This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft File: YMZLBPqPX-5oZvXHn499zqUBJRU.mft (raw, json) Hash identifier: 2LUWTzQiuI5CjFPcC9zhOXdnw+xJX5RdiyH/jGW2tao= Subject key identifier: 37:53:D7:C9:DB:27:20:6F:25:44:27:71:39:06:12:03:6D:54:A7:DF Authority key identifier: 60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15 Certificate issuer: /CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515 Certificate serial: 019AF3F79315E0AAECCE216C380428B7500C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft Manifest number: 1352 Signing time: Sat 06 Dec 2025 14:01:19 +0000 Manifest this update: Sat 06 Dec 2025 14:01:19 +0000 Manifest next update: Sun 07 Dec 2025 14:01:19 +0000 Files and hashes: 1: Q9vdhvNHwOEEPnjfpoIoeq4pq_E.roa (hash: AjW64DrutKx53AvwTAQKpO/FJMGHUcE1ZDsQqqfuNRE=) 2: YMZLBPqPX-5oZvXHn499zqUBJRU.crl (hash: IiRrKtzdtSfnGzlj3kbU/GUOHDZmxLQ+b8YZ4O8MDSs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:93:15:e0:aa:ec:ce:21:6c:38:04:28:b7:50:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515 Validity Not Before: Dec 6 14:01:19 2025 GMT Not After : Dec 7 14:01:19 2025 GMT Subject: CN=3753d7c9db27206f25442771390612036d54a7df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:e6:06:ed:dc:9a:ae:a7:f1:f6:f7:7a:60: 4d:99:7a:e5:07:fc:ed:ab:98:2e:5b:ab:cd:8b:ec: e9:d4:1e:e5:c3:3d:d7:ff:78:8f:0b:3c:a2:cf:c6: 63:18:c0:f6:e7:4b:a5:ef:e4:d4:db:26:7e:f5:ca: 2e:60:16:df:4f:8f:07:7c:f8:31:b6:4b:98:ec:6c: fe:a8:dd:de:a6:ec:c9:c2:b8:de:c1:29:2b:5f:34: 95:4b:ef:3c:fb:07:3b:22:9b:fc:a9:49:3b:a4:0f: 14:51:c5:03:33:ec:0c:54:5a:49:84:10:31:bf:04: 8c:5b:3c:53:2a:57:17:36:a4:88:e5:29:8e:20:9c: 74:e7:ea:0b:95:1a:35:5b:38:80:2a:63:fc:81:4b: 93:9d:8d:4a:9f:9b:88:05:3b:5d:b8:37:b3:cd:29: b6:7b:20:d9:24:74:0e:0c:5a:d8:ea:b9:58:d2:55: b1:c2:43:80:d0:80:5a:f3:35:c6:9f:84:f5:d6:5d: f5:6b:fb:81:92:5a:2a:01:ed:d6:32:97:8c:1e:5a: e7:a4:d6:d1:18:70:ff:76:0a:f8:1e:15:f9:a4:c4: 73:af:69:b7:87:ca:c5:30:55:e6:09:4b:77:ad:d6: af:0b:72:e3:19:60:97:ed:9c:4c:c5:bb:6c:d8:4b: 9b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:53:D7:C9:DB:27:20:6F:25:44:27:71:39:06:12:03:6D:54:A7:DF X509v3 Authority Key Identifier: keyid:60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:92:85:0a:6d:aa:8d:43:4c:c8:ca:54:da:b2:40:3b:c6:fe: b8:77:fa:d0:3c:ab:52:95:53:0a:18:3c:f4:a7:71:06:2e:73: bc:49:df:2d:ae:a6:c2:e6:e4:88:43:76:08:f1:5a:6a:18:25: 81:bd:ab:7e:5e:ae:67:81:b8:0d:c0:6b:98:ce:34:c2:4d:ab: 90:e2:05:bf:51:15:ac:b2:e2:a7:af:6f:25:bd:7d:10:4e:e9: 6a:c8:36:f2:c2:08:82:dc:87:52:4b:d9:eb:48:31:3f:06:c9: 9b:22:95:cb:00:97:a5:ca:b8:29:57:10:98:65:cc:ba:ec:50: 4a:b6:03:77:6d:73:8e:ad:6f:d4:53:ad:89:cd:25:49:1d:ec: f5:3b:b5:f8:77:4d:1c:71:1e:57:c0:a0:8a:57:b4:5b:ef:a0: fc:7e:d8:0e:66:1b:b5:94:2d:30:43:73:f7:3c:e7:8e:cc:af: 5b:8c:ee:55:ae:c9:af:65:8f:4e:bf:85:f9:94:2d:9f:4b:2f: 00:8b:6e:e6:9d:7f:ef:f1:56:e9:53:77:a2:ec:39:cb:d0:1f: ed:fe:7d:5b:73:3e:db:b8:bf:a5:b5:f4:3f:a2:a1:6b:bb:3f: 24:a9:22:18:a4:e6:ac:6e:2d:e1:b0:d0:f0:09:e1:9e:17:5e: b4:b4:f1:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz95MV4KrsziFsOAQot1AMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYzY0YjA0ZmE4ZjVmZWU2ODY2ZjVjNzlmOGY3ZGNlYTUw MTI1MTUwHhcNMjUxMjA2MTQwMTE5WhcNMjUxMjA3MTQwMTE5WjAzMTEwLwYDVQQD EygzNzUzZDdjOWRiMjcyMDZmMjU0NDI3NzEzOTA2MTIwMzZkNTRhN2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNXmBu3cmq6n8fb3emBNmXrlB/zt q5guW6vNi+zp1B7lwz3X/3iPCzyiz8ZjGMD250ul7+TU2yZ+9couYBbfT48HfPgx tkuY7Gz+qN3epuzJwrjewSkrXzSVS+88+wc7Ipv8qUk7pA8UUcUDM+wMVFpJhBAx vwSMWzxTKlcXNqSI5SmOIJx05+oLlRo1WziAKmP8gUuTnY1Kn5uIBTtduDezzSm2 eyDZJHQODFrY6rlY0lWxwkOA0IBa8zXGn4T11l31a/uBkloqAe3WMpeMHlrnpNbR GHD/dgr4HhX5pMRzr2m3h8rFMFXmCUt3rdavC3LjGWCX7ZxMxbts2EubEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDdT18nbJyBvJUQncTkGEgNtVKffMB8GA1UdIwQY MBaAFGDGSwT6j1/uaGb1x5+Pfc6lASUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYt NjAxYTU4ZjYzMzkzLzEvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYtNjAxYTU4ZjYzMzkz LzEvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapKFCm2q jUNMyMpU2rJAO8b+uHf60DyrUpVTChg89KdxBi5zvEnfLa6mwubkiEN2CPFaahgl gb2rfl6uZ4G4DcBrmM40wk2rkOIFv1EVrLLip69vJb19EE7pasg28sIIgtyHUkvZ 60gxPwbJmyKVywCXpcq4KVcQmGXMuuxQSrYDd21zjq1v1FOtic0lSR3s9Tu1+HdN HHEeV8Cgile0W++g/H7YDmYbtZQtMENz9zznjsyvW4zuVa7Jr2WPTr+F+ZQtn0sv AItu5p1/7/FW6VN3ouw5y9Af7f59W3M+27i/pbX0P6Kha7s/JKkiGKTmrG4t4bDQ 8AnhnhdetLTxcg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:04:40 2025 by rpki-client