This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft File: yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json) Hash identifier: wdUOIZAKrREyz51EfWoeyKuWr/Qmbj9YL5SWvvFXd/Y= Subject key identifier: E8:45:EF:FC:A6:BA:C4:B0:17:CF:40:80:E5:96:C5:95:B8:1D:EA:DC Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D Certificate issuer: /CN=c8cec13bd6f30420de74d2c31564dadda08e014d Certificate serial: 019AF12E6752EC02BB1131A99DB5F6DAFB76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft Manifest number: 018B Signing time: Sat 06 Dec 2025 01:02:21 +0000 Manifest this update: Sat 06 Dec 2025 01:02:21 +0000 Manifest next update: Sun 07 Dec 2025 01:02:21 +0000 Files and hashes: 1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: thCmJVS6rKRgQT4T/B4kD4MFTdES6bEgCj5qV+VppXk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:67:52:ec:02:bb:11:31:a9:9d:b5:f6:da:fb:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d Validity Not Before: Dec 6 01:02:21 2025 GMT Not After : Dec 7 01:02:21 2025 GMT Subject: CN=e845effca6bac4b017cf4080e596c595b81deadc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:11:d0:7a:54:3c:46:a3:9e:ac:65:39:7d:53: 5e:f1:f9:fc:79:ea:ca:be:5b:3f:cd:3d:56:09:25: 27:fe:d4:2d:09:b1:28:91:af:88:55:6a:3a:e8:75: 7d:4b:42:35:df:d6:51:45:06:54:cd:5e:a6:e0:b8: 9e:70:8e:87:03:7e:3b:07:59:a3:41:5a:d1:e0:b8: 3f:f3:be:21:35:47:e8:d2:1e:fb:55:97:d3:10:c9: 31:4c:3c:5c:24:ec:75:8d:ee:98:ed:97:57:58:fc: fb:eb:01:30:4f:4e:4f:0f:23:17:b9:6c:08:e6:67: c7:83:94:b6:d5:11:34:53:9e:66:6f:1a:f3:1b:c5: c4:aa:d2:df:ab:1b:31:7d:d2:17:27:61:67:79:24: a1:57:b3:f6:0c:53:9c:64:ba:09:5f:65:91:b3:7f: 19:5b:36:42:df:9d:ba:6e:65:85:52:f8:72:9f:a2: ca:3c:c3:8d:7f:96:25:1d:69:92:83:8c:7d:9f:a6: 5c:d0:0f:c3:40:2c:e2:6a:9b:1b:5d:8f:65:bd:8d: e5:76:49:58:40:b4:08:d1:48:aa:a4:79:33:74:6a: d4:8f:24:1c:5d:f9:d0:dc:2d:81:45:47:76:b0:0d: 1e:b0:9c:13:26:2b:d3:c4:b2:ca:c4:e2:79:25:39: 8e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:45:EF:FC:A6:BA:C4:B0:17:CF:40:80:E5:96:C5:95:B8:1D:EA:DC X509v3 Authority Key Identifier: keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:9c:ac:21:35:95:de:58:04:b6:a6:3a:fd:a2:1e:9d:25:43: 7f:50:6b:d2:c4:86:c9:ea:f9:61:9b:e8:50:3f:7a:34:67:bb: ca:37:24:0a:5c:df:9f:80:87:b8:db:94:4f:4c:5e:3c:ad:1c: 79:51:66:4c:eb:cc:37:bb:aa:62:04:52:ca:6a:7d:a3:46:84: 54:3f:57:e2:e9:98:de:b6:68:a7:c6:8b:ff:cf:9a:c2:cb:0a: ff:48:84:8f:4b:59:0c:68:88:39:7e:ea:d8:52:62:ea:13:db: cb:a6:df:37:61:ec:aa:f1:25:7f:f7:6d:f8:5b:ae:b2:f1:0f: 9f:9c:08:4e:79:8b:20:b3:d3:78:95:c4:42:20:05:6e:e0:a4: 91:32:a3:e2:ba:50:95:1d:9e:65:a9:92:f3:f9:13:c0:05:d7: 12:75:a5:4b:21:c7:b2:b4:f2:be:69:ae:90:b7:25:87:f9:d2: 4a:6a:cf:66:1d:e4:22:4b:a8:c5:35:66:b9:21:52:f9:31:63: ba:81:f7:3a:2a:8c:e3:9f:d1:d0:94:a2:19:70:ea:ef:8b:ca: 12:4a:85:f0:a5:a2:8e:13:10:0b:cc:bb:c1:42:31:9c:5a:0f: 51:5d:fb:28:7c:6d:42:fd:65:e2:f5:b3:05:e8:38:e5:b2:c0: 61:e1:94:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLmdS7AK7ETGpnbX22vt2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4 ZTAxNGQwHhcNMjUxMjA2MDEwMjIxWhcNMjUxMjA3MDEwMjIxWjAzMTEwLwYDVQQD EyhlODQ1ZWZmY2E2YmFjNGIwMTdjZjQwODBlNTk2YzU5NWI4MWRlYWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxHQelQ8RqOerGU5fVNe8fn8eerK vls/zT1WCSUn/tQtCbEoka+IVWo66HV9S0I139ZRRQZUzV6m4LiecI6HA347B1mj QVrR4Lg/874hNUfo0h77VZfTEMkxTDxcJOx1je6Y7ZdXWPz76wEwT05PDyMXuWwI 5mfHg5S21RE0U55mbxrzG8XEqtLfqxsxfdIXJ2FneSShV7P2DFOcZLoJX2WRs38Z WzZC3526bmWFUvhyn6LKPMONf5YlHWmSg4x9n6Zc0A/DQCziapsbXY9lvY3ldklY QLQI0UiqpHkzdGrUjyQcXfnQ3C2BRUd2sA0esJwTJivTxLLKxOJ5JTmOOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOhF7/ymusSwF89AgOWWxZW4HercMB8GA1UdIwQY MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5ysITWV 3lgEtqY6/aIenSVDf1Br0sSGyer5YZvoUD96NGe7yjckClzfn4CHuNuUT0xePK0c eVFmTOvMN7uqYgRSymp9o0aEVD9X4umY3rZop8aL/8+awssK/0iEj0tZDGiIOX7q 2FJi6hPby6bfN2HsqvElf/dt+FuusvEPn5wITnmLILPTeJXEQiAFbuCkkTKj4rpQ lR2eZamS8/kTwAXXEnWlSyHHsrTyvmmukLclh/nSSmrPZh3kIkuoxTVmuSFS+TFj uoH3OiqM45/R0JSiGXDq74vKEkqF8KWijhMQC8y7wUIxnFoPUV37KHxtQv1l4vWz Beg45bLAYeGUrw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:55 2025 by rpki-client