This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft File: yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft (raw, json) Hash identifier: 2dyTwqmovcTS0BrSHd3EOXURZl8hOZpgZ6XIfktBAms= Subject key identifier: 43:F2:8D:EA:63:0F:FC:D3:2C:54:25:D8:E4:2A:E7:36:3C:5F:98:7E Authority key identifier: C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 Certificate issuer: /CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Certificate serial: 019AF2E433EF18BF16499CD4186414EBDF7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 09:00:33 +0000 Manifest this update: Sat 06 Dec 2025 09:00:33 +0000 Manifest next update: Sun 07 Dec 2025 09:00:33 +0000 Files and hashes: 1: w1wE-GTVXdtS8_s6-jCqXeRbv54.roa (hash: tWxx0MAwHTEu1ZGxtJdO+Nj7usmdmMpLOetyWJHeUhM=) 2: yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl (hash: U4u9WtbfE1a81kaoIBVASRY458St3w+hWyI1Ow9i5K4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:33:ef:18:bf:16:49:9c:d4:18:64:14:eb:df:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Validity Not Before: Dec 6 09:00:33 2025 GMT Not After : Dec 7 09:00:33 2025 GMT Subject: CN=43f28dea630ffcd32c5425d8e42ae7363c5f987e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:33:a6:bc:ba:07:1f:c3:e2:aa:ae:7b:cd:83: 3f:9d:f0:36:5b:5b:ca:4a:5f:90:0f:65:0e:bc:3b: 40:ce:cb:c5:2f:f4:39:0f:5a:10:85:04:9a:44:9e: 92:2a:fc:3d:49:f8:a2:6e:86:e6:3e:b2:a4:59:d7: 07:bb:c2:53:ee:05:64:71:a9:df:fa:8f:95:c6:ff: ee:68:16:ef:fa:60:e8:b1:6b:fc:6d:90:eb:4d:7f: 9c:5f:55:dc:e8:a2:8b:64:02:4c:4d:34:b1:81:3d: 1e:e3:ab:e7:98:f5:c5:08:ad:35:c3:f6:16:21:5c: d6:15:38:96:9b:7c:61:db:42:cb:8b:4d:12:ce:63: d7:a5:fe:3b:96:83:1d:d8:0f:f6:ba:7e:a1:22:f6: ba:54:b5:51:72:e3:84:08:94:26:f1:d4:e0:51:07: 7f:c0:1a:ef:55:91:72:0a:f4:9d:aa:26:2b:92:13: 1a:e0:73:bd:87:3f:de:c1:3f:e4:7c:3c:14:c1:d6: 66:87:b7:15:21:63:05:b7:37:7f:50:af:73:ea:e5: 1f:6e:ba:70:b3:cd:9c:75:d3:73:71:e2:9c:9e:23: 12:05:df:a3:98:c8:4d:e5:29:65:2d:35:f0:7d:ad: 4b:6e:59:88:6e:04:0a:4f:fe:74:48:cc:ec:33:d6: 3e:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F2:8D:EA:63:0F:FC:D3:2C:54:25:D8:E4:2A:E7:36:3C:5F:98:7E X509v3 Authority Key Identifier: keyid:C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:67:a2:70:42:30:30:b3:25:df:c5:e9:81:7a:5e:0a:fc:6a: 18:74:3d:6d:ca:5d:29:43:d5:7e:b9:ce:d4:90:65:f0:d5:f2: d6:1d:68:bf:d9:c6:bb:6c:67:d8:f7:f3:6c:f8:f1:9b:d2:50: 6e:f6:bb:65:39:60:da:ef:f8:68:e1:c5:e9:b8:7d:b4:66:6d: bf:4b:b8:25:b6:a4:d8:bc:2e:7c:bd:29:ee:73:26:72:56:37: 7a:fc:a7:0b:82:59:fb:51:03:ee:15:36:11:d4:b7:3d:33:89: ea:83:dd:70:52:4c:89:59:21:16:8d:df:bd:a9:d8:0f:8a:7e: b7:48:49:68:58:aa:04:80:51:6f:7a:21:93:65:fc:7e:59:c9: 8f:e7:5c:20:a4:f3:52:e6:92:1d:3d:ed:40:db:c4:4f:fb:2b: 63:e7:eb:fa:1b:85:82:f8:d5:a1:7b:a2:af:65:4f:32:2a:00: 68:7a:fd:9f:21:ab:6a:61:c2:b2:6b:bb:52:7c:20:82:aa:42: 61:7e:a8:61:98:99:94:b5:36:34:b8:e4:fb:04:18:da:6f:46: ef:75:ae:ce:36:39:36:d2:eb:c8:d6:67:5b:70:f6:1c:92:5e: cb:a2:0b:12:35:ba:a5:c7:5c:2a:1f:e8:bb:46:96:95:09:70: 3b:0d:a5:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5DPvGL8WSZzUGGQU699/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NWY1MTBjNzJjZTBiNzljMjg5OWIzNTg0NWZmZTM2NzA2 OTNmMDUwHhcNMjUxMjA2MDkwMDMzWhcNMjUxMjA3MDkwMDMzWjAzMTEwLwYDVQQD Eyg0M2YyOGRlYTYzMGZmY2QzMmM1NDI1ZDhlNDJhZTczNjNjNWY5ODdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzOmvLoHH8Piqq57zYM/nfA2W1vK Sl+QD2UOvDtAzsvFL/Q5D1oQhQSaRJ6SKvw9SfiibobmPrKkWdcHu8JT7gVkcanf +o+Vxv/uaBbv+mDosWv8bZDrTX+cX1Xc6KKLZAJMTTSxgT0e46vnmPXFCK01w/YW IVzWFTiWm3xh20LLi00SzmPXpf47loMd2A/2un6hIva6VLVRcuOECJQm8dTgUQd/ wBrvVZFyCvSdqiYrkhMa4HO9hz/ewT/kfDwUwdZmh7cVIWMFtzd/UK9z6uUfbrpw s82cddNzceKcniMSBd+jmMhN5SllLTXwfa1LblmIbgQKT/50SMzsM9Y+HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEPyjepjD/zTLFQl2OQq5zY8X5h+MB8GA1UdIwQY MBaAFMhfUQxyzgt5wombNYRf/jZwaT8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEt YjhjOWEyYTlkYTQ2LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEtYjhjOWEyYTlkYTQ2 LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADmeicEIw MLMl38XpgXpeCvxqGHQ9bcpdKUPVfrnO1JBl8NXy1h1ov9nGu2xn2PfzbPjxm9JQ bva7ZTlg2u/4aOHF6bh9tGZtv0u4Jbak2LwufL0p7nMmclY3evynC4JZ+1ED7hU2 EdS3PTOJ6oPdcFJMiVkhFo3fvanYD4p+t0hJaFiqBIBRb3ohk2X8flnJj+dcIKTz UuaSHT3tQNvET/srY+fr+huFgvjVoXuir2VPMioAaHr9nyGramHCsmu7UnwggqpC YX6oYZiZlLU2NLjk+wQY2m9G73WuzjY5NtLryNZnW3D2HJJey6ILEjW6pcdcKh/o u0aWlQlwOw2lFQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:40:19 2025 by rpki-client