This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft File: Yonrndlo7aSnlWTC4GpoOEIpegQ.mft (raw, json) Hash identifier: /Ug/f22D9h7LHGjcEH1kpZXmUObfy7IvFb4BYMIXJFE= Subject key identifier: C8:39:65:CF:1C:44:FD:89:BD:49:8E:CB:77:C2:C1:3E:A3:06:76:8B Authority key identifier: 62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04 Certificate issuer: /CN=6289eb9dd968eda4a79564c2e06a683842297a04 Certificate serial: 019AF164474636AB689F9548202AB4ADC3DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft Manifest number: 0480 Signing time: Sat 06 Dec 2025 02:01:12 +0000 Manifest this update: Sat 06 Dec 2025 02:01:12 +0000 Manifest next update: Sun 07 Dec 2025 02:01:12 +0000 Files and hashes: 1: Yonrndlo7aSnlWTC4GpoOEIpegQ.crl (hash: n9sdGKKy0fj+tHLOnFFuYwXnLvCnGMDp9Fn0JxjQjv8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:47:46:36:ab:68:9f:95:48:20:2a:b4:ad:c3:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6289eb9dd968eda4a79564c2e06a683842297a04 Validity Not Before: Dec 6 02:01:12 2025 GMT Not After : Dec 7 02:01:12 2025 GMT Subject: CN=c83965cf1c44fd89bd498ecb77c2c13ea306768b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:b6:c8:21:c9:aa:de:3a:d8:02:0a:2c:9d:36: cb:fa:b7:c3:0b:28:92:65:3a:2d:a3:90:6d:56:7a: 1c:67:bf:0e:c2:d0:0e:7f:76:46:57:e3:6a:4b:bb: e9:62:f8:8e:48:96:fd:43:2b:cf:e1:b4:7c:27:c6: fc:e1:f4:83:ad:3c:74:11:6f:d3:2d:ec:4c:18:e1: f8:81:dc:f7:88:3f:01:98:76:8c:c1:9b:7c:d5:69: 2c:99:f4:93:5d:99:b1:72:01:5f:c6:3e:ff:3a:75: 97:3e:69:02:eb:1e:be:81:9a:56:23:6d:cd:47:1b: a2:5f:84:6d:74:9c:40:e1:a5:d2:4f:8c:cc:46:d3: ca:62:20:5a:26:ae:41:f1:6b:47:f3:d3:fa:63:a3: b5:37:49:a7:cd:29:55:5b:a5:d5:ea:96:bb:89:6a: 5d:85:c2:34:36:95:5a:85:0a:14:42:8b:f4:26:d8: 8f:42:e0:de:19:91:37:99:12:a5:bd:2d:ba:0c:be: 8d:3b:70:06:c6:f5:54:58:c3:97:27:8f:cd:64:54: 34:18:a5:d6:4d:62:4e:66:c3:73:bb:58:89:af:f1: f9:ea:f5:fe:62:d4:81:d0:87:28:ef:7e:29:6d:cc: 41:da:0e:ba:52:92:38:92:b6:38:b1:97:36:e9:b2: db:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:39:65:CF:1C:44:FD:89:BD:49:8E:CB:77:C2:C1:3E:A3:06:76:8B X509v3 Authority Key Identifier: keyid:62:89:EB:9D:D9:68:ED:A4:A7:95:64:C2:E0:6A:68:38:42:29:7A:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yonrndlo7aSnlWTC4GpoOEIpegQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5e7dc8-7bf5-4033-9092-fc7eb991db40/1/Yonrndlo7aSnlWTC4GpoOEIpegQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:58:02:44:dd:0a:35:f5:af:01:34:2e:98:03:de:d3:ef:13: 