This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.mft File: _YmzSchPx7NBKlLWX_Jg0swomrk.mft (raw, json) Hash identifier: TfH9RRFB2bHT7CuYJVUatOkB2X8fl/tSmhMB0mlouiU= Subject key identifier: 81:75:43:BD:58:8C:87:B3:4E:6E:7F:C3:86:D3:1C:A5:C3:3A:C7:2B Authority key identifier: FD:89:B3:49:C8:4F:C7:B3:41:2A:52:D6:5F:F2:60:D2:CC:28:9A:B9 Certificate issuer: /CN=fd89b349c84fc7b3412a52d65ff260d2cc289ab9 Certificate serial: 019AF16448CA6530C276C9AD69B33997FCE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.mft Manifest number: 0DF1 Signing time: Sat 06 Dec 2025 02:01:12 +0000 Manifest this update: Sat 06 Dec 2025 02:01:12 +0000 Manifest next update: Sun 07 Dec 2025 02:01:12 +0000 Files and hashes: 1: 7voLoVZs2GImQRBCo5BKLZ-Uj7w.roa (hash: 4GwoSbNu+hRTl0Hpw8zq+LaDTkSr14kM179EFGiS8KQ=) 2: _YmzSchPx7NBKlLWX_Jg0swomrk.crl (hash: OcZ63Wsie/G7Wb30gnxhWRQzyv8AzRW6TaV0v7EYNG4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.crl rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.mft rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:48:ca:65:30:c2:76:c9:ad:69:b3:39:97:fc:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd89b349c84fc7b3412a52d65ff260d2cc289ab9 Validity Not Before: Dec 6 02:01:12 2025 GMT Not After : Dec 7 02:01:12 2025 GMT Subject: CN=817543bd588c87b34e6e7fc386d31ca5c33ac72b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:01:2d:6e:1b:d9:61:28:fd:7a:7d:77:f9:b7: 3d:89:54:84:e7:28:6f:1a:62:cc:eb:2f:43:ce:5d: d6:80:fb:d2:e2:9b:a6:f6:b0:60:5f:f2:ab:ac:00: 6d:69:05:7d:a9:1e:3c:f4:93:7f:14:ed:f9:9d:2c: ad:aa:b5:5d:5d:e0:cf:6b:a6:d3:64:80:7c:a9:a5: 41:76:81:5c:5c:11:40:bb:a0:aa:4f:c4:04:07:aa: 24:aa:71:15:30:85:1c:43:6b:08:d0:b5:c4:e6:89: 07:af:86:ef:ef:fb:80:57:a9:2a:10:66:4a:e5:5d: 06:de:3f:36:b4:6e:a4:d0:5f:4b:e6:0d:a6:eb:5e: fd:c4:b3:c4:b3:6b:1c:29:20:22:cc:51:20:a4:80: e0:b3:ed:a0:fa:fa:30:ba:8e:d5:e5:80:13:03:80: 9f:b6:7f:7b:17:de:cc:2c:05:17:ee:d5:b9:ea:cd: 37:7b:22:4f:19:27:53:05:f7:2c:f5:f2:07:0f:e5: 52:72:b1:ae:8b:47:09:7b:87:3d:6d:e2:ae:4d:1f: 10:05:96:1d:fb:59:e7:5b:8a:5d:98:fe:a3:18:b7: a3:67:71:8c:75:73:15:53:75:55:cc:2c:1e:63:6c: f3:41:00:09:de:bf:41:1d:67:ed:5e:c0:4e:c2:2e: 69:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:75:43:BD:58:8C:87:B3:4E:6E:7F:C3:86:D3:1C:A5:C3:3A:C7:2B X509v3 Authority Key Identifier: keyid:FD:89:B3:49:C8:4F:C7:B3:41:2A:52:D6:5F:F2:60:D2:CC:28:9A:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:0b:00:0f:e3:a3:f5:d3:39:a0:12:e4:77:28:e9:5b:3c:95: 