This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft File: yh3vhAA2XhysFuj3iHCS2smDtz4.mft (raw, json) Hash identifier: AzHHXTxuTVtnD9BDBAVFkIqaxvasJB/Ig7L3DE2GqPY= Subject key identifier: 1C:CE:71:69:94:1C:87:AA:2B:BB:AA:3A:DE:4F:1D:43:F4:F3:73:44 Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E Certificate issuer: /CN=ca1def8400365e1cac16e8f7887092dac983b73e Certificate serial: 019AF19B763D4AF3101430CE094931217EB3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft Manifest number: 12FE Signing time: Sat 06 Dec 2025 03:01:28 +0000 Manifest this update: Sat 06 Dec 2025 03:01:28 +0000 Manifest next update: Sun 07 Dec 2025 03:01:28 +0000 Files and hashes: 1: yh3vhAA2XhysFuj3iHCS2smDtz4.crl (hash: NgFFnGpxg5ANBwM8DQzImHQoKyz3uEvC3fAeNlbVlb8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:76:3d:4a:f3:10:14:30:ce:09:49:31:21:7e:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e Validity Not Before: Dec 6 03:01:28 2025 GMT Not After : Dec 7 03:01:28 2025 GMT Subject: CN=1cce7169941c87aa2bbbaa3ade4f1d43f4f37344 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:59:eb:80:d8:0b:1f:70:f9:db:db:e6:0b:bd: 66:fd:c4:d9:83:9a:5f:ac:9f:a5:11:33:db:fa:62: a3:43:7a:49:90:88:7b:a5:f4:5d:76:39:ec:29:39: dd:be:3b:ed:2f:05:95:9a:b5:a8:4e:d6:7c:c3:fc: 82:ad:bb:2d:e5:c2:0d:ef:f1:8b:6a:6e:43:c3:4c: 9b:ea:5e:17:b0:91:34:9c:60:94:76:95:89:00:c3: 95:94:00:21:33:77:e9:5b:34:cf:32:a4:eb:16:58: 65:5b:4d:79:70:84:f1:af:42:c9:eb:17:92:f9:9c: be:c6:16:fb:73:75:d3:30:54:5f:24:ee:21:09:1c: ed:04:26:8a:a9:1b:9a:99:dc:bb:f5:44:4a:c8:19: 8b:64:18:e9:b6:c6:a1:30:26:93:48:51:67:55:ad: 1d:d0:c4:6b:e0:72:b8:71:90:ca:b2:eb:5e:e8:11: d2:80:15:cd:e4:2d:51:a9:31:8f:53:19:85:c7:f2: ae:32:d1:73:51:6f:1d:75:71:cc:48:5b:df:67:17: 32:fb:f8:66:68:df:d3:ba:6a:ad:fa:67:b2:19:70: c8:6b:9d:1a:1b:1e:23:fc:86:58:84:4a:f5:9e:0c: 48:90:ab:ba:8f:4a:1d:2a:85:3a:b7:ee:6d:2e:8b: 04:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:CE:71:69:94:1C:87:AA:2B:BB:AA:3A:DE:4F:1D:43:F4:F3:73:44 X509v3 Authority Key Identifier: keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:ff:85:b5:7c:d1:f9:a9:30:c3:12:c9:00:87:80:d6:29:43: 4c:70:01:57:e6:aa:20:0b:89:d9:49:b9:7e:32:cb:13:66:3b: 74:10:ab:00:c0:54:de:45:5d:7f:44:b4:88:1c:ed:2d:c4:aa: 6a:9f:5b:b8:aa:4d:b7:ba:fa:44:94:dd:73:44:ae:8c:a0:4b: ef:1a:92:5d:cc:02:0d:da:4c:aa:e5:02:5e:93:d4:f9:e4:4f: 76:05:f1:ee:9b:3c:2e:e8:20:53:67:89:67:53:88:12:69:7d: d9:c6:7f:b8:17:93:86:50:da:97:98:c9:a5:5f:48:8e:1f:04: b4:b6:11:88:49:72:d9:74:4c:0c:3b:ca:3d:7e:f6:5d:d8:39: c2:f0:cc:e6:6e:2a:f1:df:e2:f7:db:68:a5:47:46:12:10:08: d6:cf:45:1c:f9:6c:99:d4:1d:9a:81:e1:31:f2:cf:97:35:ed: d9:33:7b:ce:a5:d9:06:dd:f2:38:6f:3b:07:41:63:d5:30:d9: 35:68:63:90:58:ff:e6:2c:03:da:36:d6:ce:19:53:fd:74:7e: d3:82:c4:0d:bd:02:d5:8a:dd:e1:8c:c1:0e:8e:3e:12:6a:01: 87:43:39:e5:5d:c9:8e:c2:ee:09:f2:87:f8:20:79:7e:d4:16: 8d:db:a2:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm3Y9SvMQFDDOCUkxIX6zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMWRlZjg0MDAzNjVlMWNhYzE2ZThmNzg4NzA5MmRhYzk4 M2I3M2UwHhcNMjUxMjA2MDMwMTI4WhcNMjUxMjA3MDMwMTI4WjAzMTEwLwYDVQQD EygxY2NlNzE2OTk0MWM4N2FhMmJiYmFhM2FkZTRmMWQ0M2Y0ZjM3MzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlnrgNgLH3D529vmC71m/cTZg5pf rJ+lETPb+mKjQ3pJkIh7pfRddjnsKTndvjvtLwWVmrWoTtZ8w/yCrbst5cIN7/GL am5Dw0yb6l4XsJE0nGCUdpWJAMOVlAAhM3fpWzTPMqTrFlhlW015cITxr0LJ6xeS +Zy+xhb7c3XTMFRfJO4hCRztBCaKqRuamdy79URKyBmLZBjptsahMCaTSFFnVa0d 0MRr4HK4cZDKsute6BHSgBXN5C1RqTGPUxmFx/KuMtFzUW8ddXHMSFvfZxcy+/hm aN/Tumqt+meyGXDIa50aGx4j/IZYhEr1ngxIkKu6j0odKoU6t+5tLosEiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBzOcWmUHIeqK7uqOt5PHUP083NEMB8GA1UdIwQY MBaAFMod74QANl4crBbo94hwktrJg7c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEt Zjk4ZWM5ZDE2MmJlLzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi83MWZkMTAtNGYyNi00NDlhLWIzNjEtZjk4ZWM5ZDE2MmJl LzEveWgzdmhBQTJYaHlzRnVqM2lIQ1Myc21EdHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/+FtXzR +akwwxLJAIeA1ilDTHABV+aqIAuJ2Um5fjLLE2Y7dBCrAMBU3kVdf0S0iBztLcSq ap9buKpNt7r6RJTdc0SujKBL7xqSXcwCDdpMquUCXpPU+eRPdgXx7ps8LuggU2eJ Z1OIEml92cZ/uBeThlDal5jJpV9Ijh8EtLYRiEly2XRMDDvKPX72Xdg5wvDM5m4q 8d/i99topUdGEhAI1s9FHPlsmdQdmoHhMfLPlzXt2TN7zqXZBt3yOG87B0Fj1TDZ NWhjkFj/5iwD2jbWzhlT/XR+04LEDb0C1Yrd4YzBDo4+EmoBh0M55V3JjsLuCfKH +CB5ftQWjduiXw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:43:43 2025 by rpki-client