This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft File: Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json) Hash identifier: JydBNPcENpF1MShm6FBHCr07Sxme87pVW/c+U0xUZ+Y= Subject key identifier: 39:CF:3A:2D:55:A9:14:5C:EC:2A:48:33:DA:9F:5E:53:89:6A:E0:C7 Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7 Certificate issuer: /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7 Certificate serial: 019AF12D705EC1558690EDF7B3E65E30BCB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft Manifest number: 0C41 Signing time: Sat 06 Dec 2025 01:01:18 +0000 Manifest this update: Sat 06 Dec 2025 01:01:18 +0000 Manifest next update: Sun 07 Dec 2025 01:01:18 +0000 Files and hashes: 1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: inyzxd2twgPOp0LyU8UHGCX0R5rgkrBHQsw2Q9vvW4Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:70:5e:c1:55:86:90:ed:f7:b3:e6:5e:30:bc:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7 Validity Not Before: Dec 6 01:01:18 2025 GMT Not After : Dec 7 01:01:18 2025 GMT Subject: CN=39cf3a2d55a9145cec2a4833da9f5e53896ae0c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:58:33:f1:a4:b3:f4:35:12:1a:47:0c:83:8d: 21:cc:08:d0:8d:6e:cb:e3:15:b3:4f:9b:36:c3:e2: c6:e2:4d:28:91:cd:b2:85:f4:29:ad:3d:a3:b6:65: d0:a0:af:2a:97:7c:5e:df:da:a0:b3:48:5c:70:ed: 2a:6a:57:f8:88:3e:6a:54:ce:d3:a8:50:92:1b:7d: 62:cf:28:12:85:c4:12:5f:83:fb:31:2e:6c:11:22: fc:ca:89:59:87:6f:a3:f5:b9:ee:63:d7:43:eb:61: f7:9b:db:1f:b3:3d:cb:82:32:b8:d7:79:29:05:e2: dc:4a:ee:81:51:84:0a:d6:b7:08:23:4c:f8:48:de: fc:18:82:5a:b9:1e:32:d0:b4:37:93:81:f4:dd:37: 6e:44:d0:e1:d8:52:38:16:62:e7:f2:24:64:19:4e: 97:68:a1:9d:70:7d:59:05:19:85:ce:9b:50:db:2f: f1:09:20:8e:b9:e8:ff:c7:2d:4d:20:36:43:29:c6: 92:80:10:93:3c:05:71:27:d9:49:e2:3d:47:65:c6: 14:e0:8c:cf:e8:8f:7f:09:bc:1a:55:23:ce:34:c1: 20:38:0f:dd:1c:9a:8b:0f:1a:07:d7:1e:63:e2:c4: 22:7c:af:7b:41:7f:8a:28:83:b7:a5:a6:e3:28:a3: e8:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:CF:3A:2D:55:A9:14:5C:EC:2A:48:33:DA:9F:5E:53:89:6A:E0:C7 X509v3 Authority Key Identifier: keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:16:aa:5d:69:01:cd:c1:88:27:19:3d:5b:0f:0a:27:35:d8: 69:54:c8:30:c3:55:bd:2c:f3:15:58:22:91:dc:b8:c2:d4:1a: ff:bd:0e:d3:95:80:a6:50:fd:3a:87:6f:eb:82:3f:a4:d3:08: 77:c0:84:45:3b:b6:e7:98:ce:39:29:c6:95:00:f5:90:11:2f: 1e:fd:c6:e0:cd:47:8b:3d:02:08:af:e2:28:e7:0f:3b:f6:cf: 1e:ae:e6:fa:7e:07:bd:b3:0e:f8:29:7b:40:59:45:a9:36:1e: ea:8a:de:d2:bf:c6:36:92:9e:6c:41:f3:3b:96:00:8a:90:69: d5:52:63:a0:ed:42:db:ca:a8:d2:35:eb:73:7b:38:8d:3e:61: 1d:7d:85:97:99:cf:89:31:4e:66:75:47:db:59:6c:20:07:bb: 98:5f:42:45:b1:5a:ea:da:66:6a:b7:05:1e:4e:6e:68:4e:d3: a1:9c:15:61:56:85:81:88:a7:ae:c7:ee:81:57:86:b2:56:1c: df:fb:df:d0:f3:ca:70:10:87:dc:08:8c:0c:15:22:92:66:ae: 2a:82:67:91:60:7d:a0:b8:3f:6f:3d:95:ae:0a:6b:15:75:9c: 5e:0c:2b:45:07:8e:e1:b6:bb:a1:18:21:2c:9f:bb:7a:f5:ac: 5c:71:7e:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLXBewVWGkO33s+ZeMLy2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm NGE2YzcwHhcNMjUxMjA2MDEwMTE4WhcNMjUxMjA3MDEwMTE4WjAzMTEwLwYDVQQD EygzOWNmM2EyZDU1YTkxNDVjZWMyYTQ4MzNkYTlmNWU1Mzg5NmFlMGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1gz8aSz9DUSGkcMg40hzAjQjW7L 4xWzT5s2w+LG4k0okc2yhfQprT2jtmXQoK8ql3xe39qgs0hccO0qalf4iD5qVM7T qFCSG31izygShcQSX4P7MS5sESL8yolZh2+j9bnuY9dD62H3m9sfsz3LgjK413kp BeLcSu6BUYQK1rcII0z4SN78GIJauR4y0LQ3k4H03TduRNDh2FI4FmLn8iRkGU6X aKGdcH1ZBRmFzptQ2y/xCSCOuej/xy1NIDZDKcaSgBCTPAVxJ9lJ4j1HZcYU4IzP 6I9/CbwaVSPONMEgOA/dHJqLDxoH1x5j4sQifK97QX+KKIO3pabjKKPowQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDnPOi1VqRRc7CpIM9qfXlOJauDHMB8GA1UdIwQY MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5 LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRaqXWkB zcGIJxk9Ww8KJzXYaVTIMMNVvSzzFVgikdy4wtQa/70O05WAplD9Oodv64I/pNMI d8CERTu255jOOSnGlQD1kBEvHv3G4M1Hiz0CCK/iKOcPO/bPHq7m+n4HvbMO+Cl7 QFlFqTYe6ore0r/GNpKebEHzO5YAipBp1VJjoO1C28qo0jXrc3s4jT5hHX2Fl5nP iTFOZnVH21lsIAe7mF9CRbFa6tpmarcFHk5uaE7ToZwVYVaFgYinrsfugVeGslYc 3/vf0PPKcBCH3AiMDBUikmauKoJnkWB9oLg/bz2VrgprFXWcXgwrRQeO4ba7oRgh LJ+7evWsXHF+Qg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:08:17 2025 by rpki-client