This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft File: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json) Hash identifier: PFdLhopJ1DRvWyVxHYfWe45Cqir53C9gg79dATpSXg8= Subject key identifier: CA:57:43:7B:0D:C0:ED:1A:61:ED:C7:08:50:B1:E2:BC:1B:74:4F:81 Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9 Certificate issuer: /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9 Certificate serial: 019AF1D2547BAC324C1147C34AF01343179D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 04:01:24 +0000 Manifest this update: Sat 06 Dec 2025 04:01:24 +0000 Manifest next update: Sun 07 Dec 2025 04:01:24 +0000 Files and hashes: 1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: xcTRck9elSsKW6WwXl/CQlMdinlE9EZrO80ms6dEXiQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:54:7b:ac:32:4c:11:47:c3:4a:f0:13:43:17:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9 Validity Not Before: Dec 6 04:01:24 2025 GMT Not After : Dec 7 04:01:24 2025 GMT Subject: CN=ca57437b0dc0ed1a61edc70850b1e2bc1b744f81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:00:0a:5d:c6:35:f3:27:28:e7:c7:58:16:b0: 7f:a6:f9:d4:5e:7a:8a:f8:53:d8:0a:75:b8:98:3a: 81:80:cb:26:e1:bc:16:2e:3c:34:f9:cd:83:0b:0f: b5:aa:ec:9e:53:9d:72:ce:a0:e6:00:6d:fe:78:84: bb:8a:c8:27:79:dd:54:32:b5:e8:77:52:60:94:66: af:58:46:af:a4:9d:a1:27:99:0d:b9:09:34:32:77: 9f:91:1f:1d:9b:d3:47:20:9e:07:c0:b5:4f:f6:c9: b9:5f:05:cd:fe:5a:32:28:c4:1a:10:88:aa:23:a1: 1a:0e:5f:54:e1:cc:11:f3:1b:8e:98:58:8d:40:67: 72:25:ec:97:c5:02:61:06:f5:da:2b:31:35:2d:83: 02:8b:e6:16:e0:c2:d5:95:cd:4c:d5:12:51:c0:ad: 56:14:fb:0e:65:d1:1c:c4:b3:96:73:0c:1d:a4:ac: 54:12:78:30:7d:82:01:aa:53:02:d9:08:27:ef:f3: d4:46:6e:d5:46:c6:3f:1a:b9:2b:c9:1d:5c:d9:69: b9:9f:20:97:76:0d:f9:3c:98:9c:4d:06:6c:68:77: ed:f9:c0:53:89:c0:15:2a:98:09:93:a9:c1:de:fb: 2f:dd:1b:fd:bc:be:0c:d2:f1:a5:24:9e:90:94:c8: 63:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:57:43:7B:0D:C0:ED:1A:61:ED:C7:08:50:B1:E2:BC:1B:74:4F:81 X509v3 Authority Key Identifier: keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:c0:77:e7:1b:b3:01:0f:8c:25:5c:87:9f:a1:d7:6e:c7:20: bf:e9:4f:bb:23:2c:00:78:a6:db:61:7d:b5:7d:a2:b6:1c:11: f5:0a:f6:07:71:cd:0e:38:df:95:55:2a:8c:c5:fe:a4:fd:33: 4b:ae:72:c9:45:e4:2d:c6:1d:e6:61:5f:6f:fc:39:4f:be:b0: bd:79:73:11:77:0e:d9:b6:a8:98:28:48:82:2d:39:2f:02:58: 47:eb:a6:f3:24:23:a8:3f:61:b3:47:ec:ed:83:d4:48:ce:ab: 16:c8:e7:29:e9:53:0e:4f:25:51:44:6f:1f:13:2b:21:d2:f4: 25:44:17:57:e9:17:2b:df:e3:43:3a:7c:9d:1c:d0:7d:7c:d9: bb:8e:b8:28:16:88:94:fe:36:b3:35:70:59:a2:9b:d8:2f:4d: 63:ad:ac:76:2a:22:f7:09:81:39:d9:c7:bc:e6:b0:f0:05:86: c0:d5:77:17:78:34:36:4a:86:91:e7:51:5e:2d:b5:b2:68:69: 7f:d8:9f:e6:3d:ec:5d:f9:8c:20:41:29:1e:04:45:dc:57:23: 99:ac:8a:55:90:62:51:fa:43:08:01:89:ce:01:6a:26:de:6c: d1:c0:66:0d:b2:5d:f7:8f:28:1e:cb:23:89:25:fe:7b:74:dc: f7:51:74:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0lR7rDJMEUfDSvATQxedMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4 YTlhZTkwHhcNMjUxMjA2MDQwMTI0WhcNMjUxMjA3MDQwMTI0WjAzMTEwLwYDVQQD EyhjYTU3NDM3YjBkYzBlZDFhNjFlZGM3MDg1MGIxZTJiYzFiNzQ0ZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAAKXcY18yco58dYFrB/pvnUXnqK +FPYCnW4mDqBgMsm4bwWLjw0+c2DCw+1quyeU51yzqDmAG3+eIS7isgned1UMrXo d1JglGavWEavpJ2hJ5kNuQk0MnefkR8dm9NHIJ4HwLVP9sm5XwXN/loyKMQaEIiq I6EaDl9U4cwR8xuOmFiNQGdyJeyXxQJhBvXaKzE1LYMCi+YW4MLVlc1M1RJRwK1W FPsOZdEcxLOWcwwdpKxUEngwfYIBqlMC2Qgn7/PURm7VRsY/GrkryR1c2Wm5nyCX dg35PJicTQZsaHft+cBTicAVKpgJk6nB3vsv3Rv9vL4M0vGlJJ6QlMhj4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMpXQ3sNwO0aYe3HCFCx4rwbdE+BMB8GA1UdIwQY MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1 LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnsB35xuz AQ+MJVyHn6HXbscgv+lPuyMsAHim22F9tX2ithwR9Qr2B3HNDjjflVUqjMX+pP0z S65yyUXkLcYd5mFfb/w5T76wvXlzEXcO2baomChIgi05LwJYR+um8yQjqD9hs0fs 7YPUSM6rFsjnKelTDk8lUURvHxMrIdL0JUQXV+kXK9/jQzp8nRzQfXzZu464KBaI lP42szVwWaKb2C9NY62sdioi9wmBOdnHvOaw8AWGwNV3F3g0NkqGkedRXi21smhp f9if5j3sXfmMIEEpHgRF3FcjmayKVZBiUfpDCAGJzgFqJt5s0cBmDbJd948oHssj iSX+e3Tc91F0uA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:29:18 2025 by rpki-client