This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.mft File: YdnzrFCGTRj_Jokzx04qia7GEJ0.mft (raw, json) Hash identifier: DOkGJVtiwAu2YohOyHfGJ4Q6JSb3ywEN/HMYWkZ0yqg= Subject key identifier: 00:87:A3:7D:BF:32:5A:BD:66:E3:DE:B2:B9:F8:92:9E:A4:FE:B2:E5 Authority key identifier: 61:D9:F3:AC:50:86:4D:18:FF:26:89:33:C7:4E:2A:89:AE:C6:10:9D Certificate issuer: /CN=61d9f3ac50864d18ff268933c74e2a89aec6109d Certificate serial: 019AF12DEF4FDE86B7F6B6E74C0E52807ADA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdnzrFCGTRj_Jokzx04qia7GEJ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.mft Manifest number: 049C Signing time: Sat 06 Dec 2025 01:01:50 +0000 Manifest this update: Sat 06 Dec 2025 01:01:50 +0000 Manifest next update: Sun 07 Dec 2025 01:01:50 +0000 Files and hashes: 1: Q0gUuxATATDf6JEQ9fzt1u3IZsc.roa (hash: 3y/S39XmNPx0DoVA3l0EHWQrU4S+Z88s+G6ph2XRAwc=) 2: YdnzrFCGTRj_Jokzx04qia7GEJ0.crl (hash: bga0Z+EM4e35fnGjhFr0CUFkNYr+eXPol5ucc7yj4vM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.crl rsync://rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.mft rsync://rpki.ripe.net/repository/DEFAULT/YdnzrFCGTRj_Jokzx04qia7GEJ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ef:4f:de:86:b7:f6:b6:e7:4c:0e:52:80:7a:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61d9f3ac50864d18ff268933c74e2a89aec6109d Validity Not Before: Dec 6 01:01:50 2025 GMT Not After : Dec 7 01:01:50 2025 GMT Subject: CN=0087a37dbf325abd66e3deb2b9f8929ea4feb2e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:e6:3b:f4:16:54:14:4e:9d:7a:2d:6e:8e:80: b0:db:75:5d:34:0f:e3:00:4d:ca:aa:6e:76:6e:92: 02:1c:dc:05:00:46:06:6f:f9:fe:1a:8d:b7:a6:05: b9:58:93:1c:61:f9:fd:27:5f:a8:90:ec:fb:ff:38: 20:6c:61:e6:2c:a4:07:09:c3:3f:20:81:54:69:6d: 86:ce:db:29:91:54:56:67:c7:8a:c9:8d:c4:bd:0f: 2f:52:0f:ca:4e:6a:52:11:e3:eb:9a:20:1a:42:95: 4c:68:ed:18:b7:53:1f:8a:55:3b:33:6b:c1:bc:6d: 98:e0:d5:c0:15:11:00:a2:c7:6d:84:10:71:f3:01: 59:ae:05:64:89:f6:e6:f6:23:6a:6f:58:2d:23:12: 8d:73:22:34:c5:b0:2d:9a:cd:b8:d1:27:68:d9:8f: 0e:3a:9c:aa:4e:1f:60:56:6c:80:90:0c:6c:84:93: 14:61:6b:15:8e:ef:65:f2:15:de:4b:f0:91:ea:a7: 50:5f:e3:45:99:ce:01:1c:9c:7b:41:2a:b5:c9:d8: 48:3c:93:6c:25:72:36:f9:eb:3e:9c:88:37:90:f8: 5e:67:08:bb:ca:bc:aa:d0:14:59:e3:14:a7:66:87: 3c:a3:06:57:43:46:6c:58:20:a2:d5:ce:6f:e2:84: 38:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:87:A3:7D:BF:32:5A:BD:66:E3:DE:B2:B9:F8:92:9E:A4:FE:B2:E5 X509v3 Authority Key Identifier: