This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.mft File: yR1-RJz-wxIKmFEWPHeaYCaYYXI.mft (raw, json) Hash identifier: D9tE4s9c/61un/em7okgA+oPPvSrkVrKPk2hcPbNT9g= Subject key identifier: C1:B0:7F:5F:76:D6:AD:DE:D0:41:27:5E:44:39:94:45:3A:9D:B9:AB Authority key identifier: C9:1D:7E:44:9C:FE:C3:12:0A:98:51:16:3C:77:9A:60:26:98:61:72 Certificate issuer: /CN=c91d7e449cfec3120a9851163c779a6026986172 Certificate serial: 019B2C9D2272B968757D40F713B4B8B6380D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yR1-RJz-wxIKmFEWPHeaYCaYYXI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.mft Manifest number: 04B6 Signing time: Wed 17 Dec 2025 14:00:54 +0000 Manifest this update: Wed 17 Dec 2025 14:00:54 +0000 Manifest next update: Thu 18 Dec 2025 14:00:54 +0000 Files and hashes: 1: yR1-RJz-wxIKmFEWPHeaYCaYYXI.crl (hash: JHtNLTuaxPBY8of3aXe9e34Zh72LivZXN2QxkFLKliI=) 2: z4GL3R9iwn241BwmecTavitjvmk.roa (hash: gozzqy0wMPz097Vp/T+QSgyQzissUGlOoz2lP5A4OOM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.mft rsync://rpki.ripe.net/repository/DEFAULT/yR1-RJz-wxIKmFEWPHeaYCaYYXI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:9d:22:72:b9:68:75:7d:40:f7:13:b4:b8:b6:38:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c91d7e449cfec3120a9851163c779a6026986172 Validity Not Before: Dec 17 14:00:54 2025 GMT Not After : Dec 18 14:00:54 2025 GMT Subject: CN=c1b07f5f76d6added041275e443994453a9db9ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:33:9b:cb:80:3d:c8:68:b2:f9:95:76:04:e4: 35:23:55:9a:cb:8f:56:c9:ec:b6:a6:46:fb:b5:57: b2:25:9b:05:60:7d:d6:63:b7:64:d2:9c:2f:fb:7d: 35:61:41:8d:38:f6:36:f5:3b:77:54:fe:c8:bb:d9: b6:2c:53:08:88:c8:3f:5d:64:01:03:d1:23:ad:fe: 35:f8:72:05:ca:ea:f7:73:ce:d1:8e:06:ce:36:06: 9c:02:30:4c:ba:38:5e:d0:81:bf:79:7e:04:44:fa: fa:e0:87:8e:f0:8e:0e:a3:b2:8b:9a:c9:20:52:7c: ae:1a:25:57:f5:e4:9f:e6:b9:f4:a7:27:18:21:62: a7:02:40:ef:6b:c0:f2:f2:22:1c:e4:24:1f:5d:f0: 4f:eb:a7:32:ba:98:b7:cc:5c:a0:8f:d8:ce:db:bb: 61:32:7a:6b:fb:e8:b1:e7:ff:0b:9a:ca:36:b5:25: d6:94:23:1d:0e:dd:e4:b9:42:d9:88:d9:06:d4:00: ca:2e:16:99:7b:7f:b8:aa:f9:27:fa:76:76:0b:af: 03:17:d2:a9:3b:5d:41:96:97:e6:fb:85:bb:97:79: b1:c3:5a:62:88:31:7b:f1:8a:b4:d1:e0:6b:4e:29: 8a:8a:ca:c4:d6:9d:93:12:b2:5c:f2:da:16:c6:56: 01:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B0:7F:5F:76:D6:AD:DE:D0:41:27:5E:44:39:94:45:3A:9D:B9:AB X509v3 Authority Key Identifier: