This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft File: yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json) Hash identifier: TjkSH/DhbDNxMfCFxPF0dk2Kbxqph1sGbfJPjVL55ks= Subject key identifier: 48:1B:22:59:D0:0D:65:AE:A4:C9:F0:60:48:6B:DA:E2:72:4A:6C:E2 Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F Certificate issuer: /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f Certificate serial: 019AF19B955702D6E3C79CAA635387497016 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft Manifest number: 133D Signing time: Sat 06 Dec 2025 03:01:36 +0000 Manifest this update: Sat 06 Dec 2025 03:01:36 +0000 Manifest next update: Sun 07 Dec 2025 03:01:36 +0000 Files and hashes: 1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: XALUCDbHnxtrE+ZPel+laPGUVlVK7e0hGt3gkzDa4s8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:95:57:02:d6:e3:c7:9c:aa:63:53:87:49:70:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f Validity Not Before: Dec 6 03:01:36 2025 GMT Not After : Dec 7 03:01:36 2025 GMT Subject: CN=481b2259d00d65aea4c9f060486bdae2724a6ce2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:3d:47:17:dc:8d:6b:1f:53:9b:de:c4:66:21: 99:da:5c:e4:ab:0e:c6:fe:70:aa:10:e5:5f:98:c3: 76:bf:d9:86:cc:d8:35:7b:56:40:ae:77:f5:8e:0b: 5b:13:f4:8b:20:23:80:af:c9:fe:fd:ea:75:09:1a: 7f:91:3b:7f:f7:41:34:8a:4d:9d:78:dd:15:63:c5: 3e:09:4e:16:44:af:b4:c6:52:b9:38:38:ff:a9:65: 58:a6:1d:39:95:d2:dd:1e:2b:fb:d0:d2:61:79:70: 66:b3:9f:89:6b:bd:5b:97:a0:55:72:c3:53:17:29: 93:27:c5:97:f3:cb:95:5b:37:d3:0f:30:da:05:d0: 32:4c:48:77:ea:08:d9:48:4d:aa:4b:74:39:6c:6c: 7b:cc:58:3d:81:b0:a4:f3:58:39:d6:dd:8b:af:9a: 9f:c4:63:e3:54:1e:4c:37:1e:12:07:3a:53:cf:f5: a9:1c:06:16:9c:e8:26:86:aa:0a:b7:52:aa:d5:0d: 16:b5:11:4c:2c:4b:48:99:1c:b0:52:bb:be:36:fc: 7f:30:16:cb:10:c4:b4:9c:91:2a:29:15:1a:b1:70: ec:e3:ac:29:13:59:09:cb:a8:24:11:31:7c:8c:90: 55:f6:d8:e1:80:b0:86:49:f7:e2:83:aa:6f:c3:67: 6b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:1B:22:59:D0:0D:65:AE:A4:C9:F0:60:48:6B:DA:E2:72:4A:6C:E2 X509v3 Authority Key Identifier: keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:be:9f:3a:94:1c:a5:a3:f0:2d:51:82:e3:f7:d0:8a:07:1d: 7a:61:5b:e5:96:dc:c7:17:be:d0:6c:fa:28:a2:47:c6:d1:27: 47:b6:63:33:ad:c3:95:9d:39:9c:ec:48:81:be:f0:65:02:ed: 34:75:ac:0c:01:92:36:ff:92:b7:44:63:48:ad:eb:c9:1b:0b: 81:82:75:fa:e9:43:80:ba:7c:93:5f:fb:dd:fc:8f:d1:90:fa: d7:f3:d8:b5:a6:41:d0:fb:8e:1b:50:bf:4c:2a:e4:12:d4:05: 23:65:cf:49:ec:6a:80:49:2c:a7:55:a7:b4:56:72:73:d4:b9: db:b5:3e:23:65:15:7a:4e:4c:e3:4b:ab:a9:ec:26:ab:a0:09: fb:ac:ee:b2:3e:8d:ef:2e:6b:37:ad:c2:7e:fa:a3:c8:af:3c: a2:c2:af:29:04:71:63:46:f0:54:0c:c3:bc:e8:78:94:79:ba: 89:61:eb:0e:bf:9f:19:9d:42:05:76:f8:0b:5b:22:fc:46:cf: f3:d7:e6:2c:3d:6e:7d:99:7c:29:27:86:27:c9:b9:34:dc:a4: 57:2b:d2:f6:3e:97:01:ac:69:83:4d:ec:22:f8:0d:a1:8e:33: 7f:90:b5:2f:f4:c1:3b:d3:57:80:b3:d8:4b:b6:15:30:08:c0: 9c:06:1f:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5VXAtbjx5yqY1OHSXAWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk MmNjMGYwHhcNMjUxMjA2MDMwMTM2WhcNMjUxMjA3MDMwMTM2WjAzMTEwLwYDVQQD Eyg0ODFiMjI1OWQwMGQ2NWFlYTRjOWYwNjA0ODZiZGFlMjcyNGE2Y2UyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+T1HF9yNax9Tm97EZiGZ2lzkqw7G /nCqEOVfmMN2v9mGzNg1e1ZArnf1jgtbE/SLICOAr8n+/ep1CRp/kTt/90E0ik2d eN0VY8U+CU4WRK+0xlK5ODj/qWVYph05ldLdHiv70NJheXBms5+Ja71bl6BVcsNT FymTJ8WX88uVWzfTDzDaBdAyTEh36gjZSE2qS3Q5bGx7zFg9gbCk81g51t2Lr5qf xGPjVB5MNx4SBzpTz/WpHAYWnOgmhqoKt1Kq1Q0WtRFMLEtImRywUru+Nvx/MBbL EMS0nJEqKRUasXDs46wpE1kJy6gkETF8jJBV9tjhgLCGSffig6pvw2drLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEgbIlnQDWWupMnwYEhr2uJySmziMB8GA1UdIwQY MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdr6fOpQc paPwLVGC4/fQigcdemFb5Zbcxxe+0Gz6KKJHxtEnR7ZjM63DlZ05nOxIgb7wZQLt NHWsDAGSNv+St0RjSK3ryRsLgYJ1+ulDgLp8k1/73fyP0ZD61/PYtaZB0PuOG1C/ TCrkEtQFI2XPSexqgEksp1WntFZyc9S527U+I2UVek5M40urqewmq6AJ+6zusj6N 7y5rN63CfvqjyK88osKvKQRxY0bwVAzDvOh4lHm6iWHrDr+fGZ1CBXb4C1si/EbP 89fmLD1ufZl8KSeGJ8m5NNykVyvS9j6XAaxpg03sIvgNoY4zf5C1L/TBO9NXgLPY S7YVMAjAnAYfzg== -----END CERTIFICATE-----Generated at Sat Dec 6 06:57:14 2025 by rpki-client