This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft File: yd_q7KItLSYYtDPPAKsUS9i4Db0.mft (raw, json) Hash identifier: 0tPGey9V1MvvoFKHOk1oF0fLXuDRsX43zjriUOVzXRY= Subject key identifier: F6:B3:5A:74:79:AF:60:3C:D5:4D:58:0A:57:00:0C:74:50:43:02:AF Authority key identifier: C9:DF:EA:EC:A2:2D:2D:26:18:B4:33:CF:00:AB:14:4B:D8:B8:0D:BD Certificate issuer: /CN=c9dfeaeca22d2d2618b433cf00ab144bd8b80dbd Certificate serial: 019AF1D1FE0B74F1FEF76DD557B254150D04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft Manifest number: 0895 Signing time: Sat 06 Dec 2025 04:01:02 +0000 Manifest this update: Sat 06 Dec 2025 04:01:02 +0000 Manifest next update: Sun 07 Dec 2025 04:01:02 +0000 Files and hashes: 1: YSlfWP3DY80Smx0TIqkuPzTOoec.roa (hash: zxri6NDPBUgI6E9l7vT1svBXNo7QAt30+iiVihETiFE=) 2: yd_q7KItLSYYtDPPAKsUS9i4Db0.crl (hash: bm1YWJj4CaRiwcCzYtCUkHperoKc/ftPEd/+ECYaGyg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:fe:0b:74:f1:fe:f7:6d:d5:57:b2:54:15:0d:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9dfeaeca22d2d2618b433cf00ab144bd8b80dbd Validity Not Before: Dec 6 04:01:02 2025 GMT Not After : Dec 7 04:01:02 2025 GMT Subject: CN=f6b35a7479af603cd54d580a57000c74504302af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:eb:8c:e5:b2:a9:73:d5:c4:9e:36:2d:5b:a8: 6d:c9:4f:bf:a1:d3:5e:db:8f:fc:00:74:07:8f:5e: a1:5f:f1:5f:b4:7c:9e:fc:ce:30:87:cd:bc:10:01: 98:55:fd:d0:c5:44:53:f6:34:d2:d8:52:73:d8:b4: f8:8b:ac:ee:e6:fc:62:4b:78:ba:7c:2e:68:65:97: 21:43:30:e2:f9:27:be:31:b4:39:77:52:10:b6:f8: 3b:da:b5:b3:35:26:08:6c:75:4a:95:a0:f9:cf:77: 09:3a:d9:11:bc:e6:c0:45:aa:46:0a:ba:53:27:27: 2e:7a:62:1c:94:21:cd:26:34:2b:68:22:ec:28:dc: 0f:32:98:2b:51:7d:bd:e7:68:39:93:28:32:8a:26: 01:48:36:a0:73:33:75:39:68:80:43:3b:6d:45:61: 72:0a:e7:dc:c1:dd:f1:5f:a7:c6:43:5c:24:47:9d: 3a:c2:ac:77:02:99:7b:8f:2b:31:40:98:4b:6c:f9: 52:8c:b7:a2:b0:95:1b:67:c8:cc:f4:9e:7a:ea:d2: 91:c4:d7:c8:10:10:d3:1c:38:f1:a4:da:d7:9b:77: 0e:61:7b:3f:1e:bf:84:7b:aa:dd:83:ab:66:ce:09: 81:f8:bf:46:36:8d:a7:b8:8b:29:e6:85:70:37:f6: 92:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:B3:5A:74:79:AF:60:3C:D5:4D:58:0A:57:00:0C:74:50:43:02:AF X509v3 Authority Key Identifier: keyid:C9:DF:EA:EC:A2:2D:2D:26:18:B4:33:CF:00:AB:14:4B:D8:B8:0D:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:4b:a3:67:58:f5:98:a7:f9:07:34:7e:8c:7d:1f:f0:1f:92: