This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft File: YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json) Hash identifier: cTQIkPT4w7V//CfgQeLEfmqNlJKcR2wbKmiPXZKkXOs= Subject key identifier: B1:11:FD:F5:BD:64:7D:10:78:BC:D6:B4:28:A9:4C:5E:44:CE:E9:5D Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC Certificate issuer: /CN=60f31d820c32400dec0c60496178994d57752acc Certificate serial: 019AF12E9F0C4E032F918F287D02D170B91E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:02:35 +0000 Manifest this update: Sat 06 Dec 2025 01:02:35 +0000 Manifest next update: Sun 07 Dec 2025 01:02:35 +0000 Files and hashes: 1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: eP9588/w5/5E4khYQi5oxftw797hobliW7EX6uJ+0RM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:9f:0c:4e:03:2f:91:8f:28:7d:02:d1:70:b9:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60f31d820c32400dec0c60496178994d57752acc Validity Not Before: Dec 6 01:02:35 2025 GMT Not After : Dec 7 01:02:35 2025 GMT Subject: CN=b111fdf5bd647d1078bcd6b428a94c5e44cee95d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:59:3a:ea:0b:0c:49:37:4b:2a:88:da:74:b9: d2:e5:54:7e:eb:68:49:3a:8a:f1:6a:c5:e8:12:43: 9c:32:94:bc:ca:b4:53:b9:49:a5:91:d3:f5:d0:45: ce:54:5e:a0:c7:7e:1a:b4:b0:71:fe:44:6c:94:33: 60:5c:e7:c8:ff:22:88:81:14:03:01:57:a1:bd:ee: f3:35:4a:69:8e:9e:a5:da:3a:2e:39:20:2a:9d:73: 5b:aa:98:6a:1f:e1:21:f6:d8:ea:18:30:5a:97:c3: 6e:35:a0:9b:dc:7a:61:1f:17:3b:98:9f:67:1d:7e: c0:85:50:40:33:1a:8d:5b:99:f0:83:8b:eb:aa:2f: 49:05:92:d8:51:c6:e6:e4:24:26:d1:64:0c:3f:4b: 4b:c1:e2:01:37:f4:08:f3:21:64:97:5d:fd:a1:b9: 06:37:58:38:91:c2:8f:aa:71:a7:0d:a9:6a:33:48: 59:85:b6:d9:b7:41:c8:4f:00:0f:a0:8b:c6:a4:84: 67:fb:0f:4a:03:dc:de:96:be:b6:aa:20:5f:35:d1: 62:d2:c3:e2:7b:83:f5:c7:89:1d:fb:85:5c:33:46: 70:1a:c5:78:10:72:4b:2c:a7:f4:1a:3a:37:42:56: c6:1f:3c:53:33:6c:4c:c1:19:06:2e:40:14:e3:29: 10:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:11:FD:F5:BD:64:7D:10:78:BC:D6:B4:28:A9:4C:5E:44:CE:E9:5D X509v3 Authority Key Identifier: keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:74:f8:b1:e2:13:66:21:ab:9b:9f:90:85:7b:b2:08:28:d3: 67:08:1a:74:4f:de:db:de:eb:0f:15:af:72:d1:f3:11:75:f2: 2c:0a:0a:51:bc:21:de:23:19:9c:21:0c:44:26:28:91:ed:e9: 1b:68:27:f7:4f:ab:a3:84:63:77:fa:d7:87:c3:2e:7d:08:bf: 24:9c:76:51:1b:7c:1a:48:e2:94:8d:64:6e:61:f6:2f:cf:f6: a4:3b:e6:2a:8f:eb:3c:45:91:78:08:0c:37:2e:1a:17:a7:05: d9:b7:86:b6:23:21:e9:49:cb:05:87:b3:d4:39:ad:32:07:f1: b6:74:26:53:51:46:74:ed:07:41:c7:b3:ab:bd:e5:a1:39:16: 81:65:84:3d:ac:8d:6f:4f:ed:6c:75:80:de:1a:57:da:5c:ee: 15:cd:48:0a:2b:60:0f:55:46:42:56:a9:81:c0:a8:b0:85:d9: 70:ab:e5:16:d9:97:25:38:0d:71:c4:0d:fe:e3:b4:18:1d:b1: 62:a0:79:79:54:79:47:00:05:56:30:03:f0:35:a5:99:2a:1b: d3:70:c0:8a:2c:96:6b:27:14:41:12:4b:5f:75:c0:29:88:83: 1e:c4:ef:fc:7a:eb:b8:97:b4:f9:c6:86:8b:a3:0f:05:fb:3d: fa:23:1c:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLp8MTgMvkY8ofQLRcLkeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3 NTJhY2MwHhcNMjUxMjA2MDEwMjM1WhcNMjUxMjA3MDEwMjM1WjAzMTEwLwYDVQQD EyhiMTExZmRmNWJkNjQ3ZDEwNzhiY2Q2YjQyOGE5NGM1ZTQ0Y2VlOTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Vk66gsMSTdLKojadLnS5VR+62hJ OorxasXoEkOcMpS8yrRTuUmlkdP10EXOVF6gx34atLBx/kRslDNgXOfI/yKIgRQD AVehve7zNUppjp6l2jouOSAqnXNbqphqH+Eh9tjqGDBal8NuNaCb3HphHxc7mJ9n HX7AhVBAMxqNW5nwg4vrqi9JBZLYUcbm5CQm0WQMP0tLweIBN/QI8yFkl139obkG N1g4kcKPqnGnDalqM0hZhbbZt0HITwAPoIvGpIRn+w9KA9zelr62qiBfNdFi0sPi e4P1x4kd+4VcM0ZwGsV4EHJLLKf0Gjo3QlbGHzxTM2xMwRkGLkAU4ykQCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLER/fW9ZH0QeLzWtCipTF5EzuldMB8GA1UdIwQY MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknT4seIT ZiGrm5+QhXuyCCjTZwgadE/e297rDxWvctHzEXXyLAoKUbwh3iMZnCEMRCYoke3p G2gn90+ro4Rjd/rXh8MufQi/JJx2URt8GkjilI1kbmH2L8/2pDvmKo/rPEWReAgM Ny4aF6cF2beGtiMh6UnLBYez1DmtMgfxtnQmU1FGdO0HQcezq73loTkWgWWEPayN b0/tbHWA3hpX2lzuFc1ICitgD1VGQlapgcCosIXZcKvlFtmXJTgNccQN/uO0GB2x YqB5eVR5RwAFVjAD8DWlmSob03DAiiyWaycUQRJLX3XAKYiDHsTv/HrruJe0+caG i6MPBfs9+iMcLg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:43:32 2025 by rpki-client