This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft File: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json) Hash identifier: xPMEmeqCzKITN9y4GjeWwFJpNvbp/gPN8yX6N3lLDP0= Subject key identifier: 5A:18:1D:2F:D3:8F:E1:88:08:2F:CE:21:86:43:97:61:4D:8E:75:DB Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF Certificate issuer: /CN=63ef6bdbc42ad06defdad72679414346d8d048df Certificate serial: 019AF31C84FCBF94B5E10573B00ED81B8D52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 10:02:03 +0000 Manifest this update: Sat 06 Dec 2025 10:02:03 +0000 Manifest next update: Sun 07 Dec 2025 10:02:03 +0000 Files and hashes: 1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: 8H+hqJud28drC7JOaGqtqg9xXM2jkRXXkn+3e/Kd9w0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:84:fc:bf:94:b5:e1:05:73:b0:0e:d8:1b:8d:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df Validity Not Before: Dec 6 10:02:03 2025 GMT Not After : Dec 7 10:02:03 2025 GMT Subject: CN=5a181d2fd38fe188082fce21864397614d8e75db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:d8:fc:fd:c1:1f:1f:8b:2e:3b:0d:6f:fe:c1: ac:72:e1:12:e4:44:54:ad:e8:d9:27:40:50:bd:df: b0:96:0d:a0:79:b1:ad:3b:ec:0f:6c:b9:d4:0b:b0: 00:54:69:6d:ab:35:1a:35:53:f9:c8:9b:67:10:60: bb:fd:7c:ae:ef:f6:6c:1a:73:63:be:eb:b6:52:7f: 72:f3:b9:e1:16:1b:62:e0:d2:9e:7a:67:f7:21:2f: 4a:83:17:bd:cc:d5:52:ab:00:97:56:e1:b2:60:39: 70:d2:07:3c:93:e2:29:d6:97:8d:81:30:52:57:d6: b3:b4:32:d8:b2:73:77:31:9e:c8:c3:7b:f5:9e:25: 11:33:c5:25:55:28:96:6f:5a:31:d4:62:e1:2d:9c: 9c:9a:cf:03:38:0c:a2:d4:bc:fa:db:7b:c2:c5:f0: 03:e7:95:86:bb:5a:81:59:d6:a4:3c:3e:c9:af:c2: ce:44:02:2b:40:f6:3c:2d:9e:19:d9:52:fe:d3:27: 22:a6:fa:aa:b2:df:df:4f:d1:b4:6f:05:f8:92:23: 30:f1:5f:ea:96:f7:72:70:22:86:a0:9a:dd:73:f2: 7c:dc:75:c0:1a:25:0c:bf:65:52:0f:24:15:db:dc: 82:46:76:6c:44:81:a1:ce:bb:f6:66:22:97:eb:d6: a7:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:18:1D:2F:D3:8F:E1:88:08:2F:CE:21:86:43:97:61:4D:8E:75:DB X509v3 Authority Key Identifier: keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:8e:ab:f2:cd:ed:23:22:a4:a0:d1:95:06:7f:ee:c2:06:5c: 60:a6:a7:9d:fe:65:00:02:78:64:e9:c2:02:f8:58:30:b7:9d: 25:dd:b7:47:dc:50:65:e0:af:4b:2f:fa:09:88:7a:2a:7d:a1: f9:15:0f:c2:60:50:f2:15:8b:eb:76:a7:77:dd:07:8f:e8:61: f5:03:30:01:37:09:de:4d:45:56:68:5f:a7:bb:1d:2a:8b:79: df:f8:71:7d:07:b2:46:40:99:9e:b8:25:0e:d4:6a:6d:8d:95: 45:bc:59:41:a2:f1:45:92:8d:7f:e1:a9:04:75:f7:91:c5:fa: 37:f1:c9:6b:3f:04:c4:66:04:35:be:e2:2a:26:fc:55:3f:af: be:d4:8a:d9:0e:db:02:1f:9c:cd:55:1b:67:9d:55:79:76:ae: f9:2e:40:71:6c:83:f8:76:8d:1e:c0:db:81:ec:ed:13:72:65: 17:2b:bb:57:01:b9:e3:71:06:35:5f:3d:af:ed:59:62:8d:5d: 10:cd:b6:1c:49:ce:ce:d6:35:dd:26:94:be:63:de:4e:96:a0: 59:77:b8:f5:4a:c2:48:e3:5c:c9:3a:49:7b:a1:2b:d3:27:41: 01:6b:e4:24:ef:54:09:7a:85:b6:83:c8:7a:df:d6:cf:4a:38: c1:6b:05:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHIT8v5S14QVzsA7YG41SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk MDQ4ZGYwHhcNMjUxMjA2MTAwMjAzWhcNMjUxMjA3MTAwMjAzWjAzMTEwLwYDVQQD Eyg1YTE4MWQyZmQzOGZlMTg4MDgyZmNlMjE4NjQzOTc2MTRkOGU3NWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltj8/cEfH4suOw1v/sGscuES5ERU rejZJ0BQvd+wlg2gebGtO+wPbLnUC7AAVGltqzUaNVP5yJtnEGC7/Xyu7/ZsGnNj vuu2Un9y87nhFhti4NKeemf3IS9Kgxe9zNVSqwCXVuGyYDlw0gc8k+Ip1peNgTBS V9aztDLYsnN3MZ7Iw3v1niURM8UlVSiWb1ox1GLhLZycms8DOAyi1Lz623vCxfAD 55WGu1qBWdakPD7Jr8LORAIrQPY8LZ4Z2VL+0ycipvqqst/fT9G0bwX4kiMw8V/q lvdycCKGoJrdc/J83HXAGiUMv2VSDyQV29yCRnZsRIGhzrv2ZiKX69an/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFoYHS/Tj+GICC/OIYZDl2FNjnXbMB8GA1UdIwQY MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr46r8s3t IyKkoNGVBn/uwgZcYKannf5lAAJ4ZOnCAvhYMLedJd23R9xQZeCvSy/6CYh6Kn2h +RUPwmBQ8hWL63and90Hj+hh9QMwATcJ3k1FVmhfp7sdKot53/hxfQeyRkCZnrgl DtRqbY2VRbxZQaLxRZKNf+GpBHX3kcX6N/HJaz8ExGYENb7iKib8VT+vvtSK2Q7b Ah+czVUbZ51VeXau+S5AcWyD+HaNHsDbgeztE3JlFyu7VwG543EGNV89r+1ZYo1d EM22HEnOztY13SaUvmPeTpagWXe49UrCSONcyTpJe6Er0ydBAWvkJO9UCXqFtoPI et/Wz0o4wWsFjw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:33:41 2025 by rpki-client