:6a:0a:4b: a6:7c:fb:11:39:33:81:fd:fe:2c:10:23:1d:9d:3a:b0:48:1e: 08:4b:e1:3c:a0:71:78:f8:ac:1a:a9:c7:54:6d:91:ae:02:87: 32:22:02:3f:f4:27:49:4a:ca:07:36:c6:0a:9f:f9:36:60:99: 2d:a4:7b:b5:61:3f:6d:46:91:79:96:41:62:83:a6:a7:aa:a7: f5:92:a3:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+kfYVT6NIPATDdV71WKVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMjFkZDJmNzcyYTViYjQ3OTI1YzI4YmI1ZDE2Y2Q5MzBm MjA2YjEwHhcNMjUxMjE4MTUwMDQ0WhcNMjUxMjE5MTUwMDQ0WjAzMTEwLwYDVQQD Eyg2YTFmODMyYjdiOGRiYWVkN2FmNGQ3NjljM2EzZWQzZGJkYmMwYTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVG7Y3JqBO+C5hVSirNlhIbuszQn zlRP3PTxlaEfozfB9DEFO57hBaykJdLm6q/tge5Icr9tH02NGkUShMhN9Ok4gm5l KEudGP6/ab+BawX9B24cAZorlEUjaxE+uDgtqjfR+CToXWn3m8Tk2DM+R4HyQw3a 0NCEPA5aQraTHoVj5iMCbYM+vkd+jWff269bYZuWK/81Y2nnJQ6duKIgz78gCpHl 69AHETmHd7I75BOTxTe7RE+dkx4nPnIp08fCT+iDp4UBlrms5ACf+Wc1ONEwkGiD MFy5uKlk72tXg5DZojiOautCx37b7z7tS5Fnjh6OOjD0VHBx7D3ZX9NMAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGofgyt7jbrtevTXacOj7T29vAqTMB8GA1UdIwQY MBaAFK8h3S93Klu0eSXCi7XRbNkw8gaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEt NTUyZTUxNTQyZDRkLzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEtNTUyZTUxNTQyZDRk LzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkO169BnB N3RnS3pJB2hZ0+FFxPb4vzv6LSdgIGAE/BHM2OWrSLgDdskD+OBjENx9cThsiodR NJ7Giry8qRB5YPh4uS7G35vAvuzKDFCSr06REckatXshg9kDPEQyYDnRKHCa6eTW 6S+/oAuyf03IKX6cKaX3RzEj3xG9HWR6L0gUC+joqs0tzt+aW8UT/ljqnhvd5Sl9 sddB6ThHQiDkjuf9QIruLAUHuMSNSXVXTip1agpLpnz7ETkzgf3+LBAjHZ06sEge CEvhPKBxePisGqnHVG2RrgKHMiICP/QnSUrKBzbGCp/5NmCZLaR7tWE/bUaReZZB YoOmp6qn9ZKjyA== -----END CERTIFICATE-----Generated at Thu Dec 18 19:10:43 2025 by rpki-client