This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.mft File: yy2f-G42PbNNBVbsFkUfL38wPSQ.mft (raw, json) Hash identifier: LxpeyubJD45ADur/ohpqdx6bIrVJmCyxen33pQdI0i0= Subject key identifier: DD:C7:F4:12:4B:CB:4A:9A:CD:FD:16:DD:46:BA:60:C9:C6:A3:D6:57 Authority key identifier: CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24 Certificate issuer: /CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24 Certificate serial: 019AF1D226051609B2E7F60AC82EDA8142AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 04:01:12 +0000 Manifest this update: Sat 06 Dec 2025 04:01:12 +0000 Manifest next update: Sun 07 Dec 2025 04:01:12 +0000 Files and hashes: 1: 92Huf3IHz49yEZcp8laODPaay4A.roa (hash: fHDvsxbqA8PNa+801vhXYVjpC3kLuwr6JG2deunc2nA=) 2: yy2f-G42PbNNBVbsFkUfL38wPSQ.crl (hash: rA8Qv4qAbZ02oXBmO8KpB5VlXWng4FVyoBRrU3JwYp0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.crl rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:26:05:16:09:b2:e7:f6:0a:c8:2e:da:81:42:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb2d9ff86e363db34d0556ec16451f2f7f303d24 Validity Not Before: Dec 6 04:01:12 2025 GMT Not After : Dec 7 04:01:12 2025 GMT Subject: CN=ddc7f4124bcb4a9acdfd16dd46ba60c9c6a3d657 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:5f:ea:80:4f:e4:5c:c3:64:89:d4:e8:7c:c6: 63:e7:33:8f:56:28:fd:c5:af:e7:b8:ba:a4:cc:4a: 04:9e:d1:81:52:9d:fd:41:ed:8e:6c:3a:5c:7f:a2: 9a:e1:aa:58:9c:d6:c8:06:40:42:8b:d7:81:c9:4c: 8e:55:05:62:40:e1:1d:f6:37:7a:a4:63:72:fd:65: 18:4e:38:b9:f3:02:43:7f:55:48:91:60:39:31:71: 2b:d0:b5:97:78:d6:5e:93:45:0d:5e:8e:ca:02:f7: 5a:cc:94:e8:4c:fa:00:09:c4:fb:f3:3a:65:36:08: f4:ef:2a:8b:37:d6:11:1e:69:8e:66:2a:1b:59:27: 61:b8:3f:e8:f9:b6:0c:6e:01:87:b5:74:bd:be:0d: a7:43:9a:58:bd:b8:5e:fb:86:16:16:e0:44:7d:d4: 15:6b:f6:94:b4:d0:c7:74:ea:02:98:1b:0d:94:56: 3a:ee:bc:ad:f8:41:30:2a:d0:08:a0:99:da:f6:57: a9:45:92:06:36:29:ea:4c:ef:29:4b:bd:b3:27:81: c8:80:94:ac:ae:24:da:ed:e9:1c:e7:51:90:f8:e6: 6d:fa:47:8f:75:41:06:b2:14:5c:a5:6d:1d:e7:8b: 54:0f:eb:94:2a:9f:3e:ac:ce:80:38:cc:11:c1:f9: a0:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:C7:F4:12:4B:CB:4A:9A:CD:FD:16:DD:46:BA:60:C9:C6:A3:D6:57 X509v3 Authority Key Identifier: keyid:CB:2D:9F:F8:6E:36:3D:B3:4D:05:56:EC:16:45:1F:2F:7F:30:3D:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yy2f-G42PbNNBVbsFkUfL38wPSQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b1af5b-089e-4cbe-bbe9-425ee968df0b/1/yy2f-G42PbNNBVbsFkUfL38wPSQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:dd:e7:23:8a:ea:ed:d4:6e:f1:80:e7:55:50:32:23:ad:c9: 