This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft File: YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json) Hash identifier: 0EEkMOtqLOKuXuU1YdUeF9UK0ZEBNxEd+14vRY35emU= Subject key identifier: EB:41:DC:4B:39:9B:05:6C:A2:A6:11:23:F4:92:B3:C0:35:CC:8F:71 Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B Certificate issuer: /CN=60d252a2e31538cda5857bad0983c8bdf558b17b Certificate serial: 019AF31BBB07474B054992AB461D437FE0CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft Manifest number: 0AA3 Signing time: Sat 06 Dec 2025 10:01:12 +0000 Manifest this update: Sat 06 Dec 2025 10:01:12 +0000 Manifest next update: Sun 07 Dec 2025 10:01:12 +0000 Files and hashes: 1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: /39xAJuJYri/Z/CClLXTzptycJuFMoQNPbvpwtVYZ58=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:bb:07:47:4b:05:49:92:ab:46:1d:43:7f:e0:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b Validity Not Before: Dec 6 10:01:12 2025 GMT Not After : Dec 7 10:01:12 2025 GMT Subject: CN=eb41dc4b399b056ca2a61123f492b3c035cc8f71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c4:28:c7:5a:b2:c6:bc:98:43:06:82:94:38: e6:06:2e:d2:35:6c:22:2c:60:2a:3a:6f:44:6c:81: 85:ce:32:12:72:9d:1f:16:74:86:4f:f4:89:65:c8: 67:42:02:cb:81:b6:5f:ad:a7:31:f3:7e:81:a3:8a: aa:bf:51:e5:4e:53:bd:29:36:71:ad:ea:6e:a0:6b: 1c:fa:cd:a0:6c:18:42:ec:04:9d:66:11:ef:de:c8: ee:d0:f3:46:87:88:d6:91:70:03:2f:9d:21:3c:66: ed:a5:4e:ea:3e:d5:d8:3c:46:cf:6e:af:01:7b:cf: 39:b6:4f:12:a4:bf:17:89:ad:f4:a2:59:4f:e7:21: 4f:96:24:89:e6:8f:f2:1e:e2:d9:37:37:85:23:82: a2:5b:a0:fa:62:47:f4:a5:9d:6a:42:8c:99:c0:e8: d6:a1:c5:bb:17:3d:4f:c7:48:25:ba:09:ce:06:3c: 1c:54:a2:e6:19:ff:c7:52:f5:fc:ad:40:5e:d7:38: de:7e:98:9e:c5:5c:3a:47:62:3e:eb:7c:04:d2:a8: 81:a7:95:45:3a:27:96:2a:8f:8a:b7:28:31:05:d9: e0:76:5a:d6:5c:7a:a7:5b:3d:2a:c5:92:82:09:dd: f5:db:20:ef:ba:ad:4d:5f:fa:54:ff:d2:39:eb:83: e2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:41:DC:4B:39:9B:05:6C:A2:A6:11:23:F4:92:B3:C0:35:CC:8F:71 X509v3 Authority Key Identifier: keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:7f:4d:1d:7c:c9:c7:b9:ca:82:84:e7:04:63:3e:09:b5:18: d8:19:cf:51:74:a9:7e:5f:0b:e8:f7:33:c1:93:87:73:f3:05: e4:1b:4a:a5:04:ec:ba:c1:93:34:59:f1:ec:de:84:0f:ee:6b: a8:8c:33:9f:a8:40:4c:7d:98:df:26:ef:e9:23:2f:c6:e8:f8: 4f:8c:82:d6:32:72:f1:04:f0:01:56:00:b4:b3:aa:12:06:d4: bd:d5:85:b2:7d:36:e7:05:58:ab:d8:c3:04:67:55:1f:84:fd: 5b:72:38:4a:1d:ce:9e:0c:bc:27:a6:30:7d:b5:ac:4e:2f:4b: 95:e6:14:ef:09:6b:5f:90:8f:d1:9c:81:2b:96:d5:51:e0:76: 7a:ef:78:95:23:1f:46:4f:4b:b3:4b:9b:91:ee:f9:92:0e:5d: 70:95:74:1d:02:ef:df:19:0f:43:2a:17:7b:2f:7b:a6:87:72: 17:c1:80:1c:49:92:ad:da:2b:51:86:5e:26:6f:4c:97:f1:78: 1b:66:02:b6:7c:b2:dd:d9:25:bf:29:44:35:bb:56:1d:51:d4: df:4f:f0:da:d4:f5:3a:56:5b:5d:05:f2:07:56:e5:c9:f8:a0: b6:c8:b8:9d:b9:9c:dc:b1:83:38:a2:03:94:9a:4c:39:9d:95: d6:cb:ec:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG7sHR0sFSZKrRh1Df+DLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1 OGIxN2IwHhcNMjUxMjA2MTAwMTEyWhcNMjUxMjA3MTAwMTEyWjAzMTEwLwYDVQQD EyhlYjQxZGM0YjM5OWIwNTZjYTJhNjExMjNmNDkyYjNjMDM1Y2M4ZjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sQox1qyxryYQwaClDjmBi7SNWwi LGAqOm9EbIGFzjIScp0fFnSGT/SJZchnQgLLgbZfracx836Bo4qqv1HlTlO9KTZx repuoGsc+s2gbBhC7ASdZhHv3sju0PNGh4jWkXADL50hPGbtpU7qPtXYPEbPbq8B e885tk8SpL8Xia30ollP5yFPliSJ5o/yHuLZNzeFI4KiW6D6Ykf0pZ1qQoyZwOjW ocW7Fz1Px0glugnOBjwcVKLmGf/HUvX8rUBe1zjefpiexVw6R2I+63wE0qiBp5VF OieWKo+KtygxBdngdlrWXHqnWz0qxZKCCd312yDvuq1NX/pU/9I564PiBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtB3Es5mwVsoqYRI/SSs8A1zI9xMB8GA1UdIwQY MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUn9NHXzJ x7nKgoTnBGM+CbUY2BnPUXSpfl8L6PczwZOHc/MF5BtKpQTsusGTNFnx7N6ED+5r qIwzn6hATH2Y3ybv6SMvxuj4T4yC1jJy8QTwAVYAtLOqEgbUvdWFsn025wVYq9jD BGdVH4T9W3I4Sh3Ongy8J6YwfbWsTi9LleYU7wlrX5CP0ZyBK5bVUeB2eu94lSMf Rk9Ls0ubke75kg5dcJV0HQLv3xkPQyoXey97podyF8GAHEmSrdorUYZeJm9Ml/F4 G2YCtnyy3dklvylENbtWHVHU30/w2tT1OlZbXQXyB1blyfigtsi4nbmc3LGDOKID lJpMOZ2V1svs7Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:51:19 2025 by rpki-client