36:ac:2c:42:ba:41:63:e1:0a:dc:68:40:fd:72:a5:3d:36:a0: 3d:b8:cd:ab:3f:3a:6d:0a:8a:7f:30:31:fa:68:4b:14:ad:de: 39:92:e5:0b:73:6c:ff:bf:2f:1d:d8:5b:5b:d1:d8:18:d7:e9: 99:73:c2:d9:c6:a9:c8:c4:2e:f7:41:8c:fd:3a:c3:03:83:9f: 4e:4c:47:74:76:17:68:47:d1:5b:5a:ea:4a:5f:fb:0e:bd:1f: 4b:1c:7c:75:77:40:63:13:1d:8a:29:63:00:6a:cf:6e:ad:b9: 0f:72:28:05:5b:c1:8e:f5:5a:1a:49:69:83:0e:84:bd:e5:09: d0:0e:ce:9e:5c:0f:5a:a1:18:8c:c6:a4:62:73:c8:0c:00:91: 5e:d8:52:40:cf:cb:2f:46:e5:4d:fa:7f:be:e9:b6:cf:54:bc: 1e:fd:70:cb:28:1a:cb:df:cf:cb:49:68:b0:69:b0:e7:55:f2: f7:bd:68:ff:d1:36:14:54:4c:34:f8:6f:c0:2a:f4:1a:31:d7: 26:ff:07:7a:c6:71:9d:31:60:f9:e6:d9:33:ce:77:5e:81:a6: d6:92:d8:df:bc:f1:d7:f0:fa:9f:89:a2:a5:92:f5:f8:a3:c7: 3d:16:c1:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZEdGNqton5VIICq0rcPbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyODllYjlkZDk2OGVkYTRhNzk1NjRjMmUwNmE2ODM4NDIy OTdhMDQwHhcNMjUxMjA2MDIwMTEyWhcNMjUxMjA3MDIwMTEyWjAzMTEwLwYDVQQD EyhjODM5NjVjZjFjNDRmZDg5YmQ0OThlY2I3N2MyYzEzZWEzMDY3NjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17bIIcmq3jrYAgosnTbL+rfDCyiS ZToto5BtVnocZ78OwtAOf3ZGV+NqS7vpYviOSJb9QyvP4bR8J8b84fSDrTx0EW/T LexMGOH4gdz3iD8BmHaMwZt81WksmfSTXZmxcgFfxj7/OnWXPmkC6x6+gZpWI23N RxuiX4RtdJxA4aXST4zMRtPKYiBaJq5B8WtH89P6Y6O1N0mnzSlVW6XV6pa7iWpd hcI0NpVahQoUQov0JtiPQuDeGZE3mRKlvS26DL6NO3AGxvVUWMOXJ4/NZFQ0GKXW TWJOZsNzu1iJr/H56vX+YtSB0Ico734pbcxB2g66UpI4krY4sZc26bLb+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMg5Zc8cRP2JvUmOy3fCwT6jBnaLMB8GA1UdIwQY MBaAFGKJ653ZaO2kp5VkwuBqaDhCKXoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTIt ZmM3ZWI5OTFkYjQwLzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi81ZTdkYzgtN2JmNS00MDMzLTkwOTItZmM3ZWI5OTFkYjQw LzEvWW9ucm5kbG83YVNubFdUQzRHcG9PRUlwZWdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGVgCRN0K NfWvATQumAPe0+8TNqwsQrpBY+EK3GhA/XKlPTagPbjNqz86bQqKfzAx+mhLFK3e OZLlC3Ns/78vHdhbW9HYGNfpmXPC2capyMQu90GM/TrDA4OfTkxHdHYXaEfRW1rq Sl/7Dr0fSxx8dXdAYxMdiiljAGrPbq25D3IoBVvBjvVaGklpgw6EveUJ0A7OnlwP WqEYjMakYnPIDACRXthSQM/LL0blTfp/vum2z1S8Hv1wyygay9/Py0losGmw51Xy 971o/9E2FFRMNPhvwCr0GjHXJv8HesZxnTFg+ebZM853XoGm1pLY37zx1/D6n4mi pZL1+KPHPRbB9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:33:35 2025 by rpki-client