This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json) Hash identifier: k1qEnI9Vl1+Jg1Somxm5OJY+dnYjgDXJClQUVK/V9NE= Subject key identifier: 34:C1:82:5D:E8:AC:BC:B7:F5:2E:EB:59:4B:29:80:B3:AA:00:6A:CB Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb Certificate serial: 019AF12CB56630A457424F9F840E59D5859D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 01:00:30 +0000 Manifest this update: Sat 06 Dec 2025 01:00:30 +0000 Manifest next update: Sun 07 Dec 2025 01:00:30 +0000 Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=) 2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: UZjs8XPkiRYYCET20Y/U/TK6GRuVGvO7UMrpqs5N7cM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:b5:66:30:a4:57:42:4f:9f:84:0e:59:d5:85:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb Validity Not Before: Dec 6 01:00:30 2025 GMT Not After : Dec 7 01:00:30 2025 GMT Subject: CN=34c1825de8acbcb7f52eeb594b2980b3aa006acb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f6:c3:ca:80:d5:5d:a0:5f:10:34:10:f8:8a: 5c:64:ce:01:00:a3:c4:c2:3d:85:d0:ad:19:42:40: 05:3b:0f:71:ee:78:99:ca:b9:97:40:37:be:a3:c7: 3e:c7:65:83:d5:e2:af:97:fc:af:cf:67:5f:a4:6e: 0e:6c:29:70:22:1c:77:99:04:0f:78:ee:22:38:2b: 14:79:f7:1d:07:0a:65:c0:a8:29:45:38:e1:38:ae: 10:c2:4f:88:76:09:8d:41:4e:fc:be:66:20:81:20: 70:b4:ec:fc:dd:ea:36:23:ea:e4:9c:75:01:9e:bb: b3:62:e3:d3:4e:7f:4f:0e:2f:1e:4e:b4:26:4b:6e: d7:e1:2f:0a:88:59:a2:7a:15:dd:95:b8:52:aa:9f: cc:fa:3f:87:4f:ea:ab:d3:59:49:12:92:dc:ef:b2: 33:29:fd:78:6a:56:24:11:e8:6a:52:86:38:7e:e4: 10:fa:17:1c:ce:ce:2d:54:22:8e:df:d7:5a:ae:96: 63:34:42:60:4f:a4:e7:9a:c9:42:f3:e3:1e:c5:bd: 3b:a5:56:96:ed:65:f0:c4:65:ec:79:8c:37:50:60: 51:a6:f8:e2:5a:6a:de:16:48:77:ae:ea:4d:25:ef: a0:80:23:3d:85:5d:30:90:18:79:85:a6:db:c4:19: 35:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:C1:82:5D:E8:AC:BC:B7:F5:2E:EB:59:4B:29:80:B3:AA:00:6A:CB X509v3 Authority Key Identifier: keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:e4:72:fa:eb:a4:80:93:e5:ab:a6:d2:7b:03:28:6c:6c:fa: 4f:9d:34:7f:be:a4:82:a4:61:67:38:29:4f:7c:6b:90:85:e3: 37:57:37:00:81:ac:ab:2f:06:dd:31:f1:70:ed:d3:c9:39:85: b9:d8:d5:d7:03:54:59:6d:ff:8b:c2:55:d7:7d:e3:83:e2:63: 05:c1:7e:15:1c:39:22:f1:da:b9:7c:f3:83:c4:be:7e:64:e2: 80:e7:3e:46:e2:cc:0c:64:d2:06:b1:a0:29:b2:9d:ed:72:cc: cf:fe:b3:3f:1d:82:57:35:81:64:23:0b:76:6d:f5:01:c6:d0: a6:d7:6b:fa:96:98:0c:28:4e:f8:c1:68:ef:86:73:20:5a:6c: 16:d8:1f:b4:37:79:f6:d7:27:1e:3f:4d:18:22:55:b6:0e:51: d1:f4:83:7a:30:10:30:ac:38:73:f7:bb:a6:9b:10:f2:3f:89: b4:8d:68:9d:5d:d6:2c:e8:8e:19:c0:0e:91:f9:cc:74:b2:47: 71:3e:3a:66:ca:7a:42:fb:94:7d:97:83:39:b5:1b:9b:c5:21: 5f:23:65:b0:3b:fa:38:c4:11:61:3b:2d:66:9d:0c:cd:46:41: 02:d4:11:c8:68:d2:fa:ad:ae:39:8a:6e:82:31:49:1b:5c:03: 3e:3a:61:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLLVmMKRXQk+fhA5Z1YWdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm MTUxZWIwHhcNMjUxMjA2MDEwMDMwWhcNMjUxMjA3MDEwMDMwWjAzMTEwLwYDVQQD EygzNGMxODI1ZGU4YWNiY2I3ZjUyZWViNTk0YjI5ODBiM2FhMDA2YWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vbDyoDVXaBfEDQQ+IpcZM4BAKPE wj2F0K0ZQkAFOw9x7niZyrmXQDe+o8c+x2WD1eKvl/yvz2dfpG4ObClwIhx3mQQP eO4iOCsUefcdBwplwKgpRTjhOK4Qwk+IdgmNQU78vmYggSBwtOz83eo2I+rknHUB nruzYuPTTn9PDi8eTrQmS27X4S8KiFmiehXdlbhSqp/M+j+HT+qr01lJEpLc77Iz Kf14alYkEehqUoY4fuQQ+hcczs4tVCKO39darpZjNEJgT6TnmslC8+Mexb07pVaW 7WXwxGXseYw3UGBRpvjiWmreFkh3rupNJe+ggCM9hV0wkBh5habbxBk1VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDTBgl3orLy39S7rWUspgLOqAGrLMB8GA1UdIwQY MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAeRy+uuk gJPlq6bSewMobGz6T500f76kgqRhZzgpT3xrkIXjN1c3AIGsqy8G3THxcO3TyTmF udjV1wNUWW3/i8JV133jg+JjBcF+FRw5IvHauXzzg8S+fmTigOc+RuLMDGTSBrGg KbKd7XLMz/6zPx2CVzWBZCMLdm31AcbQptdr+paYDChO+MFo74ZzIFpsFtgftDd5 9tcnHj9NGCJVtg5R0fSDejAQMKw4c/e7ppsQ8j+JtI1onV3WLOiOGcAOkfnMdLJH cT46Zsp6QvuUfZeDObUbm8UhXyNlsDv6OMQRYTstZp0MzUZBAtQRyGjS+q2uOYpu gjFJG1wDPjphvg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:20:55 2025 by rpki-client