74:b0:89:09:e4:7b:6e:6a:c9:3c:af:54:9c:6a:8a:92:10:df: 45:1c:85:ea:55:6f:f0:60:2f:a1:59:54:bc:3b:9b:27:4f:de: e3:6b:dd:42:e4:fb:00:d5:d5:20:05:9c:69:df:d4:72:3b:18: 0d:9e:83:bb:ad:b2:ee:98:e0:48:87:b5:5b:e5:cc:36:89:ff: c3:32:0e:31:90:1e:b6:26:b7:3f:7e:09:2b:23:d0:8a:dd:55: 45:45:13:f2:df:06:d1:fc:b7:bc:59:30:6f:52:bb:c1:95:b7: b6:53:d0:60:72:c9:2a:ed:ee:3e:e4:5d:94:58:3c:eb:e6:88: 02:ed:5b:6c:3d:c6:54:a0:e9:b4:b8:0c:6f:25:18:de:fd:a7: 99:db:8c:b4:4d:58:6c:91:65:f6:b3:d7:fd:fb:e0:55:27:ac: b3:b0:3d:a2:d4:b5:76:a8:ed:2a:89:34:fb:8f:d4:63:8d:1f: 38:0a:10:28:e4:9c:a8:7f:82:b9:f2:ee:68:41:d0:9b:59:e1: e3:57:12:61:4a:5c:af:28:d2:4d:9a:00:6e:57:81:15:b5:68: a1:ef:1d:8d:31:2d:c6:ea:12:81:50:6e:52:cf:04:dd:04:c2: 9d:1e:e2:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZEjKZTDCdsmtabM5l/zgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkODliMzQ5Yzg0ZmM3YjM0MTJhNTJkNjVmZjI2MGQyY2My ODlhYjkwHhcNMjUxMjA2MDIwMTEyWhcNMjUxMjA3MDIwMTEyWjAzMTEwLwYDVQQD Eyg4MTc1NDNiZDU4OGM4N2IzNGU2ZTdmYzM4NmQzMWNhNWMzM2FjNzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQEtbhvZYSj9en13+bc9iVSE5yhv GmLM6y9Dzl3WgPvS4pum9rBgX/KrrABtaQV9qR489JN/FO35nSytqrVdXeDPa6bT ZIB8qaVBdoFcXBFAu6CqT8QEB6okqnEVMIUcQ2sI0LXE5okHr4bv7/uAV6kqEGZK 5V0G3j82tG6k0F9L5g2m6179xLPEs2scKSAizFEgpIDgs+2g+vowuo7V5YATA4Cf tn97F97MLAUX7tW56s03eyJPGSdTBfcs9fIHD+VScrGui0cJe4c9beKuTR8QBZYd +1nnW4pdmP6jGLejZ3GMdXMVU3VVzCweY2zzQQAJ3r9BHWftXsBOwi5pVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIF1Q71YjIezTm5/w4bTHKXDOscrMB8GA1UdIwQY MBaAFP2Js0nIT8ezQSpS1l/yYNLMKJq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1ltelNjaFB4N05CS2xMV1hfSmcwc3dvbXJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lZTcxNGEtMjFhYy00Mzg2LTgyZjUt ZTgxNzYxMDJjNWZmLzEvX1ltelNjaFB4N05CS2xMV1hfSmcwc3dvbXJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9lZTcxNGEtMjFhYy00Mzg2LTgyZjUtZTgxNzYxMDJjNWZm LzEvX1ltelNjaFB4N05CS2xMV1hfSmcwc3dvbXJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtQsAD+Oj 9dM5oBLkdyjpWzyVdLCJCeR7bmrJPK9UnGqKkhDfRRyF6lVv8GAvoVlUvDubJ0/e 42vdQuT7ANXVIAWcad/UcjsYDZ6Du62y7pjgSIe1W+XMNon/wzIOMZAetia3P34J KyPQit1VRUUT8t8G0fy3vFkwb1K7wZW3tlPQYHLJKu3uPuRdlFg86+aIAu1bbD3G VKDptLgMbyUY3v2nmduMtE1YbJFl9rPX/fvgVSess7A9otS1dqjtKok0+4/UY40f OAoQKOScqH+CufLuaEHQm1nh41cSYUpcryjSTZoAbleBFbVooe8djTEtxuoSgVBu Us8E3QTCnR7iiA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:17:40 2025 by rpki-client