This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft File: YxB3zMSCuRtFmfUslKiJABOSSf8.mft (raw, json) Hash identifier: iRk36EsOa+OV4daKIMnimyDXDkFZUwqjWSwA1RIyjk0= Subject key identifier: 5B:8C:EC:58:68:D8:F5:F3:9D:BA:60:A6:EE:EF:0E:21:C1:5F:7F:6F Authority key identifier: 63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF Certificate issuer: /CN=631077ccc482b91b4599f52c94a88900139249ff Certificate serial: 019AF2097BD383972E1971828A812F9A0F67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft Manifest number: 01DA Signing time: Sat 06 Dec 2025 05:01:38 +0000 Manifest this update: Sat 06 Dec 2025 05:01:38 +0000 Manifest next update: Sun 07 Dec 2025 05:01:38 +0000 Files and hashes: 1: YxB3zMSCuRtFmfUslKiJABOSSf8.crl (hash: GuQi9lT8dBlCpeN9Dfe3Fl/gP4mBv8xvqI0bQVyd41s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:7b:d3:83:97:2e:19:71:82:8a:81:2f:9a:0f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=631077ccc482b91b4599f52c94a88900139249ff Validity Not Before: Dec 6 05:01:38 2025 GMT Not After : Dec 7 05:01:38 2025 GMT Subject: CN=5b8cec5868d8f5f39dba60a6eeef0e21c15f7f6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c2:d4:d2:0a:d6:a2:1b:14:05:b6:69:99:e8: ba:4a:f5:39:c4:da:16:15:59:09:25:17:ae:e6:57: f2:1a:43:6b:93:06:a3:40:e0:e2:4b:a4:32:6c:7c: ef:c5:33:4d:8a:f1:c0:1c:94:cf:00:6d:b7:a3:66: 75:eb:d6:c8:e3:72:9f:51:eb:28:00:f9:e5:60:61: 04:29:71:0d:6e:74:84:6e:80:fc:b8:20:ce:0f:24: 72:2e:7f:82:fa:41:ef:ac:88:00:94:f2:2a:1c:81: bb:2d:18:47:67:23:c0:2e:ee:10:a2:10:22:6c:9c: 65:f0:0d:cc:da:97:99:c5:15:c1:4a:52:e7:d0:45: a4:27:fe:fc:11:bb:c0:a0:65:29:86:ea:62:08:da: 63:bd:e0:2f:62:35:44:58:df:34:1c:46:81:a2:33: 03:79:5b:62:d3:e7:8e:78:52:ad:59:c1:0f:d9:94: 41:ac:88:c0:d5:47:49:d0:c0:ce:33:15:c5:c6:94: 2b:fd:25:a3:52:e7:6f:6c:86:3f:20:5a:10:57:57: 05:de:c7:c2:a5:e4:16:d9:58:3e:10:a0:78:4a:40: 8b:01:28:76:b0:1b:2b:41:4d:84:31:7f:53:de:d0: b4:f1:93:5e:9b:5c:48:f2:8a:e9:d5:b9:09:73:74: e1:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:8C:EC:58:68:D8:F5:F3:9D:BA:60:A6:EE:EF:0E:21:C1:5F:7F:6F X509v3 Authority Key Identifier: keyid:63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:d6:6c:97:b9:2c:8d:43:fd:9a:bf:64:a3:43:39:6f:95:7e: 5c:83:29:22:4b:d9:07:4c:ab:ef:09:3f:e9:f7:c7:3e:a9:d0: f6:5c:8c:96:43:70:3f:65:0d:23:da:82:3f:ae:68:c9:2a:6b: 81:70:e5:5b:d1:05:44:76:6a:b1:ca:2a:90:fb:91:5b:44:f0: b9:33:34:47:1d:cf:5f:b8:4e:15:92:7d:ce:cd:d0:07:1b:14: c6:05:16:3c:1b:95:72:dc:2a:ca:30:e6:98:fa:3f:eb:f2:f1: ff:99:6f:52:10:da:40:c1:32:26:ba:5b:e3:df:be:d2:71:8b: fd:ce:3b:38:6d:99:23:9a:be:15:ac:e9:62:b9:5b:a1:e9:bf: a4:46:f8:0e:73:33:a3:ad:dd:24:7b:e4:f3:0a:01:8b:cc:26: b2:5e:a3:cf:31:a3:10:7d:46:a1:43:38:45:37:bb:be:bc:a1: cf:e6:d7:b4:83:97:42:96:46:b7:44:3c:53:d1:a8:cd:0f:bb: f7:5b:a3:79:4d:b6:80:83:a7:1b:fc:1e:b8:18:8f:4e:b7:5e: 32:8f:21:86:90:37:24:a6:f9:13:68:ee:ce:95:b6:53:5d:f8: 9c:57:ee:1f:7e:d5:fe:df:c6:f9:20:6f:8b:fe:0a:56:47:7a: 07:e1:d4:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCXvTg5cuGXGCioEvmg9nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzMTA3N2NjYzQ4MmI5MWI0NTk5ZjUyYzk0YTg4OTAwMTM5 MjQ5ZmYwHhcNMjUxMjA2MDUwMTM4WhcNMjUxMjA3MDUwMTM4WjAzMTEwLwYDVQQD Eyg1YjhjZWM1ODY4ZDhmNWYzOWRiYTYwYTZlZWVmMGUyMWMxNWY3ZjZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMLU0grWohsUBbZpmei6SvU5xNoW FVkJJReu5lfyGkNrkwajQODiS6QybHzvxTNNivHAHJTPAG23o2Z169bI43KfUeso APnlYGEEKXENbnSEboD8uCDODyRyLn+C+kHvrIgAlPIqHIG7LRhHZyPALu4QohAi bJxl8A3M2peZxRXBSlLn0EWkJ/78EbvAoGUphupiCNpjveAvYjVEWN80HEaBojMD eVti0+eOeFKtWcEP2ZRBrIjA1UdJ0MDOMxXFxpQr/SWjUudvbIY/IFoQV1cF3sfC peQW2Vg+EKB4SkCLASh2sBsrQU2EMX9T3tC08ZNem1xI8orp1bkJc3ThCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFuM7Fho2PXznbpgpu7vDiHBX39vMB8GA1UdIwQY MBaAFGMQd8zEgrkbRZn1LJSoiQATkkn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3Njgt ODA0Yjc2MGRkODc5LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3NjgtODA0Yjc2MGRkODc5 LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArtZsl7ks jUP9mr9ko0M5b5V+XIMpIkvZB0yr7wk/6ffHPqnQ9lyMlkNwP2UNI9qCP65oySpr gXDlW9EFRHZqscoqkPuRW0TwuTM0Rx3PX7hOFZJ9zs3QBxsUxgUWPBuVctwqyjDm mPo/6/Lx/5lvUhDaQMEyJrpb49++0nGL/c47OG2ZI5q+FazpYrlboem/pEb4DnMz o63dJHvk8woBi8wmsl6jzzGjEH1GoUM4RTe7vryhz+bXtIOXQpZGt0Q8U9GozQ+7 91ujeU22gIOnG/weuBiPTrdeMo8hhpA3JKb5E2juzpW2U134nFfuH37V/t/G+SBv i/4KVkd6B+HUEw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:53:39 2025 by rpki-client