This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft File: ybHXw7TuhyMzamWFOapzRvI9Z3I.mft (raw, json) Hash identifier: wj3nmJtHz2iQ5MdX0VoUPJf+HlsYYyYqlB4MvV0TfYs= Subject key identifier: F3:69:A7:12:98:A4:AB:A7:E5:8E:5B:53:22:9F:4B:C0:4A:A3:52:95 Authority key identifier: C9:B1:D7:C3:B4:EE:87:23:33:6A:65:85:39:AA:73:46:F2:3D:67:72 Certificate issuer: /CN=c9b1d7c3b4ee8723336a658539aa7346f23d6772 Certificate serial: 019AF0886498D6AF730B1D130C57ED6AADD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft Manifest number: 1703 Signing time: Fri 05 Dec 2025 22:01:01 +0000 Manifest this update: Fri 05 Dec 2025 22:01:01 +0000 Manifest next update: Sat 06 Dec 2025 22:01:01 +0000 Files and hashes: 1: kqgcpXCz5MkJzwLeAFTCTl_VsMQ.roa (hash: 4evrbQoOmcedQaEfByeB9rC2XxdVu3dPWDCJqrfbW4c=) 2: ybHXw7TuhyMzamWFOapzRvI9Z3I.crl (hash: eMrG1hJ6DT6fpr2EPoqyMCZtyw6TbZ4PUefAf8E9V5M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:64:98:d6:af:73:0b:1d:13:0c:57:ed:6a:ad:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9b1d7c3b4ee8723336a658539aa7346f23d6772 Validity Not Before: Dec 5 22:01:01 2025 GMT Not After : Dec 6 22:01:01 2025 GMT Subject: CN=f369a71298a4aba7e58e5b53229f4bc04aa35295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:f7:ca:90:92:fe:4a:24:20:5f:4c:b4:9b:04: 7d:73:42:ca:54:3f:28:3e:43:2f:53:b0:3d:4b:ec: 06:16:6e:c6:18:f6:b5:b0:f2:c3:58:db:92:84:2b: ff:0b:0a:00:1c:c1:0f:a9:11:f4:39:24:c5:b8:e7: 35:95:b4:38:a7:e4:49:8f:ce:81:8b:41:9b:f2:a9: b9:5a:f3:e8:15:c9:9d:aa:b0:c2:7b:c0:b4:d8:7c: 85:6f:8c:e9:1e:73:b6:70:11:75:23:f3:f7:53:38: 5b:e7:2d:16:79:f7:8d:19:5d:ba:d7:81:c7:ca:0d: c0:07:86:c0:5f:ff:1a:44:9b:cc:d5:5d:52:dc:8c: 30:f9:fa:db:fc:a8:0e:a7:3f:86:89:41:b8:33:43: bf:96:84:05:ed:01:61:22:e2:06:8d:c2:29:fe:9d: 97:2c:b8:6f:0e:65:82:0f:fd:6e:28:23:25:c8:56: 27:64:c1:e6:51:24:15:3c:bb:7c:de:e8:9b:ae:76: dc:b7:52:48:3a:b8:a3:7d:60:88:e9:b1:4c:54:bc: 72:8f:67:68:de:09:bd:f7:f6:cc:20:1b:e8:5e:d6: 47:20:88:bc:04:f9:5f:1f:6e:11:9e:2a:ac:dc:4a: f3:ac:3d:36:7f:8b:21:4d:66:3c:e1:d2:b9:70:45: 87:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:69:A7:12:98:A4:AB:A7:E5:8E:5B:53:22:9F:4B:C0:4A:A3:52:95 X509v3 Authority Key Identifier: keyid:C9:B1:D7:C3:B4:EE:87:23:33:6A:65:85:39:AA:73:46:F2:3D:67:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:dc:d3:26:73:d8:f3:73:76:23:18:62:54:36:de:94:3b:55: