This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json) Hash identifier: Tm+8Dew4nN/eVQ3+9y6ciac85DRkB2/cAxFdDqrr36Q= Subject key identifier: 85:EF:80:CF:B5:88:1E:2A:F8:92:B8:99:B2:8D:7A:1C:1B:1D:39:3F Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35 Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35 Certificate serial: 019AF088935C2143ADC0C2B82DAC4468711C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft Manifest number: 0C08 Signing time: Fri 05 Dec 2025 22:01:13 +0000 Manifest this update: Fri 05 Dec 2025 22:01:13 +0000 Manifest next update: Sat 06 Dec 2025 22:01:13 +0000 Files and hashes: 1: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: 8g7rdZZzzqY4WtYeurRs7j7sIigxxrcNV7AyzQF4Muo=) 2: tKwKl17jXwIeAtAZEyALLLwTexA.roa (hash: E9CmZ9NzF2HrbXjpDzFF0Gs0klh/PHaYx1PKsYvWrwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:93:5c:21:43:ad:c0:c2:b8:2d:ac:44:68:71:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35 Validity Not Before: Dec 5 22:01:13 2025 GMT Not After : Dec 6 22:01:13 2025 GMT Subject: CN=85ef80cfb5881e2af892b899b28d7a1c1b1d393f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b8:fa:1c:16:3e:f9:4d:e4:20:86:9a:cc:ce: 6e:ec:b6:68:45:5b:79:97:76:69:17:0e:c0:92:a5: 47:16:a8:a4:27:48:b8:b1:41:fc:92:94:08:e7:11: 95:6d:6a:4e:9c:2f:e1:33:97:0a:15:9f:55:39:a6: bf:8c:26:73:15:1c:9e:af:ef:66:7d:8d:73:0b:e1: 49:16:c4:65:04:53:e6:04:1a:8a:a7:b6:4d:b7:e0: b8:e4:4b:17:7b:9b:0b:e1:df:53:63:ea:01:6f:85: f0:2c:9e:3e:ef:3d:81:8b:55:67:64:96:d3:9b:85: fa:35:11:a0:89:4d:76:eb:9d:7a:f9:8e:16:6c:0d: 7e:4f:a0:0e:08:a3:0d:5a:e8:7f:93:77:55:a5:aa: 50:eb:7e:4e:22:46:55:5a:bd:df:8b:65:b7:67:c9: 1d:cd:ee:35:67:eb:17:a9:30:8d:8e:57:30:80:ad: 75:33:91:3d:e6:b6:c7:68:e5:5b:c5:08:34:81:ad: d5:b4:0e:4e:cd:b9:67:23:69:70:67:45:c7:33:9c: b8:a1:61:b5:6e:6a:5d:b3:d0:29:94:15:ef:b7:fb: 2c:42:c8:5c:b7:92:e6:9b:f9:ee:ac:64:1d:b8:d8: 17:6b:66:c4:a4:8b:0a:5e:27:f2:fa:43:67:5a:5d: dc:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:EF:80:CF:B5:88:1E:2A:F8:92:B8:99:B2:8D:7A:1C:1B:1D:39:3F X509v3 Authority Key Identifier: keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:33:02:19:14:99:e7:69:6b:ee:f8:4c:96:be:8d:a6:7c:a6: 65:5e:3c:0c:0d:2a:c6:26:b7:25:b2:6c:5a:46:48:33:fc:c6: 92:55:40:c9:d3:42:0d:98:1b:ee:fa:2d:cb:8a:1d:c4:f3:03: 9b:fa:37:29:90:d4:5e:ac:28:ba:65:a4:dd:07:c4:c7:fa:f8: f1:c0:46:2b:54:8c:71:90:ad:82:3b:b0:5f:e2:1d:1c:1b:70: c0:ad:42:36:09:80:68:ae:53:53:6a:22:9e:18:ec:6b:27:48: 3e:00:43:14:62:0f:07:6f:f0:9d:b4:b0:7f:1b:a3:7b:36:4e: dc:0d:a3:53:76:ea:46:73:2e:70:bf:4c:5e:47:36:56:55:9c: 02:82:10:94:45:4d:7c:e4:18:d2:20:6c:42:fd:3e:b2:fc:17: d0:8f:a0:53:61:f9:91:2a:81:e5:27:9d:ba:7f:0b:46:8e:b4: 2a:4e:e5:12:e4:8e:e2:53:a5:9b:4e:22:3d:cd:5a:67:61:3b: dc:d7:5f:1c:f7:d8:e4:37:9a:c3:64:b0:ae:1e:d4:97:f9:3c: 43:05:55:01:42:a8:a2:62:d0:5a:f4:45:39:26:6d:3e:e6:db: ea:0e:70:7d:98:8a:05:fd:f4:5e:60:ab:17:c5:0b:54:6e:a6: 47:76:0a:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiJNcIUOtwMK4LaxEaHEcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh MDJmMzUwHhcNMjUxMjA1MjIwMTEzWhcNMjUxMjA2MjIwMTEzWjAzMTEwLwYDVQQD Eyg4NWVmODBjZmI1ODgxZTJhZjg5MmI4OTliMjhkN2ExYzFiMWQzOTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubj6HBY++U3kIIaazM5u7LZoRVt5 l3ZpFw7AkqVHFqikJ0i4sUH8kpQI5xGVbWpOnC/hM5cKFZ9VOaa/jCZzFRyer+9m fY1zC+FJFsRlBFPmBBqKp7ZNt+C45EsXe5sL4d9TY+oBb4XwLJ4+7z2Bi1VnZJbT m4X6NRGgiU126516+Y4WbA1+T6AOCKMNWuh/k3dVpapQ635OIkZVWr3fi2W3Z8kd ze41Z+sXqTCNjlcwgK11M5E95rbHaOVbxQg0ga3VtA5OzblnI2lwZ0XHM5y4oWG1 bmpds9AplBXvt/ssQshct5Lmm/nurGQduNgXa2bEpIsKXify+kNnWl3ctwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIXvgM+1iB4q+JK4mbKNehwbHTk/MB8GA1UdIwQY MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDMCGRSZ 52lr7vhMlr6NpnymZV48DA0qxia3JbJsWkZIM/zGklVAydNCDZgb7voty4odxPMD m/o3KZDUXqwoumWk3QfEx/r48cBGK1SMcZCtgjuwX+IdHBtwwK1CNgmAaK5TU2oi nhjsaydIPgBDFGIPB2/wnbSwfxujezZO3A2jU3bqRnMucL9MXkc2VlWcAoIQlEVN fOQY0iBsQv0+svwX0I+gU2H5kSqB5Sedun8LRo60Kk7lEuSO4lOlm04iPc1aZ2E7 3NdfHPfY5Deaw2Swrh7Ul/k8QwVVAUKoomLQWvRFOSZtPubb6g5wfZiKBf30XmCr F8ULVG6mR3YK5A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:10 2025 by rpki-client