56:34:a1:be:07:27:f2:ed:c1:60:82:43:3b:2a:56:ba:99:1e: 0a:b5:ec:f2:02:6b:54:ce:66:df:83:3c:02:d5:4e:dd:ff:f5: d0:d7:a4:95:4a:cf:ac:03:1d:52:f7:02:ec:41:bc:ba:91:83: a3:64:47:5b:0e:61:55:93:0f:6a:f8:c2:19:e0:9e:13:91:78: 3f:5f:60:f8:20:61:80:b5:6f:3e:8b:18:55:3a:8c:fd:5d:59: b5:99:00:e0:3a:28:75:78:92:4a:52:04:bb:6f:e8:18:62:7a: 93:cd:3a:30:c3:3f:a8:11:9b:0b:44:9d:29:32:4c:ed:99:30: 0a:d9:08:2b:83:1f:1c:06:ec:c4:7b:85:0f:ce:eb:73:cc:c6: 1f:02:60:5b:22:c9:30:33:3c:7a:91:3c:3c:a0:03:54:fd:96: 83:a1:b1:ef:d3:f5:b9:09:a8:3e:c7:f2:f8:36:c0:4b:c8:a0: b5:ed:85:fb:23:9d:b3:51:d3:c8:2c:30:db:14:23:02:88:cc: 17:3b:c6:fa:b5:3c:61:b7:a1:59:90:59:8c:d8:ed:11:ae:a4: 57:1b:d1:9e:02:3b:56:c1:8b:a3:24:b9:a6:6e:b4:fd:97:b0: 99:cb:0f:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0iYFFgmy5/YKyC7agUKuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiMmQ5ZmY4NmUzNjNkYjM0ZDA1NTZlYzE2NDUxZjJmN2Yz MDNkMjQwHhcNMjUxMjA2MDQwMTEyWhcNMjUxMjA3MDQwMTEyWjAzMTEwLwYDVQQD EyhkZGM3ZjQxMjRiY2I0YTlhY2RmZDE2ZGQ0NmJhNjBjOWM2YTNkNjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l/qgE/kXMNkidTofMZj5zOPVij9 xa/nuLqkzEoEntGBUp39Qe2ObDpcf6Ka4apYnNbIBkBCi9eByUyOVQViQOEd9jd6 pGNy/WUYTji58wJDf1VIkWA5MXEr0LWXeNZek0UNXo7KAvdazJToTPoACcT78zpl Ngj07yqLN9YRHmmOZiobWSdhuD/o+bYMbgGHtXS9vg2nQ5pYvbhe+4YWFuBEfdQV a/aUtNDHdOoCmBsNlFY67ryt+EEwKtAIoJna9lepRZIGNinqTO8pS72zJ4HIgJSs riTa7ekc51GQ+OZt+kePdUEGshRcpW0d54tUD+uUKp8+rM6AOMwRwfmgzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3H9BJLy0qazf0W3Ua6YMnGo9ZXMB8GA1UdIwQY MBaAFMstn/huNj2zTQVW7BZFHy9/MD0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXkyZi1HNDJQYk5OQlZic0ZrVWZMMzh3UFNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMWFmNWItMDg5ZS00Y2JlLWJiZTkt NDI1ZWU5NjhkZjBiLzEveXkyZi1HNDJQYk5OQlZic0ZrVWZMMzh3UFNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9iMWFmNWItMDg5ZS00Y2JlLWJiZTktNDI1ZWU5NjhkZjBi LzEveXkyZi1HNDJQYk5OQlZic0ZrVWZMMzh3UFNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeN3nI4rq 7dRu8YDnVVAyI63JVjShvgcn8u3BYIJDOypWupkeCrXs8gJrVM5m34M8AtVO3f/1 0NeklUrPrAMdUvcC7EG8upGDo2RHWw5hVZMPavjCGeCeE5F4P19g+CBhgLVvPosY VTqM/V1ZtZkA4DoodXiSSlIEu2/oGGJ6k806MMM/qBGbC0SdKTJM7ZkwCtkIK4Mf HAbsxHuFD87rc8zGHwJgWyLJMDM8epE8PKADVP2Wg6Gx79P1uQmoPsfy+DbAS8ig te2F+yOds1HTyCww2xQjAojMFzvG+rU8YbehWZBZjNjtEa6kVxvRngI7VsGLoyS5 pm60/ZewmcsPKA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:38:11 2025 by rpki-client