This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft File: yIYjh23RrY5iSiPdUossZMgKhSE.mft (raw, json) Hash identifier: mzo2D5kOPJpeBrM09xwHFx9VWMXt2/0uWjYi5V+Fl2g= Subject key identifier: 4D:14:7D:F7:AE:B0:98:13:68:C5:A5:58:C5:42:21:88:F0:6C:DA:3E Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 Certificate issuer: /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Certificate serial: 019AF57854DC5DB2DA4A1B3DE4B217987664 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft Manifest number: 0684 Signing time: Sat 06 Dec 2025 21:01:35 +0000 Manifest this update: Sat 06 Dec 2025 21:01:35 +0000 Manifest next update: Sun 07 Dec 2025 21:01:35 +0000 Files and hashes: 1: 6bGSQZyXICWLbBfHBORwDUVmEgs.roa (hash: 1jQZKU6KRpYxffMVHliAkA59/J/hUE4iGAwCvJDdSlw=) 2: yIYjh23RrY5iSiPdUossZMgKhSE.crl (hash: YZpiSY8fAG/NwLlpSXQ45u7CNS+gzF/fR6NSmrcd4Ng=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:54:dc:5d:b2:da:4a:1b:3d:e4:b2:17:98:76:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521 Validity Not Before: Dec 6 21:01:35 2025 GMT Not After : Dec 7 21:01:35 2025 GMT Subject: CN=4d147df7aeb0981368c5a558c5422188f06cda3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1d:79:64:1f:b5:48:e9:36:41:62:47:01:84: fb:db:db:52:2d:71:a5:2f:c3:61:f8:74:88:e0:b2: d0:25:99:ee:ef:c2:db:43:3c:f3:e5:34:26:2b:a9: 1d:33:10:e0:cf:1f:31:98:84:2d:03:7b:fa:39:31: f6:fe:4a:dc:6f:38:c0:df:f5:04:19:83:2f:d1:9f: a8:ea:f3:90:22:d8:80:1e:2c:1f:71:1b:03:11:a5: b3:27:03:cf:3a:13:2c:e5:b9:2f:78:be:ff:f6:42: 0f:aa:0c:f2:b2:ef:2e:60:62:b7:6e:f7:e7:5a:b9: 19:15:18:f6:79:f1:b7:f1:86:3f:bc:a4:96:74:47: ec:64:4c:be:1c:38:34:92:0d:5b:01:7f:1f:c7:59: 0c:fd:ba:ae:57:35:ea:d2:42:2d:0f:ff:82:17:0c: 8a:f0:dd:27:71:3e:66:0b:ff:13:3b:82:9d:44:6d: ca:ac:79:b9:01:8c:e9:ca:88:f7:45:ce:6d:1b:dc: 4f:51:91:50:d9:a6:cf:d8:46:d0:e5:6c:c3:16:21: de:11:1d:e5:a9:47:b0:65:61:85:d3:30:1f:2d:f0: 25:ad:a0:50:31:c0:7b:56:9f:95:d1:fa:48:bf:7c: 47:b5:ff:bb:13:03:46:b8:5f:b8:a4:7a:61:2d:a2: be:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:14:7D:F7:AE:B0:98:13:68:C5:A5:58:C5:42:21:88:F0:6C:DA:3E X509v3 Authority Key Identifier: keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:e6:26:8b:68:a0:f1:f0:68:67:71:7e:19:bb:69:18:a2:b8: 72:43:c9:83:9e:f1:8b:bf:1d:f2:89:ae:fe:f9:cd:1d:fb:3a: 3d:0d:76:47:3b:25:6f:49:00:bf:27:6e:c5:ff:71:97:a4:81: b1:00:72:b6:fd:a5:0e:a3:3b:b5:23:fa:18:a7:f5:78:31:66: 10:dd:c7:af:cd:33:af:46:c5:80:b0:7f:52:49:31:dc:f8:70: 31:57:16:c1:2b:1b:bc:76:f3:c6:1b:d4:5d:93:44:14:b8:f5: 5c:31:e8:cb:7c:f6:3a:1c:ad:3c:a1:58:f8:39:fa:ae:e8:d9: 43:f6:31:3c:f8:e6:d8:38:64:61:4d:20:fe:11:7d:47:d5:41: 05:d2:1f:05:56:d2:74:0b:76:92:2c:7c:00:a6:b1:d6:09:ad: e1:3b:93:ba:60:92:ff:03:8a:10:a1:6e:25:1c:c3:d0:68:e5: 12:5c:7d:68:46:cf:68:65:6b:41:03:59:3f:58:a0:db:e4:e8: b2:07:e4:12:55:3a:38:2c:85:38:f6:bd:33:e5:63:5f:11:b0: 1b:ba:7d:0b:a3:58:77:a6:a1:33:bf:fd:89:1e:05:83:d8:3f: a6:a4:61:be:e3:1e:33:08:af:59:68:0f:d5:0c:f8:01:c5:1d: cc:32:a7:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eFTcXbLaShs95LIXmHZkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw YTg1MjEwHhcNMjUxMjA2MjEwMTM1WhcNMjUxMjA3MjEwMTM1WjAzMTEwLwYDVQQD Eyg0ZDE0N2RmN2FlYjA5ODEzNjhjNWE1NThjNTQyMjE4OGYwNmNkYTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB15ZB+1SOk2QWJHAYT729tSLXGl L8Nh+HSI4LLQJZnu78LbQzzz5TQmK6kdMxDgzx8xmIQtA3v6OTH2/krcbzjA3/UE GYMv0Z+o6vOQItiAHiwfcRsDEaWzJwPPOhMs5bkveL7/9kIPqgzysu8uYGK3bvfn WrkZFRj2efG38YY/vKSWdEfsZEy+HDg0kg1bAX8fx1kM/bquVzXq0kItD/+CFwyK 8N0ncT5mC/8TO4KdRG3KrHm5AYzpyoj3Rc5tG9xPUZFQ2abP2EbQ5WzDFiHeER3l qUewZWGF0zAfLfAlraBQMcB7Vp+V0fpIv3xHtf+7EwNGuF+4pHphLaK+xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE0UffeusJgTaMWlWMVCIYjwbNo+MB8GA1UdIwQY MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt MmViNTEyNjFkZGJhLzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeYmi2ig 8fBoZ3F+GbtpGKK4ckPJg57xi78d8omu/vnNHfs6PQ12Rzslb0kAvyduxf9xl6SB sQBytv2lDqM7tSP6GKf1eDFmEN3Hr80zr0bFgLB/Ukkx3PhwMVcWwSsbvHbzxhvU XZNEFLj1XDHoy3z2OhytPKFY+Dn6rujZQ/YxPPjm2DhkYU0g/hF9R9VBBdIfBVbS dAt2kix8AKax1gmt4TuTumCS/wOKEKFuJRzD0GjlElx9aEbPaGVrQQNZP1ig2+To sgfkElU6OCyFOPa9M+VjXxGwG7p9C6NYd6ahM7/9iR4Fg9g/pqRhvuMeMwivWWgP 1Qz4AcUdzDKnNA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:56:12 2025 by rpki-client