This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft File: ypQrJwZ2HCunUyiXg-35heM48Xc.mft (raw, json) Hash identifier: fYpP6ROkv0zo4dKuDJhY9tltFD+vjDmRKMreAzQjmDo= Subject key identifier: 01:D9:1C:53:CE:0B:1B:AE:A5:DE:45:84:78:A1:06:F1:A9:8C:2C:0A Authority key identifier: CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77 Certificate issuer: /CN=ca942b2706761c2ba753289783edf985e338f177 Certificate serial: 019B33E8A61F0B028F482ABE73A37ED3E3CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft Manifest number: 0D11 Signing time: Fri 19 Dec 2025 00:00:43 +0000 Manifest this update: Fri 19 Dec 2025 00:00:43 +0000 Manifest next update: Sat 20 Dec 2025 00:00:43 +0000 Files and hashes: 1: eiXFhQbxCQpcEPNruQeHmSAD-Z0.roa (hash: MfMam3uqTveTnOv++uzEyTkwTSJ0lTcdAkWlcL+odNo=) 2: ypQrJwZ2HCunUyiXg-35heM48Xc.crl (hash: oHXvTO4vRO/AZmNVWPkgQvMQlxne75A93l65t9zItHM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:a6:1f:0b:02:8f:48:2a:be:73:a3:7e:d3:e3:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca942b2706761c2ba753289783edf985e338f177 Validity Not Before: Dec 19 00:00:43 2025 GMT Not After : Dec 20 00:00:43 2025 GMT Subject: CN=01d91c53ce0b1baea5de458478a106f1a98c2c0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ca:b0:6e:4a:74:43:b7:5f:31:5e:ae:c7:01: 3d:64:36:25:2a:8d:34:35:f0:5a:1d:33:20:b3:31: e9:13:96:9b:b0:1e:71:81:8d:2a:ff:75:76:c3:f6: 2f:94:e1:56:01:da:64:d0:23:26:83:ef:b2:da:98: f8:03:55:73:2b:28:b0:16:20:eb:e3:4e:f8:e3:f4: 02:2e:d8:26:52:3d:71:76:93:f6:f7:a1:39:72:9f: 92:31:48:91:70:f2:a6:db:82:66:73:23:0d:7a:b5: 68:1b:19:ed:0e:01:01:bb:7b:8a:9a:ce:17:7e:f4: 4f:8d:15:59:5c:98:8b:5d:fa:bc:36:cb:eb:86:da: 90:9f:6a:f1:4c:b0:b9:46:0b:51:d3:d2:0c:10:76: e5:cd:7b:07:65:66:85:06:1f:fe:14:ae:72:13:5c: 2b:37:ed:44:b0:b8:bd:b7:7d:b5:ed:3b:54:55:0d: 6a:d9:f3:e9:c2:22:79:18:24:c3:bd:2a:ab:37:ad: ad:ab:e3:83:b8:be:a9:f0:94:d0:3a:e0:f8:09:e6: 27:3c:68:66:4d:be:1a:83:8a:af:4e:a1:42:e3:84: 30:29:a8:43:50:8c:71:20:ef:72:d4:1b:3e:f3:30: 37:22:f5:ec:66:94:64:34:01:2a:73:4f:1d:21:cb: 55:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:D9:1C:53:CE:0B:1B:AE:A5:DE:45:84:78:A1:06:F1:A9:8C:2C:0A X509v3 Authority Key Identifier: keyid:CA:94:2B:27:06:76:1C:2B:A7:53:28:97:83:ED:F9:85:E3:38:F1:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypQrJwZ2HCunUyiXg-35heM48Xc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b8c13d-e7d3-4aa9-a911-ed64805977f0/1/ypQrJwZ2HCunUyiXg-35heM48Xc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:bf:74:84:aa:28:25:ff:6c:ec:2d:21:c6:fd:d6:c3:7d:c4: 