c0:eb:18:57:be:23:ad:e5:1d:34:72:7d:0c:5d:0e:42:37:6c: 11:e6:61:9d:43:a6:0d:e4:86:40:67:2f:67:b6:65:5b:1a:3c: 18:7c:4a:1f:23:f9:4a:59:be:ca:28:a5:3a:b2:c1:58:41:cb: 6e:5a:29:de:83:40:e9:c1:56:be:43:56:f9:c4:bd:fa:b3:86: 56:ca:13:c3:c5:ca:68:4f:9f:b6:27:7c:71:fc:d6:90:5c:fe: 8a:ef:b8:cb:a2:95:cc:66:01:54:d8:f7:92:a4:f3:71:b6:58: a4:61:78:3e:57:b9:61:3f:88:24:95:fa:8d:7c:54:37:ae:f6: a6:84:83:ff:27:2a:31:e6:e5:50:69:db:50:34:84:c4:1f:fd: a1:07:25:d4:f4:33:05:16:66:6a:a8:1a:d8:f1:ff:6c:f6:77: 55:12:09:cc:86:d4:8d:42:24:76:6b:56:f6:2b:56:85:7f:14: 94:20:af:a4:54:da:2b:7e:a2:a1:8b:32:f6:18:ed:a5:26:44: 00:9f:30:95:36:90:e9:c3:3c:ed:d5:49:9c:f1:80:9e:85:a4: c5:03:a3:60:7f:74:fe:ef:56:6b:91:1d:2a:44:06:f6:87:a4: da:d3:c7:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0f4LdPH+923VV7JUFQ0EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5ZGZlYWVjYTIyZDJkMjYxOGI0MzNjZjAwYWIxNDRiZDhi ODBkYmQwHhcNMjUxMjA2MDQwMTAyWhcNMjUxMjA3MDQwMTAyWjAzMTEwLwYDVQQD EyhmNmIzNWE3NDc5YWY2MDNjZDU0ZDU4MGE1NzAwMGM3NDUwNDMwMmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseuM5bKpc9XEnjYtW6htyU+/odNe 24/8AHQHj16hX/FftHye/M4wh828EAGYVf3QxURT9jTS2FJz2LT4i6zu5vxiS3i6 fC5oZZchQzDi+Se+MbQ5d1IQtvg72rWzNSYIbHVKlaD5z3cJOtkRvObARapGCrpT JycuemIclCHNJjQraCLsKNwPMpgrUX2952g5kygyiiYBSDagczN1OWiAQzttRWFy Cufcwd3xX6fGQ1wkR506wqx3Apl7jysxQJhLbPlSjLeisJUbZ8jM9J566tKRxNfI EBDTHDjxpNrXm3cOYXs/Hr+Ee6rdg6tmzgmB+L9GNo2nuIsp5oVwN/aS/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPazWnR5r2A81U1YClcADHRQQwKvMB8GA1UdIwQY MBaAFMnf6uyiLS0mGLQzzwCrFEvYuA29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdiMTUtZDVkYy00M2U1LTgwOWMt YmMzNjJkMzc2OGJkLzEveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi85NTdiMTUtZDVkYy00M2U1LTgwOWMtYmMzNjJkMzc2OGJk LzEveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaEujZ1j1 mKf5BzR+jH0f8B+SwOsYV74jreUdNHJ9DF0OQjdsEeZhnUOmDeSGQGcvZ7ZlWxo8 GHxKHyP5Slm+yiilOrLBWEHLblop3oNA6cFWvkNW+cS9+rOGVsoTw8XKaE+ftid8 cfzWkFz+iu+4y6KVzGYBVNj3kqTzcbZYpGF4Ple5YT+IJJX6jXxUN672poSD/ycq MeblUGnbUDSExB/9oQcl1PQzBRZmaqga2PH/bPZ3VRIJzIbUjUIkdmtW9itWhX8U lCCvpFTaK36ioYsy9hjtpSZEAJ8wlTaQ6cM87dVJnPGAnoWkxQOjYH90/u9Wa5Ed KkQG9oek2tPH0g== -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:53 2025 by rpki-client