This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft File: YEBzL9vKpSkA2yRiB1v07xUVlpU.mft (raw, json) Hash identifier: B5/DkHeV0lUGgWd6hhUdSWNSMBGegkRFaggCcihicro= Subject key identifier: 9F:BE:29:F8:74:00:74:8C:FC:12:CC:74:06:A2:29:7C:62:6C:E1:46 Authority key identifier: 60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95 Certificate issuer: /CN=6040732fdbcaa52900db2462075bf4ef15159695 Certificate serial: 019AF2ADFC98D2EB28AFC308D86337322622 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft Manifest number: 0612 Signing time: Sat 06 Dec 2025 08:01:19 +0000 Manifest this update: Sat 06 Dec 2025 08:01:19 +0000 Manifest next update: Sun 07 Dec 2025 08:01:19 +0000 Files and hashes: 1: 2zI93eWS4MAq1q_HzWCmHMK0vvc.roa (hash: OPrS0FrS6pSekQT7FXidaqihz4eIxPAHQ00wl3WWNU8=) 2: YEBzL9vKpSkA2yRiB1v07xUVlpU.crl (hash: G/FS3lSBvEFgXZ/8+hE2U3sFge+jiSS46cxNYfSP6IM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:fc:98:d2:eb:28:af:c3:08:d8:63:37:32:26:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6040732fdbcaa52900db2462075bf4ef15159695 Validity Not Before: Dec 6 08:01:19 2025 GMT Not After : Dec 7 08:01:19 2025 GMT Subject: CN=9fbe29f87400748cfc12cc7406a2297c626ce146 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:99:69:16:95:5a:56:51:72:4d:fa:c0:54:33: 48:c0:6e:a3:42:5f:a9:5e:5c:8a:74:e6:7b:dc:cf: e6:43:2b:ea:20:fc:5e:2d:19:a4:7b:56:14:8b:95: 0e:d8:b0:56:7a:b9:fd:2a:61:b6:fe:7e:4e:3f:91: 2c:7d:48:26:e4:d8:bb:e5:f7:79:23:f0:4a:a2:bf: 83:d9:f8:f0:58:f3:45:9f:83:bd:3b:24:5b:37:1b: 81:d9:8b:bb:89:d7:7b:cf:ee:f4:2a:51:44:b4:84: 46:b0:4a:08:ed:67:17:fb:5f:35:76:70:67:93:5c: e6:7e:b8:0a:8f:a8:db:58:77:7c:51:32:e8:ab:57: ef:53:75:dd:e2:af:a8:8f:f7:fd:19:63:e7:90:0d: ee:54:38:da:74:b0:3e:62:13:d7:01:c9:63:bf:22: 45:4b:c3:0a:d0:d5:30:0e:af:2b:bf:0c:dd:21:6e: b1:39:95:a3:3b:a9:6b:42:8d:be:b5:0d:61:5c:ba: 7f:28:25:98:5a:5d:15:d6:2b:45:d4:61:cd:b0:4e: 9f:7b:b5:1b:40:2f:dc:59:b0:61:42:50:92:56:ea: dd:ec:d3:27:bf:66:ab:c3:47:2d:5f:88:60:49:60: 7e:09:64:13:d8:56:58:c0:eb:0b:66:cd:2e:c7:09: 27:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:BE:29:F8:74:00:74:8C:FC:12:CC:74:06:A2:29:7C:62:6C:E1:46 X509v3 Authority Key Identifier: keyid:60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:86:94:73:f5:2b:d9:45:4a:8d:c3:98:50:1e:1d:f3:70:46: fd:44:42:01:f5:91:b0:44:eb:b6:5c:96:7c:b6:77:e1:5e:76: d6:e4:b1:28:17:df:6d:2b:a2:24:a6:f7:23:c6:b1:95:ef:39: 85:76:b9:5f:fd:42:59:e8:eb:21:b5:a6:c5:a8:82:8a:55:46: c2:58:0c:55:96:32:90:36:41:47:f0:1c:d3:15:a3:2b:dc:0c: 99:7f:ed:78:84:5a:4b:66:4c:43:f6:53:80:05:d0:82:ce:2c: 26:d5:16:c8:7e:de:91:97:70:c1:80:5f:56:54:53:74:1f:ec: ab:77:3c:94:94:a2:ad:05:2b:c4:a7:51:83:f3:87:bb:93:d9: 7c:0b:62:2d:9d:98:5c:16:d4:4c:08:ef:c8:41:20:6d:02:b7: 71:8f:35:f4:9c:3a:62:c0:ab:96:99:d9:bd:c8:0f:44:6b:be: 9d:8b:c5:2e:6c:c9:64:b5:47:4a:97:c7:37:2f:0a:fe:7f:56: d3:a1:90:55:61:0f:13:e6:c2:51:16:67:85:88:32:93:c5:b9: 9e:c8:67:40:4e:06:db:d0:2b:65:b4:f8:3b:93:20:95:b9:9f: 6b:6d:14:4e:d2:7d:d0:39:aa:a0:48:2d:4f:5c:66:28:df:a8: 66:04:27:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrfyY0usor8MI2GM3MiYiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNDA3MzJmZGJjYWE1MjkwMGRiMjQ2MjA3NWJmNGVmMTUx NTk2OTUwHhcNMjUxMjA2MDgwMTE5WhcNMjUxMjA3MDgwMTE5WjAzMTEwLwYDVQQD Eyg5ZmJlMjlmODc0MDA3NDhjZmMxMmNjNzQwNmEyMjk3YzYyNmNlMTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZlpFpVaVlFyTfrAVDNIwG6jQl+p XlyKdOZ73M/mQyvqIPxeLRmke1YUi5UO2LBWern9KmG2/n5OP5EsfUgm5Ni75fd5 I/BKor+D2fjwWPNFn4O9OyRbNxuB2Yu7idd7z+70KlFEtIRGsEoI7WcX+181dnBn k1zmfrgKj6jbWHd8UTLoq1fvU3Xd4q+oj/f9GWPnkA3uVDjadLA+YhPXAcljvyJF S8MK0NUwDq8rvwzdIW6xOZWjO6lrQo2+tQ1hXLp/KCWYWl0V1itF1GHNsE6fe7Ub QC/cWbBhQlCSVurd7NMnv2arw0ctX4hgSWB+CWQT2FZYwOsLZs0uxwkndwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ++Kfh0AHSM/BLMdAaiKXxibOFGMB8GA1UdIwQY MBaAFGBAcy/byqUpANskYgdb9O8VFZaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUt ZDJiNjk4MmJjNDg0LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUtZDJiNjk4MmJjNDg0 LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUoaUc/Ur 2UVKjcOYUB4d83BG/URCAfWRsETrtlyWfLZ34V521uSxKBffbSuiJKb3I8axle85 hXa5X/1CWejrIbWmxaiCilVGwlgMVZYykDZBR/Ac0xWjK9wMmX/teIRaS2ZMQ/ZT gAXQgs4sJtUWyH7ekZdwwYBfVlRTdB/sq3c8lJSirQUrxKdRg/OHu5PZfAtiLZ2Y XBbUTAjvyEEgbQK3cY819Jw6YsCrlpnZvcgPRGu+nYvFLmzJZLVHSpfHNy8K/n9W 06GQVWEPE+bCURZnhYgyk8W5nshnQE4G29ArZbT4O5Mglbmfa20UTtJ90DmqoEgt T1xmKN+oZgQnsw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:57:46 2025 by rpki-client