keyid:C9:1D:7E:44:9C:FE:C3:12:0A:98:51:16:3C:77:9A:60:26:98:61:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yR1-RJz-wxIKmFEWPHeaYCaYYXI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1de954-97e8-4c13-834b-cda6bb406974/1/yR1-RJz-wxIKmFEWPHeaYCaYYXI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:94:78:2a:1c:4a:29:59:f5:a7:81:ee:6c:e2:05:20:3e:3a: 6a:4c:cc:b5:68:ec:ac:69:02:ec:ae:69:94:c7:cb:b4:11:e7: f8:d7:28:c7:c2:1f:bd:f5:67:6c:44:50:dc:0f:74:51:45:88: f9:36:06:b9:94:85:bc:3f:92:e7:5b:ae:e2:8e:45:78:f2:bb: 6b:02:43:3e:99:a6:49:a4:0a:96:14:36:27:c6:de:ea:4c:8c: 22:5f:a2:d4:91:2b:24:d4:73:18:da:37:85:12:db:27:ec:9c: a0:e6:65:c1:b7:3b:9c:9a:18:56:1c:0a:7b:e2:39:fb:44:da: cb:4a:67:8d:15:4e:ce:4d:1e:40:80:52:ec:5c:1a:4b:53:c8: 85:3d:ed:da:54:5d:03:91:a4:b6:a5:d2:03:26:59:ba:62:c3: 3f:9e:b0:42:30:00:c7:ab:7e:da:c3:72:85:50:e3:00:22:74: f7:a3:40:d8:e5:fa:3b:32:6b:1f:0c:40:1d:f9:7b:35:2d:e9: 31:01:47:42:97:4b:30:02:ed:85:92:eb:3a:32:fa:9d:80:c7: 0a:fe:f2:2f:34:db:69:57:14:f7:0a:0b:66:76:92:16:7e:1b: 46:7a:e1:c0:b3:f0:f7:95:91:44:46:00:08:50:83:52:bb:e9: 33:b7:5d:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssnSJyuWh1fUD3E7S4tjgNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5MWQ3ZTQ0OWNmZWMzMTIwYTk4NTExNjNjNzc5YTYwMjY5 ODYxNzIwHhcNMjUxMjE3MTQwMDU0WhcNMjUxMjE4MTQwMDU0WjAzMTEwLwYDVQQD EyhjMWIwN2Y1Zjc2ZDZhZGRlZDA0MTI3NWU0NDM5OTQ0NTNhOWRiOWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jOby4A9yGiy+ZV2BOQ1I1Way49W yey2pkb7tVeyJZsFYH3WY7dk0pwv+301YUGNOPY29Tt3VP7Iu9m2LFMIiMg/XWQB A9Ejrf41+HIFyur3c87RjgbONgacAjBMujhe0IG/eX4ERPr64IeO8I4Oo7KLmskg UnyuGiVX9eSf5rn0pycYIWKnAkDva8Dy8iIc5CQfXfBP66cyupi3zFygj9jO27th Mnpr++ix5/8Lmso2tSXWlCMdDt3kuULZiNkG1ADKLhaZe3+4qvkn+nZ2C68DF9Kp O11Blpfm+4W7l3mxw1piiDF78Yq00eBrTimKisrE1p2TErJc8toWxlYB7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMGwf1921q3e0EEnXkQ5lEU6nbmrMB8GA1UdIwQY MBaAFMkdfkSc/sMSCphRFjx3mmAmmGFyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveVIxLVJKei13eElLbUZFV1BIZWFZQ2FZWVhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZGU5NTQtOTdlOC00YzEzLTgzNGIt Y2RhNmJiNDA2OTc0LzEveVIxLVJKei13eElLbUZFV1BIZWFZQ2FZWVhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8xZGU5NTQtOTdlOC00YzEzLTgzNGItY2RhNmJiNDA2OTc0 LzEveVIxLVJKei13eElLbUZFV1BIZWFZQ2FZWVhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJR4KhxK KVn1p4HubOIFID46akzMtWjsrGkC7K5plMfLtBHn+Ncox8IfvfVnbERQ3A90UUWI +TYGuZSFvD+S51uu4o5FePK7awJDPpmmSaQKlhQ2J8be6kyMIl+i1JErJNRzGNo3 hRLbJ+ycoOZlwbc7nJoYVhwKe+I5+0Tay0pnjRVOzk0eQIBS7FwaS1PIhT3t2lRd A5GktqXSAyZZumLDP56wQjAAx6t+2sNyhVDjACJ096NA2OX6OzJrHwxAHfl7NS3p MQFHQpdLMALthZLrOjL6nYDHCv7yLzTbaVcU9woLZnaSFn4bRnrhwLPw95WRREYA CFCDUrvpM7ddPA== -----END CERTIFICATE-----Generated at Wed Dec 17 17:46:51 2025 by rpki-client