a0:1d:b8:e3:38:8e:7b:7e:ac:e2:e9:ee:90:83:f2:80:39:e9: 6d:03:06:f9:4e:67:be:7e:69:4a:31:5b:26:b2:5b:b0:75:ef: 3b:9d:53:57:de:6c:2b:0a:e0:90:96:70:43:e9:d5:18:02:fe: 7f:4d:bb:98:0a:7f:7b:16:38:20:dc:3b:2f:eb:30:4b:fd:c8: 2b:0e:dc:da:c5:c3:1d:7d:32:a9:fb:c7:c3:ef:f7:7c:1a:1a: b1:bf:d5:bc:81:d6:3f:68:2f:6d:8c:13:db:11:0d:45:e9:07: 16:5b:51:4c:10:f6:58:be:4e:16:45:d1:d9:08:19:06:d1:35: 0c:42:8c:6f:f4:b1:82:dd:ff:f5:20:82:15:e5:d3:d4:a9:e5: af:63:9d:c3:76:15:25:a5:e4:15:26:37:b9:2a:3d:13:b4:a0: f8:8a:bd:b7:61:8c:aa:d8:81:cd:66:f6:1c:17:4a:ee:a3:88: 82:cb:3a:f6:79:b0:c6:f9:2e:c7:bb:fe:9f:55:48:4c:64:a7: 7b:c6:38:8f:f2:26:19:49:ca:1e:1a:e9:4e:78:53:02:cd:17: 0e:e4:20:46:24:31:a0:0c:89:b7:ab:3f:00:18:d0:70:b9:e2: e8:ab:3a:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiGSY1q9zCx0TDFftaq3ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5YjFkN2MzYjRlZTg3MjMzMzZhNjU4NTM5YWE3MzQ2ZjIz ZDY3NzIwHhcNMjUxMjA1MjIwMTAxWhcNMjUxMjA2MjIwMTAxWjAzMTEwLwYDVQQD EyhmMzY5YTcxMjk4YTRhYmE3ZTU4ZTViNTMyMjlmNGJjMDRhYTM1Mjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPfKkJL+SiQgX0y0mwR9c0LKVD8o PkMvU7A9S+wGFm7GGPa1sPLDWNuShCv/CwoAHMEPqRH0OSTFuOc1lbQ4p+RJj86B i0Gb8qm5WvPoFcmdqrDCe8C02HyFb4zpHnO2cBF1I/P3Uzhb5y0WefeNGV2614HH yg3AB4bAX/8aRJvM1V1S3Iww+frb/KgOpz+GiUG4M0O/loQF7QFhIuIGjcIp/p2X LLhvDmWCD/1uKCMlyFYnZMHmUSQVPLt83uibrnbct1JIOrijfWCI6bFMVLxyj2do 3gm99/bMIBvoXtZHIIi8BPlfH24Rniqs3ErzrD02f4shTWY84dK5cEWHkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPNppxKYpKun5Y5bUyKfS8BKo1KVMB8GA1UdIwQY MBaAFMmx18O07ocjM2plhTmqc0byPWdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lMDk0YmQtMDkxYy00MzNiLWJmNTgt MTY0Y2M2YTRlZDFlLzEveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9lMDk0YmQtMDkxYy00MzNiLWJmNTgtMTY0Y2M2YTRlZDFl LzEveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNzTJnPY 83N2IxhiVDbelDtVoB244ziOe36s4unukIPygDnpbQMG+U5nvn5pSjFbJrJbsHXv O51TV95sKwrgkJZwQ+nVGAL+f027mAp/exY4INw7L+swS/3IKw7c2sXDHX0yqfvH w+/3fBoasb/VvIHWP2gvbYwT2xENRekHFltRTBD2WL5OFkXR2QgZBtE1DEKMb/Sx gt3/9SCCFeXT1Knlr2Odw3YVJaXkFSY3uSo9E7Sg+Iq9t2GMqtiBzWb2HBdK7qOI gss69nmwxvkux7v+n1VITGSne8Y4j/ImGUnKHhrpTnhTAs0XDuQgRiQxoAyJt6s/ ABjQcLni6Ks6VA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:46 2025 by rpki-client