keyid:61:D9:F3:AC:50:86:4D:18:FF:26:89:33:C7:4E:2A:89:AE:C6:10:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdnzrFCGTRj_Jokzx04qia7GEJ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/32c807-30ae-4b22-905f-dc33eaa10d28/1/YdnzrFCGTRj_Jokzx04qia7GEJ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:11:15:7e:eb:15:29:55:4f:fb:3a:28:df:47:6d:79:f9:63: 11:81:bd:dd:c4:8c:a5:62:8a:52:d3:e6:14:fe:fa:d5:08:92: 38:22:b3:8b:72:98:d8:6d:3a:0c:2c:05:90:73:cd:af:35:76: 98:3b:da:06:fd:e7:1b:6f:46:88:eb:c9:95:90:3c:4c:b8:c9: 7c:df:6a:b3:de:2d:47:25:0b:72:d2:b5:7d:2c:f2:27:25:01: cb:dd:9e:b2:68:b7:b2:b4:c3:82:f9:6b:6c:8d:5d:6e:cd:68: 4e:d4:1d:f3:8a:d3:a2:42:13:64:b4:95:5b:81:7a:0b:d8:e7: 6f:06:45:5c:eb:3f:d5:91:35:3d:3e:56:9a:ba:e3:46:20:17: 8e:59:6d:6a:79:9f:cb:cf:3c:f2:15:06:ec:43:d3:c1:a0:9b: 9b:8e:2d:4a:71:14:e3:46:c0:dc:f6:49:cb:17:d3:43:42:8b: 5a:d8:b8:51:ae:a1:51:f2:a5:41:ab:a8:3a:c9:20:32:16:43: d9:db:61:01:bf:b9:92:13:dc:fb:39:86:28:07:07:d6:fa:94: a1:73:4b:6a:0e:93:c7:72:6e:cd:30:c9:fe:5b:2a:1c:72:6e: 91:a2:9b:28:69:cf:9b:d3:e6:fe:9a:77:87:eb:fd:f4:58:ed: d5:11:2c:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLe9P3oa39rbnTA5SgHraMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxZDlmM2FjNTA4NjRkMThmZjI2ODkzM2M3NGUyYTg5YWVj NjEwOWQwHhcNMjUxMjA2MDEwMTUwWhcNMjUxMjA3MDEwMTUwWjAzMTEwLwYDVQQD EygwMDg3YTM3ZGJmMzI1YWJkNjZlM2RlYjJiOWY4OTI5ZWE0ZmViMmU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+Y79BZUFE6dei1ujoCw23VdNA/j AE3Kqm52bpICHNwFAEYGb/n+Go23pgW5WJMcYfn9J1+okOz7/zggbGHmLKQHCcM/ IIFUaW2GztspkVRWZ8eKyY3EvQ8vUg/KTmpSEePrmiAaQpVMaO0Yt1MfilU7M2vB vG2Y4NXAFREAosdthBBx8wFZrgVkifbm9iNqb1gtIxKNcyI0xbAtms240Sdo2Y8O OpyqTh9gVmyAkAxshJMUYWsVju9l8hXeS/CR6qdQX+NFmc4BHJx7QSq1ydhIPJNs JXI2+es+nIg3kPheZwi7yryq0BRZ4xSnZoc8owZXQ0ZsWCCi1c5v4oQ42wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFACHo32/Mlq9ZuPesrn4kp6k/rLlMB8GA1UdIwQY MBaAFGHZ86xQhk0Y/yaJM8dOKomuxhCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWRuenJGQ0dUUmpfSm9rengwNHFpYTdHRUowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zMmM4MDctMzBhZS00YjIyLTkwNWYt ZGMzM2VhYTEwZDI4LzEvWWRuenJGQ0dUUmpfSm9rengwNHFpYTdHRUowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS8zMmM4MDctMzBhZS00YjIyLTkwNWYtZGMzM2VhYTEwZDI4 LzEvWWRuenJGQ0dUUmpfSm9rengwNHFpYTdHRUowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBEVfusV KVVP+zoo30dtefljEYG93cSMpWKKUtPmFP761QiSOCKzi3KY2G06DCwFkHPNrzV2 mDvaBv3nG29GiOvJlZA8TLjJfN9qs94tRyULctK1fSzyJyUBy92esmi3srTDgvlr bI1dbs1oTtQd84rTokITZLSVW4F6C9jnbwZFXOs/1ZE1PT5WmrrjRiAXjlltanmf y8888hUG7EPTwaCbm44tSnEU40bA3PZJyxfTQ0KLWti4Ua6hUfKlQauoOskgMhZD 2dthAb+5khPc+zmGKAcH1vqUoXNLag6Tx3JuzTDJ/lsqHHJukaKbKGnPm9Pm/pp3 h+v99Fjt1REspg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:45:05 2025 by rpki-client