82:a4:55:91:85:bd:0d:cb:1c:bb:6e:2d:38:84:37:c0:2c:87: 65:66:e4:16:64:88:7a:11:1f:9f:c0:a1:4d:bd:1e:9a:0e:ae: 38:bf:13:86:a8:02:10:36:12:1d:ce:21:87:31:7c:d8:2e:9a: cf:9c:22:b8:23:ed:b4:73:b4:78:df:bb:76:ac:ba:41:d5:21: d1:5c:8c:cf:d2:13:90:78:67:0e:68:43:2e:72:15:7a:fd:39: ab:2f:db:c7:80:65:8e:78:d4:97:ab:fd:7c:d6:23:7b:cc:2d: 07:07:17:d7:14:db:b7:47:cf:17:48:cf:3c:f6:a4:36:b6:19: 08:3d:98:fa:20:e3:61:46:83:83:8a:3c:98:82:f5:8c:c0:1b: 96:87:b2:f2:24:bf:21:16:48:e3:cd:d7:b6:f3:10:2d:a5:f6: 3c:33:4a:c6:09:e9:43:8c:1e:68:60:46:c4:e8:f4:d4:e7:06: 61:c5:5f:c9:1f:38:a6:98:11:7c:3d:9c:d2:6b:c1:15:72:0e: b8:0d:e3:f1:ff:fb:02:b3:84:23:e9:69:77:e4:70:06:e6:2b: 85:85:17:7b:91:78:89:2d:01:f1:6b:f9:12:a5:d5:34:72:14: b9:bb:4d:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6KYfCwKPSCq+c6N+0+PKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhOTQyYjI3MDY3NjFjMmJhNzUzMjg5NzgzZWRmOTg1ZTMz OGYxNzcwHhcNMjUxMjE5MDAwMDQzWhcNMjUxMjIwMDAwMDQzWjAzMTEwLwYDVQQD EygwMWQ5MWM1M2NlMGIxYmFlYTVkZTQ1ODQ3OGExMDZmMWE5OGMyYzBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcqwbkp0Q7dfMV6uxwE9ZDYlKo00 NfBaHTMgszHpE5absB5xgY0q/3V2w/YvlOFWAdpk0CMmg++y2pj4A1VzKyiwFiDr 40744/QCLtgmUj1xdpP296E5cp+SMUiRcPKm24JmcyMNerVoGxntDgEBu3uKms4X fvRPjRVZXJiLXfq8NsvrhtqQn2rxTLC5RgtR09IMEHblzXsHZWaFBh/+FK5yE1wr N+1EsLi9t3217TtUVQ1q2fPpwiJ5GCTDvSqrN62tq+ODuL6p8JTQOuD4CeYnPGhm Tb4ag4qvTqFC44QwKahDUIxxIO9y1Bs+8zA3IvXsZpRkNAEqc08dIctVmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAHZHFPOCxuupd5FhHihBvGpjCwKMB8GA1UdIwQY MBaAFMqUKycGdhwrp1Mol4Pt+YXjOPF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEt ZWQ2NDgwNTk3N2YwLzEveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9iOGMxM2QtZTdkMy00YWE5LWE5MTEtZWQ2NDgwNTk3N2Yw LzEveXBRckp3WjJIQ3VuVXlpWGctMzVoZU00OFhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl790hKoo Jf9s7C0hxv3Ww33EgqRVkYW9Dcscu24tOIQ3wCyHZWbkFmSIehEfn8ChTb0emg6u OL8ThqgCEDYSHc4hhzF82C6az5wiuCPttHO0eN+7dqy6QdUh0VyMz9ITkHhnDmhD LnIVev05qy/bx4BljnjUl6v9fNYje8wtBwcX1xTbt0fPF0jPPPakNrYZCD2Y+iDj YUaDg4o8mIL1jMAbloey8iS/IRZI483XtvMQLaX2PDNKxgnpQ4weaGBGxOj01OcG YcVfyR84ppgRfD2c0mvBFXIOuA3j8f/7ArOEI+lpd+RwBuYrhYUXe5F4iS0B8Wv5 EqXVNHIUubtN6g== -----END CERTIFICATE-----Generated at Fri Dec 19 08:47:05 2025 by rpki-client