This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft File: YKzX2WuVbeXbA2c80dHjo3uN2d0.mft (raw, json) Hash identifier: rzJCM84VbfIMTmnKTVSZByObHOIbhfRSWSET6beuR0M= Subject key identifier: 32:CF:36:16:07:20:B4:9D:A7:EB:AC:A1:0F:79:30:16:3D:BC:1E:FE Authority key identifier: 60:AC:D7:D9:6B:95:6D:E5:DB:03:67:3C:D1:D1:E3:A3:7B:8D:D9:DD Certificate issuer: /CN=60acd7d96b956de5db03673cd1d1e3a37b8dd9dd Certificate serial: 019AF42E2345CB5AF1323D850C52B231FF00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft Manifest number: 06B6 Signing time: Sat 06 Dec 2025 15:00:55 +0000 Manifest this update: Sat 06 Dec 2025 15:00:55 +0000 Manifest next update: Sun 07 Dec 2025 15:00:55 +0000 Files and hashes: 1: BWZ8TffzeheUILd5O5vwxA8ANgs.roa (hash: 9mVvCij2ArMXMv49a46m8ltBnU+gbtg05+eZlvNEdYk=) 2: YKzX2WuVbeXbA2c80dHjo3uN2d0.crl (hash: XcAqscXmm2wRe4BnLTBZfXBW5kAgFPvhtNyg38ifIgk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:23:45:cb:5a:f1:32:3d:85:0c:52:b2:31:ff:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60acd7d96b956de5db03673cd1d1e3a37b8dd9dd Validity Not Before: Dec 6 15:00:55 2025 GMT Not After : Dec 7 15:00:55 2025 GMT Subject: CN=32cf36160720b49da7ebaca10f7930163dbc1efe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fd:63:c3:52:dc:23:a5:cc:c0:72:06:55:35: 16:16:48:65:8d:c7:d7:1e:3d:39:a6:a6:18:28:a0: ce:ea:02:50:ef:df:10:f2:9a:dc:71:b8:18:12:93: 20:3e:31:a2:70:3b:f5:83:fe:56:c7:42:d1:ad:d2: 5d:82:bb:6b:26:49:b5:76:95:8f:28:a7:8b:2a:6f: 9d:87:b7:f9:f7:3b:67:91:6e:3d:3f:bc:9c:01:97: 1b:ee:51:28:20:eb:e7:bb:a7:15:5c:1b:8e:3d:17: 07:a3:9c:0b:50:aa:33:f1:56:93:c6:44:c2:90:26: 58:7d:c1:28:7b:42:6c:c6:5d:ce:b8:8e:f9:91:4e: 27:54:d5:6e:44:f5:be:57:f3:bc:4c:17:e3:cb:5e: f2:f2:7e:d7:e6:29:35:d4:61:55:ce:dd:f6:71:2b: be:d4:3d:c3:e5:75:21:5d:cb:e5:5b:35:17:e7:c4: 2d:36:a6:72:ac:bb:03:74:0c:ac:61:c8:f4:19:c3: 19:7d:10:06:91:93:25:e9:ee:7d:28:85:8d:2a:b3: fe:ef:7d:59:0a:24:07:5a:e3:df:54:04:9c:5b:db: 66:94:9c:27:5d:64:43:57:a6:97:97:8a:a2:a6:4d: 04:e1:43:8b:30:43:d5:2c:ae:bd:af:61:17:ad:40: 5d:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:CF:36:16:07:20:B4:9D:A7:EB:AC:A1:0F:79:30:16:3D:BC:1E:FE X509v3 Authority Key Identifier: keyid:60:AC:D7:D9:6B:95:6D:E5:DB:03:67:3C:D1:D1:E3:A3:7B:8D:D9:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKzX2WuVbeXbA2c80dHjo3uN2d0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f377bd-8e42-4875-a124-3abfafe74aa9/1/YKzX2WuVbeXbA2c80dHjo3uN2d0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:5c:bb:bb:3b:3a:6a:4b:bc:1b:06:48:be:1b:16:0d:35:e4: 