This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft File: YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json) Hash identifier: F+Zta6VaUJFErmwuV0Xz0sbZRttMiv3e7jiECrQx2jU= Subject key identifier: 6C:84:D8:FF:72:9D:33:57:9A:DF:54:D0:14:B8:8D:44:04:40:0A:12 Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F Certificate issuer: /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f Certificate serial: 019AF088D18D6E6C673CE58D10F618948DCF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft Manifest number: 08FA Signing time: Fri 05 Dec 2025 22:01:29 +0000 Manifest this update: Fri 05 Dec 2025 22:01:29 +0000 Manifest next update: Sat 06 Dec 2025 22:01:29 +0000 Files and hashes: 1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: buHU6lO9SPCJ7FNENrGlFal9WdP5WmXoNnt6nVd85z8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:d1:8d:6e:6c:67:3c:e5:8d:10:f6:18:94:8d:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f Validity Not Before: Dec 5 22:01:29 2025 GMT Not After : Dec 6 22:01:29 2025 GMT Subject: CN=6c84d8ff729d33579adf54d014b88d4404400a12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:89:bd:7d:cc:05:fb:7d:ae:70:6c:5c:4b:db: 15:59:6b:3e:d4:85:5b:ce:af:18:be:c0:dd:62:24: d3:5c:99:f3:a5:66:ba:2d:69:b9:72:7f:a8:26:40: 02:8b:54:c0:40:ad:80:05:18:85:56:80:b3:8d:0c: dd:da:64:50:47:0c:7a:f5:40:db:35:67:d4:b5:7b: bd:04:2d:bb:8a:98:1e:d8:1d:2f:85:bd:d2:a3:88: 9e:a9:11:dd:7f:a9:ef:9f:27:d1:66:46:d4:3c:aa: 48:aa:e2:37:7c:bb:42:e5:b6:98:b3:88:81:03:61: 92:9f:ab:c1:96:60:2f:3e:8a:e7:0e:f9:11:95:bc: 87:b9:06:2c:12:d2:88:1b:79:1d:a6:2f:89:51:88: a7:70:42:b8:12:8b:47:cb:81:bf:a2:6d:b9:34:d0: c9:00:a2:6d:27:30:06:f0:ff:60:ac:49:84:4f:1b: 97:7c:f4:10:8f:c4:7f:d5:79:f1:76:97:c4:44:6c: 1e:07:04:54:ac:77:cf:43:c7:5d:1d:ab:98:8a:ff: b0:0b:e5:da:d4:21:24:b7:e3:31:68:dd:27:08:25: 2f:40:fd:ea:54:a7:1c:c6:4e:a6:95:7f:7d:18:eb: e2:6e:8a:44:8b:55:2d:47:37:04:0f:0f:8c:39:09: 3e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:84:D8:FF:72:9D:33:57:9A:DF:54:D0:14:B8:8D:44:04:40:0A:12 X509v3 Authority Key Identifier: keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:51:cc:7e:52:07:ec:18:31:2e:24:c7:6f:2c:6b:f3:fb:5f: 3a:a6:28:b5:3c:15:fb:30:93:9d:4f:8a:c1:bc:0c:cd:b8:cd: e6:61:90:37:c8:da:2c:1f:70:8b:51:da:05:ad:94:25:8a:70: 96:1a:fc:6a:3d:31:9e:35:9c:ae:4b:c0:f7:54:39:a1:12:38: 38:e4:ff:19:ce:da:37:4c:dd:88:bc:fb:76:46:6f:f0:d4:40: 02:c5:8b:77:6e:f4:9d:bb:07:20:af:19:02:75:5d:09:54:f3: fd:48:8e:bf:4c:d6:dc:ed:ad:4e:f6:14:b0:d7:1a:57:98:b9: a6:0a:df:18:61:3e:f6:77:0e:15:2a:6d:87:60:60:06:f1:c0: 04:d5:b1:e5:ef:71:19:ed:1e:93:ad:60:1f:19:fd:52:92:f4: b2:3d:43:da:58:23:30:00:76:96:5f:ec:0d:1c:d8:67:8b:b8: c6:00:76:4e:ea:74:25:23:8f:54:97:85:b0:42:a3:68:8a:e9: d2:6d:72:47:ca:13:7c:39:5d:8d:3b:d2:2a:69:e3:83:0e:8b: a0:8b:24:c5:cf:e4:87:d7:2d:4a:12:73:9c:07:1a:fa:48:81: f9:61:91:ab:2e:0c:b6:ce:c2:7f:2a:29:00:62:7b:f2:c9:c4: 55:72:d2:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiNGNbmxnPOWNEPYYlI3PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1 YTI5MmYwHhcNMjUxMjA1MjIwMTI5WhcNMjUxMjA2MjIwMTI5WjAzMTEwLwYDVQQD Eyg2Yzg0ZDhmZjcyOWQzMzU3OWFkZjU0ZDAxNGI4OGQ0NDA0NDAwYTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIm9fcwF+32ucGxcS9sVWWs+1IVb zq8YvsDdYiTTXJnzpWa6LWm5cn+oJkACi1TAQK2ABRiFVoCzjQzd2mRQRwx69UDb NWfUtXu9BC27ipge2B0vhb3So4ieqRHdf6nvnyfRZkbUPKpIquI3fLtC5baYs4iB A2GSn6vBlmAvPornDvkRlbyHuQYsEtKIG3kdpi+JUYincEK4EotHy4G/om25NNDJ AKJtJzAG8P9grEmETxuXfPQQj8R/1XnxdpfERGweBwRUrHfPQ8ddHauYiv+wC+Xa 1CEkt+MxaN0nCCUvQP3qVKccxk6mlX99GOvibopEi1UtRzcEDw+MOQk+MQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyE2P9ynTNXmt9U0BS4jUQEQAoSMB8GA1UdIwQY MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUlHMflIH 7BgxLiTHbyxr8/tfOqYotTwV+zCTnU+KwbwMzbjN5mGQN8jaLB9wi1HaBa2UJYpw lhr8aj0xnjWcrkvA91Q5oRI4OOT/Gc7aN0zdiLz7dkZv8NRAAsWLd270nbsHIK8Z AnVdCVTz/UiOv0zW3O2tTvYUsNcaV5i5pgrfGGE+9ncOFSpth2BgBvHABNWx5e9x Ge0ek61gHxn9UpL0sj1D2lgjMAB2ll/sDRzYZ4u4xgB2Tup0JSOPVJeFsEKjaIrp 0m1yR8oTfDldjTvSKmnjgw6LoIskxc/kh9ctShJznAca+kiB+WGRqy4Mts7Cfyop AGJ78snEVXLS7g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:10:46 2025 by rpki-client