This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft File: yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft (raw, json) Hash identifier: h2Cv9ZNTuHdPhIcoFOBQ3p1ZqN7i4l3P7dKSAEcSyIU= Subject key identifier: 50:A3:9A:52:FF:26:DE:5F:B2:99:C1:2F:5F:32:22:53:7D:7B:51:34 Authority key identifier: CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58 Certificate issuer: /CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358 Certificate serial: 019AF46522EBF3FF86ACA1819A3B4AD7E4D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft Manifest number: 01B4 Signing time: Sat 06 Dec 2025 16:01:00 +0000 Manifest this update: Sat 06 Dec 2025 16:01:00 +0000 Manifest next update: Sun 07 Dec 2025 16:01:00 +0000 Files and hashes: 1: yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl (hash: /WXUa0+g9vYx2jL2zXh1GxNyzUhacNpPcKAZBgZ9e40=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:22:eb:f3:ff:86:ac:a1:81:9a:3b:4a:d7:e4:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358 Validity Not Before: Dec 6 16:01:00 2025 GMT Not After : Dec 7 16:01:00 2025 GMT Subject: CN=50a39a52ff26de5fb299c12f5f3222537d7b5134 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e6:6c:8b:5f:70:9c:ac:cd:93:4e:e1:ba:72: 3b:97:9a:78:95:43:d3:6b:47:cb:27:22:80:ab:de: e2:8d:8e:de:91:db:08:c3:12:4d:96:e7:dc:7f:61: ec:c5:a2:15:42:18:f3:4f:af:18:b5:30:17:3b:9a: 04:56:70:47:53:b6:6f:36:d6:a3:8f:ae:78:5c:1b: 94:88:e5:20:15:74:61:a7:d6:12:a0:3c:86:1f:a7: 78:40:bc:77:67:55:cf:f1:e2:67:1a:5f:7d:05:b6: 0e:b2:e9:a6:b5:4e:f0:bc:c8:b3:bc:64:42:85:41: df:2f:33:ec:95:bc:61:22:ee:3a:e2:8f:ab:77:ea: 40:f2:18:bb:0e:76:b3:ad:2a:24:de:ab:e7:fd:6f: 8a:1c:f5:cc:67:02:a0:99:7c:73:d9:3f:c2:37:f2: b5:66:f8:c9:c4:23:d8:a6:a5:86:4f:f8:51:21:31: eb:1b:2a:9c:9c:0d:50:33:72:69:85:5b:08:7a:ac: c7:6f:57:c7:8c:b5:da:36:52:9e:d1:a6:14:b0:ea: d7:01:ec:e1:5e:05:ae:32:a8:6b:41:f1:b8:a4:ea: af:7b:26:72:84:b1:62:fb:27:98:1d:b0:37:bd:41: 61:c6:ac:36:40:45:de:58:77:f2:ee:05:7c:34:47: 7b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:A3:9A:52:FF:26:DE:5F:B2:99:C1:2F:5F:32:22:53:7D:7B:51:34 X509v3 Authority Key Identifier: keyid:CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:ab:86:56:1a:db:03:b7:9a:8d:42:4b:cb:b3:64:9b:7b:81: 74:68:38:36:7b:5b:91:2d:04:e5:c7:1d:da:61:9c:b4:2b:b9: 11:20:55:8d:1e:00:91:46:9b:ea:02:5d:5a:04:ab:4b:fe:1a: 6c:7f:f3:7e:d1:2d:a4:6a:58:75:d1:57:25:a0:4e:3b:fe:f5: a4:df:66:40:ce:8b:ea:d1:5d:1b:de:48:21:4a:08:d6:89:e7: ac:85:8b:30:fb:4c:e8:c4:30:07:d9:48:54:b8:6c:de:33:2b: 82:5a:f2:58:ad:96:91:93:6d:b6:4a:67:80:fc:d0:18:11:1d: 38:ff:bc:6c:6d:fb:4f:77:0a:aa:33:a7:a3:b3:56:80:21:57: 9c:5d:ff:7b:68:b7:09:ab:84:6a:e5:d2:b4:7b:93:dc:f2:e2: 81:db:9d:e1:09:e8:87:d0:56:4f:6e:f1:ac:66:c4:67:88:03: 97:6d:2c:70:35:27:00:4d:d3:f3:25:80:a7:cc:6f:94:80:f6: e5:9e:ea:8f:55:ce:46:15:ff:0d:12:b4:84:03:df:ce:8f:f5: f1:bb:9d:10:89:95:60:5c:aa:b2:c2:c0:bb:cf:96:ec:0c:83: a1:a9:e1:26:94:a9:e0:02:b4:61:b6:af:b2:dc:67:95:1e:c9: 05:ea:39:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZSLr8/+GrKGBmjtK1+TUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhYmYxOTM0ZmZlOWJmOWNlMzUxNTcyZWQyZWI4MjA3Y2I1 NTUzNTgwHhcNMjUxMjA2MTYwMTAwWhcNMjUxMjA3MTYwMTAwWjAzMTEwLwYDVQQD Eyg1MGEzOWE1MmZmMjZkZTVmYjI5OWMxMmY1ZjMyMjI1MzdkN2I1MTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+Zsi19wnKzNk07hunI7l5p4lUPT a0fLJyKAq97ijY7ekdsIwxJNlufcf2HsxaIVQhjzT68YtTAXO5oEVnBHU7ZvNtaj j654XBuUiOUgFXRhp9YSoDyGH6d4QLx3Z1XP8eJnGl99BbYOsummtU7wvMizvGRC hUHfLzPslbxhIu464o+rd+pA8hi7DnazrSok3qvn/W+KHPXMZwKgmXxz2T/CN/K1 ZvjJxCPYpqWGT/hRITHrGyqcnA1QM3JphVsIeqzHb1fHjLXaNlKe0aYUsOrXAezh XgWuMqhrQfG4pOqveyZyhLFi+yeYHbA3vUFhxqw2QEXeWHfy7gV8NEd79QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFCjmlL/Jt5fspnBL18yIlN9e1E0MB8GA1UdIwQY MBaAFMq/GTT/6b+c41FXLtLrggfLVVNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzIt NWIzODkzNDNkYmM5LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzItNWIzODkzNDNkYmM5 LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcKuGVhrb A7eajUJLy7Nkm3uBdGg4NntbkS0E5ccd2mGctCu5ESBVjR4AkUab6gJdWgSrS/4a bH/zftEtpGpYddFXJaBOO/71pN9mQM6L6tFdG95IIUoI1onnrIWLMPtM6MQwB9lI VLhs3jMrglryWK2WkZNttkpngPzQGBEdOP+8bG37T3cKqjOno7NWgCFXnF3/e2i3 CauEauXStHuT3PLigdud4Qnoh9BWT27xrGbEZ4gDl20scDUnAE3T8yWAp8xvlID2 5Z7qj1XORhX/DRK0hAPfzo/18budEImVYFyqssLAu8+W7AyDoanhJpSp4AK0Ybav stxnlR7JBeo5EQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:06:07 2025 by rpki-client