79:83:f7:f9:80:25:98:22:b5:19:b1:b0:0f:dd:59:bd:4e:3f: ee:32:a4:db:c3:00:7b:12:40:9e:ed:e3:49:38:b5:5c:be:91: 7c:b5:c6:3c:f8:f8:e0:ee:a7:77:6a:51:9b:04:8a:6f:6c:8b: b2:df:3b:76:03:ac:dc:77:8f:a9:d7:fa:8c:c6:fb:14:a1:9b: 54:83:1b:3d:c2:3e:e6:6e:df:4f:48:c8:26:f5:25:3f:57:b1: 46:78:7c:c0:95:d3:7d:11:5b:05:bf:16:d2:96:c1:f9:97:66: b0:71:a1:10:53:b0:8a:ee:c2:d2:e1:c3:4b:24:22:91:15:70: 3f:f9:45:3d:ca:5f:70:c5:ff:87:9c:8d:94:b4:3c:8f:c7:3f: 26:09:1d:56:44:18:07:84:07:e5:0b:ed:71:75:34:8c:bf:6f: df:f7:6c:fa:e4:99:9d:be:50:27:2c:20:dc:75:27:07:4b:c2: f0:ad:65:a4:38:b4:52:df:fe:28:e6:30:f4:65:d6:84:a6:ac: 58:05:bf:71:6b:ec:18:74:11:a2:e3:dd:9e:ac:7b:07:14:ac: e4:06:0c:63:ce:ea:8a:53:b3:5b:5a:fe:7f:f8:dd:4c:ab:68: 1c:13:3f:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LiNFy1rxMj2FDFKyMf8AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYWNkN2Q5NmI5NTZkZTVkYjAzNjczY2QxZDFlM2EzN2I4 ZGQ5ZGQwHhcNMjUxMjA2MTUwMDU1WhcNMjUxMjA3MTUwMDU1WjAzMTEwLwYDVQQD EygzMmNmMzYxNjA3MjBiNDlkYTdlYmFjYTEwZjc5MzAxNjNkYmMxZWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf1jw1LcI6XMwHIGVTUWFkhljcfX Hj05pqYYKKDO6gJQ798Q8prccbgYEpMgPjGicDv1g/5Wx0LRrdJdgrtrJkm1dpWP KKeLKm+dh7f59ztnkW49P7ycAZcb7lEoIOvnu6cVXBuOPRcHo5wLUKoz8VaTxkTC kCZYfcEoe0Jsxl3OuI75kU4nVNVuRPW+V/O8TBfjy17y8n7X5ik11GFVzt32cSu+ 1D3D5XUhXcvlWzUX58QtNqZyrLsDdAysYcj0GcMZfRAGkZMl6e59KIWNKrP+731Z CiQHWuPfVAScW9tmlJwnXWRDV6aXl4qipk0E4UOLMEPVLK69r2EXrUBdRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDLPNhYHILSdp+usoQ95MBY9vB7+MB8GA1UdIwQY MBaAFGCs19lrlW3l2wNnPNHR46N7jdndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMzc3YmQtOGU0Mi00ODc1LWExMjQt M2FiZmFmZTc0YWE5LzEvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9mMzc3YmQtOGU0Mi00ODc1LWExMjQtM2FiZmFmZTc0YWE5 LzEvWUt6WDJXdVZiZVhiQTJjODBkSGpvM3VOMmQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArVy7uzs6 aku8GwZIvhsWDTXkeYP3+YAlmCK1GbGwD91ZvU4/7jKk28MAexJAnu3jSTi1XL6R fLXGPPj44O6nd2pRmwSKb2yLst87dgOs3HePqdf6jMb7FKGbVIMbPcI+5m7fT0jI JvUlP1exRnh8wJXTfRFbBb8W0pbB+ZdmsHGhEFOwiu7C0uHDSyQikRVwP/lFPcpf cMX/h5yNlLQ8j8c/JgkdVkQYB4QH5QvtcXU0jL9v3/ds+uSZnb5QJywg3HUnB0vC 8K1lpDi0Ut/+KOYw9GXWhKasWAW/cWvsGHQRouPdnqx7BxSs5AYMY87qilOzW1r+ f/jdTKtoHBM/pQ== -----END CERTIFICATE-----Generated at Sat Dec 6 20:15:10 2025 by rpki-client