This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft File: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json) Hash identifier: u7fJcmTZ6xjcAD1E0rvWjahPp1vDszMJBHold6MEvYQ= Subject key identifier: 5A:8F:FB:63:03:64:7B:D2:44:BA:E3:F1:54:58:83:6A:AC:D5:87:28 Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 Certificate issuer: /CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Certificate serial: 019AF3F7D5FE799C72AFA0B1AAFF6F06D83D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 14:01:36 +0000 Manifest this update: Sat 06 Dec 2025 14:01:36 +0000 Manifest next update: Sun 07 Dec 2025 14:01:36 +0000 Files and hashes: 1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: +RM0O9B9trG9IorhzoEcHGZ95S+SRyZVmLlbf8ghPaE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:d5:fe:79:9c:72:af:a0:b1:aa:ff:6f:06:d8:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Validity Not Before: Dec 6 14:01:36 2025 GMT Not After : Dec 7 14:01:36 2025 GMT Subject: CN=5a8ffb6303647bd244bae3f15458836aacd58728 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1a:80:f4:d1:f7:e2:63:c3:d1:5e:8f:b2:4a: b6:79:ca:a0:29:40:c5:9b:60:d4:36:54:67:45:29: 16:cb:39:11:9f:f2:2c:8c:21:35:1b:94:88:23:3b: 5d:8b:45:14:62:4b:dd:ff:28:f3:54:5d:0c:45:8e: 08:03:59:92:31:36:52:e8:23:04:f9:fb:10:02:8f: 8e:ba:d4:84:eb:1a:61:1d:90:d0:6b:4c:73:dd:52: 49:08:24:a1:ed:0a:a6:32:e5:e9:01:99:96:21:84: 9e:1b:57:db:94:4d:44:0a:c3:2a:06:17:13:3a:22: 28:e5:07:eb:95:1a:b2:5e:2b:af:bb:fe:5f:e1:2c: 17:37:50:e6:b1:50:59:8a:d3:f0:92:94:e4:95:da: 57:07:4a:46:06:31:05:9a:c5:28:a4:2b:df:19:2f: f7:7c:a4:7c:36:1f:f6:82:5e:ce:27:99:85:3e:de: 8c:ca:c6:b4:d4:37:d4:d7:55:88:79:a0:f6:d8:37: 0b:95:e6:12:b2:10:82:99:6c:a1:38:86:f3:78:a3: e5:51:42:e8:c7:c8:05:1a:01:2d:86:6c:d7:69:7b: 6c:5f:b2:84:66:fa:c4:20:ba:3f:f3:fa:21:77:87: 0f:e2:eb:13:f2:0f:d0:ba:9e:4a:d4:39:a6:53:9a: f5:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:8F:FB:63:03:64:7B:D2:44:BA:E3:F1:54:58:83:6A:AC:D5:87:28 X509v3 Authority Key Identifier: keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:e5:04:e3:37:f5:59:ad:93:3e:ed:81:4c:07:0e:95:fd:77: 7a:a9:15:2b:10:2e:eb:df:4f:bc:25:e1:68:bb:94:75:4f:1b: 4c:13:2a:6f:74:a5:08:5b:ad:e5:d1:34:7a:7d:80:e5:ca:5b: 11:23:0a:19:74:f4:18:88:e6:9d:b9:cb:ab:4d:9a:bc:d9:60: 6e:ee:41:e9:2d:0c:42:32:3a:37:e5:75:fc:86:74:9b:3f:57: e2:95:27:fe:42:6b:db:2f:19:cf:1e:30:38:88:cf:50:6a:e5: f6:df:f3:5d:5b:3e:f1:4f:88:34:76:98:99:4a:fc:fa:ce:c9: da:9d:e0:93:7e:88:86:8f:df:fe:c2:f1:d7:92:83:07:df:93: 36:5d:98:f4:99:dd:29:dd:08:cb:5c:8c:71:15:0f:d9:2f:ad: 3c:93:ab:c5:89:25:7b:81:5c:b7:51:e3:01:f6:3e:80:00:38: cb:b9:0d:2e:8f:d4:f3:55:25:b5:10:25:d4:7f:02:8e:3f:ca: f6:e0:9b:e8:87:6a:ef:2a:aa:89:95:ec:17:ef:51:43:a4:2f: 36:4b:9a:03:d0:26:c8:83:85:86:ce:26:ef:3d:58:3c:55:c2: 6d:1f:35:85:58:0c:02:f7:aa:f8:e3:36:c5:59:98:7c:79:97: 1e:9c:c3:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz99X+eZxyr6Cxqv9vBtg9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw YWM1MzAwHhcNMjUxMjA2MTQwMTM2WhcNMjUxMjA3MTQwMTM2WjAzMTEwLwYDVQQD Eyg1YThmZmI2MzAzNjQ3YmQyNDRiYWUzZjE1NDU4ODM2YWFjZDU4NzI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxqA9NH34mPD0V6Pskq2ecqgKUDF m2DUNlRnRSkWyzkRn/IsjCE1G5SIIztdi0UUYkvd/yjzVF0MRY4IA1mSMTZS6CME +fsQAo+OutSE6xphHZDQa0xz3VJJCCSh7QqmMuXpAZmWIYSeG1fblE1ECsMqBhcT OiIo5QfrlRqyXiuvu/5f4SwXN1DmsVBZitPwkpTkldpXB0pGBjEFmsUopCvfGS/3 fKR8Nh/2gl7OJ5mFPt6Mysa01DfU11WIeaD22DcLleYSshCCmWyhOIbzeKPlUULo x8gFGgEthmzXaXtsX7KEZvrEILo/8/ohd4cP4usT8g/Qup5K1DmmU5r17wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFqP+2MDZHvSRLrj8VRYg2qs1YcoMB8GA1UdIwQY MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2 LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAauUE4zf1 Wa2TPu2BTAcOlf13eqkVKxAu699PvCXhaLuUdU8bTBMqb3SlCFut5dE0en2A5cpb ESMKGXT0GIjmnbnLq02avNlgbu5B6S0MQjI6N+V1/IZ0mz9X4pUn/kJr2y8Zzx4w OIjPUGrl9t/zXVs+8U+INHaYmUr8+s7J2p3gk36Iho/f/sLx15KDB9+TNl2Y9Jnd Kd0Iy1yMcRUP2S+tPJOrxYkle4Fct1HjAfY+gAA4y7kNLo/U81UltRAl1H8Cjj/K 9uCb6Idq7yqqiZXsF+9RQ6QvNkuaA9AmyIOFhs4m7z1YPFXCbR81hVgMAveq+OM2 xVmYfHmXHpzD0g== -----END CERTIFICATE-----Generated at Sat Dec 6 19:12:42 2025 by rpki-client