This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft File: yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json) Hash identifier: g93xQgky0sOqxRpCbsTkcrcFpoFSwia4eZZ9X7hj8MM= Subject key identifier: EA:6F:8F:38:3C:33:94:C7:C2:FD:06:A3:21:40:89:ED:73:78:A6:06 Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB Certificate issuer: /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb Certificate serial: 019AF050FB1107281075D895583EB7368CE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft Manifest number: 035D Signing time: Fri 05 Dec 2025 21:00:30 +0000 Manifest this update: Fri 05 Dec 2025 21:00:30 +0000 Manifest next update: Sat 06 Dec 2025 21:00:30 +0000 Files and hashes: 1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: 5cXzFttBA/8PWFoxD/OQJnv5Q3BY8+IiVYFRg2mVPgo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:50:fb:11:07:28:10:75:d8:95:58:3e:b7:36:8c:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb Validity Not Before: Dec 5 21:00:30 2025 GMT Not After : Dec 6 21:00:30 2025 GMT Subject: CN=ea6f8f383c3394c7c2fd06a3214089ed7378a606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:2d:06:9e:bf:5b:84:c4:06:b0:85:83:55:7e: bf:31:5f:dd:26:2f:b8:cd:76:66:33:87:ac:e0:0a: 96:73:91:80:6d:a1:75:28:b7:a9:64:9d:b4:7d:ec: ee:b6:f7:2c:08:d9:05:b1:16:e2:39:c4:8f:c3:1d: 23:d6:54:cf:c0:b0:b3:65:13:2f:49:34:a2:98:71: d7:04:30:4d:01:8e:87:15:66:d2:7b:de:7d:c1:d5: db:bf:05:88:d1:a5:72:ca:50:74:1b:75:02:ef:25: 14:b4:cd:67:2a:ed:30:ea:94:9d:6c:19:92:e4:ec: 6b:16:b4:fd:41:94:8c:1c:2f:7f:f0:6c:44:59:31: cf:9f:df:4d:10:f2:0f:ed:7b:d2:03:06:90:75:95: 09:85:e4:e7:90:33:f3:5f:10:c2:0b:3b:b4:e4:57: 6c:04:61:2a:31:43:a2:bf:8a:9a:cf:cb:b2:a9:0f: 9f:42:07:ff:0a:1a:fc:e6:8b:c0:a1:6b:fd:b6:ed: 3e:7f:c3:45:4d:b3:3f:56:c4:ac:2c:72:5d:05:86: b9:4d:d3:47:ae:e5:26:30:55:2d:d8:d1:23:39:04: dc:4c:b3:2c:6c:4d:f0:06:c1:e4:d6:71:04:15:df: c6:73:b4:88:30:be:07:fb:49:89:06:84:ee:2c:66: 73:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:6F:8F:38:3C:33:94:C7:C2:FD:06:A3:21:40:89:ED:73:78:A6:06 X509v3 Authority Key Identifier: keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:0d:06:8f:54:6e:51:65:68:07:e3:c5:61:e6:f3:f5:8b:10: 37:c0:1d:70:8d:68:5d:b8:5e:dc:69:ac:6e:12:71:4f:41:b4: b9:77:5e:2d:ec:eb:fc:5a:7e:13:c7:cf:16:04:94:8c:b8:fc: 62:29:4a:6c:4b:56:7f:46:c2:e8:02:6f:0b:c3:4e:cd:1b:48: cf:e7:06:1c:2a:c7:99:66:d9:13:88:9f:33:c3:03:40:2c:51: 43:6e:a8:ef:3c:0c:d3:6b:0d:99:bf:0a:f2:0a:95:63:b4:2b: fd:bd:7c:53:db:76:41:d0:82:e1:97:cd:37:eb:4f:54:2b:ef: b1:0d:50:01:2a:b4:a7:15:53:06:d1:fd:b4:e6:48:1c:ea:ee: 6a:8d:f2:01:82:7a:03:9b:d0:c6:46:3f:07:70:91:30:84:bc: 1c:0b:62:c7:7a:6d:d3:d4:e1:87:f7:8c:ff:0b:54:76:b5:bb: d3:81:e4:d4:1a:3b:1d:e7:16:e1:04:28:9c:17:8b:1d:0e:c1: 07:14:9d:99:18:39:53:70:3e:c3:47:5e:cc:a1:c7:d4:e3:b4: b9:0e:c9:57:62:71:f9:b9:9f:8f:3e:57:c0:f5:2f:b3:57:c4: 30:48:24:24:bc:d9:ee:1a:48:d4:c2:02:3f:ce:c7:d1:8e:04: 74:30:51:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUPsRBygQddiVWD63NoznMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0 ZGY2Y2IwHhcNMjUxMjA1MjEwMDMwWhcNMjUxMjA2MjEwMDMwWjAzMTEwLwYDVQQD EyhlYTZmOGYzODNjMzM5NGM3YzJmZDA2YTMyMTQwODllZDczNzhhNjA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy0Gnr9bhMQGsIWDVX6/MV/dJi+4 zXZmM4es4AqWc5GAbaF1KLepZJ20fezutvcsCNkFsRbiOcSPwx0j1lTPwLCzZRMv STSimHHXBDBNAY6HFWbSe959wdXbvwWI0aVyylB0G3UC7yUUtM1nKu0w6pSdbBmS 5OxrFrT9QZSMHC9/8GxEWTHPn99NEPIP7XvSAwaQdZUJheTnkDPzXxDCCzu05Fds BGEqMUOiv4qaz8uyqQ+fQgf/Chr85ovAoWv9tu0+f8NFTbM/VsSsLHJdBYa5TdNH ruUmMFUt2NEjOQTcTLMsbE3wBsHk1nEEFd/Gc7SIML4H+0mJBoTuLGZzqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOpvjzg8M5THwv0GoyFAie1zeKYGMB8GA1UdIwQY MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATA0Gj1Ru UWVoB+PFYebz9YsQN8AdcI1oXbhe3GmsbhJxT0G0uXdeLezr/Fp+E8fPFgSUjLj8 YilKbEtWf0bC6AJvC8NOzRtIz+cGHCrHmWbZE4ifM8MDQCxRQ26o7zwM02sNmb8K 8gqVY7Qr/b18U9t2QdCC4ZfNN+tPVCvvsQ1QASq0pxVTBtH9tOZIHOruao3yAYJ6 A5vQxkY/B3CRMIS8HAtix3pt09Thh/eM/wtUdrW704Hk1Bo7HecW4QQonBeLHQ7B BxSdmRg5U3A+w0dezKHH1OO0uQ7JV2Jx+bmfjz5XwPUvs1fEMEgkJLzZ7hpI1MIC P87H0Y4EdDBRLQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:53 2025 by rpki-client