This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft File: y5-GErfxR1ABa4SMQvYN82rYMtk.mft (raw, json) Hash identifier: ibSsjv/uTTCQtPDICAJANfKjqCYN8VoDmO24Rn4UCaI= Subject key identifier: 09:49:AC:F8:94:80:89:06:00:67:9F:91:DB:C6:B8:9D:1E:13:47:3E Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9 Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9 Certificate serial: 019AF12D8B21C10C5288FB7117B5EA63132B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 01:01:24 +0000 Manifest this update: Sat 06 Dec 2025 01:01:24 +0000 Manifest next update: Sun 07 Dec 2025 01:01:24 +0000 Files and hashes: 1: 35Hkh6WGB56LhQUZWJy4fWu8adc.roa (hash: N+zjw78vBIKP/bKJa3b5qGQ6N/RlG9tWFNOT+GZrtRA=) 2: y5-GErfxR1ABa4SMQvYN82rYMtk.crl (hash: RkYlKz/xfYP4ufhvU/veLL2llnLtcuApe9LWjvaqH7o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:8b:21:c1:0c:52:88:fb:71:17:b5:ea:63:13:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9 Validity Not Before: Dec 6 01:01:24 2025 GMT Not After : Dec 7 01:01:24 2025 GMT Subject: CN=0949acf89480890600679f91dbc6b89d1e13473e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:99:30:6d:20:f5:fa:f9:d7:c2:09:c6:54:0f: 81:92:c9:a4:95:fc:27:f5:1c:f9:75:70:a4:cd:6f: 63:b3:23:9b:5d:2f:c4:c2:10:2b:6d:ad:c3:bd:2f: 47:4b:3c:57:09:2f:ac:a0:f0:11:2e:47:bd:26:94: ea:e1:61:64:b9:9f:e6:fa:65:cd:b6:3e:32:7e:ee: 03:b4:9f:32:72:ef:d7:3a:29:5d:14:4e:f6:39:d7: a6:80:f0:71:f9:f4:56:da:0c:e4:88:41:b3:af:8f: d9:ab:1e:4c:e6:18:36:ee:91:c7:f3:00:ce:06:24: 9d:88:a1:68:ea:7c:b6:de:16:01:b2:b3:ba:94:51: e5:ec:3c:6f:f2:e9:f5:84:cd:b8:da:25:07:55:3c: b3:f7:9e:d3:05:5b:14:fd:cc:da:7e:a4:7f:4a:18: f7:dc:95:bb:93:bd:84:75:39:26:6e:09:5c:78:01: 5f:b3:4a:53:be:3d:e7:bb:91:4f:a5:b0:35:31:c5: 95:bf:e0:90:b3:5e:2f:1d:8d:e7:4e:03:e0:4b:28: b7:4a:bf:b6:b3:db:7b:64:e3:46:6c:92:73:ef:05: 10:6a:bf:43:f6:69:f3:df:08:91:54:fe:2e:69:b4: 68:9c:45:93:dc:00:c2:da:88:0c:f2:39:04:39:95: d0:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:49:AC:F8:94:80:89:06:00:67:9F:91:DB:C6:B8:9D:1E:13:47:3E X509v3 Authority Key Identifier: keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:38:36:b5:98:07:99:0b:ac:a6:fc:54:73:bf:a9:6e:e6:c4: 77:b0:40:e7:4a:30:f9:49:34:dc:b0:96:8b:a7:c8:67:dd:21: a4:ed:53:82:72:41:86:c4:4d:10:c5:45:a6:5f:5e:20:4e:41: 01:e1:6b:0d:92:8c:1c:76:d6:f9:c6:ba:fa:02:f3:1e:78:5f: c2:fe:fe:58:ce:d4:f7:c7:29:67:79:93:76:d1:97:e1:56:96: f4:c6:15:21:e9:c6:97:3c:ef:61:58:7a:c5:e2:01:11:eb:58: 0b:32:fd:bd:ca:39:cd:e0:50:d2:a3:f0:da:61:c8:f1:84:93: d2:01:82:76:17:7e:45:24:14:2b:2d:a4:2d:a4:e4:03:12:48: fd:86:30:6a:81:d5:cd:f8:46:04:e0:1f:a6:e2:6f:a3:b8:83: b9:c7:92:a9:68:76:7b:00:e1:df:f4:cd:57:8c:4a:05:3a:69: ec:fb:0f:f6:5e:d4:67:5e:20:20:ce:85:64:45:90:f2:7a:d5: 05:78:c6:a1:91:54:d1:7f:06:7f:c7:7e:f4:69:43:01:76:ec: fe:19:e6:89:a7:32:b4:2b:aa:ce:96:36:7e:2b:1a:94:da:ac: 4a:05:30:b9:2e:b3:80:0d:e1:4e:88:bc:ad:25:10:ad:3f:56: 8d:59:f2:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYshwQxSiPtxF7XqYxMrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk ODMyZDkwHhcNMjUxMjA2MDEwMTI0WhcNMjUxMjA3MDEwMTI0WjAzMTEwLwYDVQQD EygwOTQ5YWNmODk0ODA4OTA2MDA2NzlmOTFkYmM2Yjg5ZDFlMTM0NzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5kwbSD1+vnXwgnGVA+Bksmklfwn 9Rz5dXCkzW9jsyObXS/EwhArba3DvS9HSzxXCS+soPARLke9JpTq4WFkuZ/m+mXN tj4yfu4DtJ8ycu/XOildFE72OdemgPBx+fRW2gzkiEGzr4/Zqx5M5hg27pHH8wDO BiSdiKFo6ny23hYBsrO6lFHl7Dxv8un1hM242iUHVTyz957TBVsU/czafqR/Shj3 3JW7k72EdTkmbglceAFfs0pTvj3nu5FPpbA1McWVv+CQs14vHY3nTgPgSyi3Sr+2 s9t7ZONGbJJz7wUQar9D9mnz3wiRVP4uabRonEWT3ADC2ogM8jkEOZXQEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAlJrPiUgIkGAGefkdvGuJ0eE0c+MB8GA1UdIwQY MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt YTJlYWRlODM5NTVkLzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejg2tZgH mQuspvxUc7+pbubEd7BA50ow+Uk03LCWi6fIZ90hpO1TgnJBhsRNEMVFpl9eIE5B AeFrDZKMHHbW+ca6+gLzHnhfwv7+WM7U98cpZ3mTdtGX4VaW9MYVIenGlzzvYVh6 xeIBEetYCzL9vco5zeBQ0qPw2mHI8YST0gGCdhd+RSQUKy2kLaTkAxJI/YYwaoHV zfhGBOAfpuJvo7iDuceSqWh2ewDh3/TNV4xKBTpp7PsP9l7UZ14gIM6FZEWQ8nrV BXjGoZFU0X8Gf8d+9GlDAXbs/hnmiacytCuqzpY2fisalNqsSgUwuS6zgA3hToi8 rSUQrT9WjVnygg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:44 2025 by rpki-client