This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft File: y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json) Hash identifier: CtsE08g+QrnucmU5/mROUANVxso+DpbUJQpo4e9kDqc= Subject key identifier: 94:94:92:6D:EA:3C:11:CD:97:10:70:C4:68:8F:06:B5:EE:7F:62:68 Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D Certificate issuer: /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d Certificate serial: 019AF2090812CD26FDCBCA6D8282BF73F01E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft Manifest number: 0E09 Signing time: Sat 06 Dec 2025 05:01:09 +0000 Manifest this update: Sat 06 Dec 2025 05:01:09 +0000 Manifest next update: Sun 07 Dec 2025 05:01:09 +0000 Files and hashes: 1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: eEn6UucNlb++cDQqWQweQZ+wajaRXNckC8YkYDzRWT0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:08:12:cd:26:fd:cb:ca:6d:82:82:bf:73:f0:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d Validity Not Before: Dec 6 05:01:09 2025 GMT Not After : Dec 7 05:01:09 2025 GMT Subject: CN=9494926dea3c11cd971070c4688f06b5ee7f6268 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ed:de:48:db:5d:9b:b7:c4:75:5d:17:fd:b5: 76:9b:22:38:33:71:39:90:de:8c:aa:40:94:9f:55: e4:e6:4d:97:f5:95:d8:fc:8d:15:42:2f:85:8f:97: 49:f0:cb:5f:35:57:ff:bd:95:f1:a8:f6:5a:2e:b6: b3:b3:52:23:09:9a:67:38:b1:0a:58:f3:e0:ea:5f: 0d:5e:67:21:a8:6e:bd:41:55:0b:7e:0a:d5:19:8e: 44:1a:e5:cb:d0:91:dc:70:f9:14:ec:94:1c:cf:9c: 22:3b:e5:b4:ef:0d:38:6a:d3:d9:79:13:d8:76:72: af:4f:39:9a:41:ca:4b:60:69:cd:cd:9b:6e:74:cc: c8:ce:8f:d6:6a:81:30:77:f9:30:d2:1b:8b:e0:7a: db:85:c6:3b:f5:5b:b7:84:23:f0:e9:f1:ae:95:65: 7b:74:88:0a:98:0f:93:ea:13:cd:8b:30:d4:04:99: c1:74:85:1e:16:38:c3:04:73:64:fd:e1:ac:31:33: a3:e2:13:5e:32:28:26:f2:b1:a4:b8:1b:45:a6:a5: 4a:bb:01:71:66:ba:de:3b:6e:c9:fb:ef:47:14:9b: a3:3d:6a:72:ab:86:b3:52:fc:5d:c5:fd:09:87:c4: d7:db:9c:89:c7:35:90:42:7f:93:f5:48:80:00:53: 77:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:94:92:6D:EA:3C:11:CD:97:10:70:C4:68:8F:06:B5:EE:7F:62:68 X509v3 Authority Key Identifier: keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:d3:fd:0e:1e:55:66:6f:29:8e:71:4a:95:50:3e:92:ae:97: b7:f6:86:7e:4b:90:a4:da:de:6f:b5:ea:88:c6:09:c8:f4:0c: 03:5b:84:08:ae:28:6d:0b:78:fd:46:47:65:46:31:67:d9:13: 13:cb:73:d8:d5:b3:20:eb:8e:5e:e8:fa:48:2b:70:df:4b:c9: 47:e8:e6:2e:65:c3:c9:64:4b:96:97:1d:c4:fc:c9:d3:68:45: 2e:53:69:47:7d:d9:5f:00:a3:cd:0f:99:76:fd:32:28:85:82: 68:f2:47:e9:eb:70:78:ea:cc:5d:77:2f:b6:d6:87:77:f7:d8: ff:84:0a:ed:a2:f6:de:cc:cd:66:5f:40:59:4c:bb:bc:36:99: 70:d5:34:2c:80:73:78:c9:6d:27:0b:07:5d:25:27:1c:4b:a2: d3:e2:a7:1d:c2:34:ef:dc:a2:a6:97:6f:28:27:b5:f0:f0:8c: b0:73:fa:fb:71:6a:13:d2:dd:4d:3e:ce:56:34:d3:c7:0d:de: 10:a5:d9:5f:80:b3:62:c2:15:5a:42:db:1c:37:f8:a9:b8:9f: 57:95:0f:55:6d:ff:f8:b4:2c:a4:8b:d9:6a:b2:13:35:d0:82: 34:c3:dd:e1:e7:ed:13:90:2f:ed:79:84:aa:2d:c5:e9:dc:94: f8:99:f4:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCQgSzSb9y8ptgoK/c/AeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0 ZDI2M2QwHhcNMjUxMjA2MDUwMTA5WhcNMjUxMjA3MDUwMTA5WjAzMTEwLwYDVQQD Eyg5NDk0OTI2ZGVhM2MxMWNkOTcxMDcwYzQ2ODhmMDZiNWVlN2Y2MjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO3eSNtdm7fEdV0X/bV2myI4M3E5 kN6MqkCUn1Xk5k2X9ZXY/I0VQi+Fj5dJ8MtfNVf/vZXxqPZaLrazs1IjCZpnOLEK WPPg6l8NXmchqG69QVULfgrVGY5EGuXL0JHccPkU7JQcz5wiO+W07w04atPZeRPY dnKvTzmaQcpLYGnNzZtudMzIzo/WaoEwd/kw0huL4HrbhcY79Vu3hCPw6fGulWV7 dIgKmA+T6hPNizDUBJnBdIUeFjjDBHNk/eGsMTOj4hNeMigm8rGkuBtFpqVKuwFx ZrreO27J++9HFJujPWpyq4azUvxdxf0Jh8TX25yJxzWQQn+T9UiAAFN3twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJSUkm3qPBHNlxBwxGiPBrXuf2JoMB8GA1UdIwQY MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAINP9Dh5V Zm8pjnFKlVA+kq6Xt/aGfkuQpNreb7XqiMYJyPQMA1uECK4obQt4/UZHZUYxZ9kT E8tz2NWzIOuOXuj6SCtw30vJR+jmLmXDyWRLlpcdxPzJ02hFLlNpR33ZXwCjzQ+Z dv0yKIWCaPJH6etweOrMXXcvttaHd/fY/4QK7aL23szNZl9AWUy7vDaZcNU0LIBz eMltJwsHXSUnHEui0+KnHcI079yippdvKCe18PCMsHP6+3FqE9LdTT7OVjTTxw3e EKXZX4CzYsIVWkLbHDf4qbifV5UPVW3/+LQspIvZarITNdCCNMPd4eftE5Av7XmE qi3F6dyU+Jn0Mw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:12 2025 by rpki-client