This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft File: y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json) Hash identifier: 43vcSY0FaWGNSd/gxPnmKBQ4TEg1X2+zLjdY91IT+JY= Subject key identifier: 7C:8D:B8:78:2E:F9:7B:60:6F:D7:1F:ED:68:52:DE:08:D2:7A:54:64 Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21 Certificate issuer: /CN=cbf9cd243ced6937b6bea57102814ff9ba426621 Certificate serial: 019AF19B8F652DBA6203F7EDED7C9589B4F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 03:01:35 +0000 Manifest this update: Sat 06 Dec 2025 03:01:35 +0000 Manifest next update: Sun 07 Dec 2025 03:01:35 +0000 Files and hashes: 1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: 5JYVyRcfkQui1oBucsllk3vH00kIvS1r0YXegJul818=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:8f:65:2d:ba:62:03:f7:ed:ed:7c:95:89:b4:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621 Validity Not Before: Dec 6 03:01:35 2025 GMT Not After : Dec 7 03:01:35 2025 GMT Subject: CN=7c8db8782ef97b606fd71fed6852de08d27a5464 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:b5:83:25:76:9b:e2:77:30:fd:18:cd:c6:b1: d8:44:9d:12:6d:b7:ca:d1:97:ae:04:72:0d:ad:d3: 9c:cf:17:e5:02:1a:45:c1:f6:c7:d7:52:3a:a5:2a: 06:5b:d2:69:7d:a8:23:6c:40:8f:24:74:29:7e:b3: 30:b2:a0:62:88:12:fc:3d:6f:b8:62:25:6d:3f:e1: c7:f4:0a:93:17:30:34:b5:15:41:b0:ab:f6:89:00: 3d:3e:13:a9:7e:92:95:85:ce:a5:ce:8b:26:20:bf: b7:a6:67:74:bf:14:dc:a6:bb:d9:63:d9:28:be:99: 65:bb:1c:9a:ec:3a:b0:ff:ac:fe:8e:37:85:55:a1: 14:b1:e5:7c:46:d2:fc:a4:56:48:59:a3:31:a2:d2: 9d:6c:99:2e:49:e6:68:74:3d:2c:cb:2a:2f:54:14: 8f:53:54:c0:17:9c:db:40:3d:c6:13:5d:85:82:30: 23:3b:59:fb:ba:20:8e:f5:74:92:d1:f9:ac:d0:ec: 55:5a:6f:5a:0e:81:39:f7:0a:df:c8:9d:70:09:4e: f6:92:be:5e:9a:3c:79:2b:e4:67:26:3c:ba:60:a2: c7:80:b0:e3:6e:aa:8b:44:45:93:23:e5:a0:09:fa: 6f:7e:2d:49:f1:98:64:1c:25:06:9d:36:12:ec:2c: 04:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:8D:B8:78:2E:F9:7B:60:6F:D7:1F:ED:68:52:DE:08:D2:7A:54:64 X509v3 Authority Key Identifier: keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:e5:69:b5:42:f3:bf:ac:20:f5:ce:2f:a1:94:72:a2:19:52: ac:ed:59:88:ce:1d:f6:0a:7f:14:84:55:c8:8e:70:22:2e:18: dc:b4:a4:4e:57:c0:2c:72:b4:79:fd:ed:22:e6:98:e0:fc:df: 31:62:0f:65:9a:d0:65:8d:98:0a:b0:da:65:a3:3d:25:59:e4: e5:c0:e3:e0:1b:00:d6:64:c0:b9:71:9f:a7:14:5d:a2:b7:64: da:ac:35:6a:1e:be:e1:ae:66:f5:40:9d:2a:d6:a8:78:ac:d8: 12:46:77:eb:7d:51:8c:81:06:1f:ba:74:fc:8f:60:b7:43:cc: 85:c9:31:ab:09:e6:e0:72:49:70:84:3c:ef:e8:91:3c:ba:81: ab:13:c4:e3:2a:e3:f0:66:c8:76:88:8b:29:f4:99:5a:49:23: 9d:94:87:3d:74:b0:2d:6a:fd:c3:d4:a8:9a:d8:d5:00:ea:5d: 2f:b2:23:87:25:2e:94:58:60:cb:5b:7e:16:a3:75:3e:db:92: 3b:2f:37:77:1e:59:b7:32:ca:c6:79:15:a7:2b:69:72:f5:16: 92:a9:07:b6:32:d2:a9:80:bd:9e:0d:b2:84:f5:34:e1:fb:3c: bb:8c:e8:fa:50:04:16:8d:90:33:fd:80:43:4a:10:f1:94:5d: af:aa:28:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm49lLbpiA/ft7XyVibT2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0 MjY2MjEwHhcNMjUxMjA2MDMwMTM1WhcNMjUxMjA3MDMwMTM1WjAzMTEwLwYDVQQD Eyg3YzhkYjg3ODJlZjk3YjYwNmZkNzFmZWQ2ODUyZGUwOGQyN2E1NDY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37WDJXab4ncw/RjNxrHYRJ0SbbfK 0ZeuBHINrdOczxflAhpFwfbH11I6pSoGW9JpfagjbECPJHQpfrMwsqBiiBL8PW+4 YiVtP+HH9AqTFzA0tRVBsKv2iQA9PhOpfpKVhc6lzosmIL+3pmd0vxTcprvZY9ko vplluxya7Dqw/6z+jjeFVaEUseV8RtL8pFZIWaMxotKdbJkuSeZodD0syyovVBSP U1TAF5zbQD3GE12FgjAjO1n7uiCO9XSS0fms0OxVWm9aDoE59wrfyJ1wCU72kr5e mjx5K+RnJjy6YKLHgLDjbqqLREWTI+WgCfpvfi1J8ZhkHCUGnTYS7CwE3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHyNuHgu+Xtgb9cf7WhS3gjSelRkMB8GA1UdIwQY MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANuVptULz v6wg9c4voZRyohlSrO1ZiM4d9gp/FIRVyI5wIi4Y3LSkTlfALHK0ef3tIuaY4Pzf MWIPZZrQZY2YCrDaZaM9JVnk5cDj4BsA1mTAuXGfpxRdordk2qw1ah6+4a5m9UCd KtaoeKzYEkZ3631RjIEGH7p0/I9gt0PMhckxqwnm4HJJcIQ87+iRPLqBqxPE4yrj 8GbIdoiLKfSZWkkjnZSHPXSwLWr9w9SomtjVAOpdL7IjhyUulFhgy1t+FqN1PtuS Oy83dx5ZtzLKxnkVpytpcvUWkqkHtjLSqYC9ng2yhPU04fs8u4zo+lAEFo2QM/2A Q0oQ8ZRdr6ooFg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:15 2025 by rpki-client