This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft File: Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft (raw, json) Hash identifier: E5H5JCDEa9hvEorW9lvodHN5PtJY1TTs6x6Fu5G0Yvk= Subject key identifier: 87:FB:7A:43:6E:D1:B7:4E:F7:AB:D4:81:01:8F:AB:50:1B:A3:61:5B Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b Certificate serial: 019AF31BCA4B4FDDCE6E7332516DA7DEE2AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft Manifest number: 117D Signing time: Sat 06 Dec 2025 10:01:16 +0000 Manifest this update: Sat 06 Dec 2025 10:01:16 +0000 Manifest next update: Sun 07 Dec 2025 10:01:16 +0000 Files and hashes: 1: YFIa0scc_xVUT5FKi7LKvASoEWc.roa (hash: V1CwEQLm9iXZGzptcaHc4LFmcOryBT2Kfmx1HSv4RTc=) 2: Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl (hash: GWCZbPQiozdLULairj1A9sKWFLvZrJecWnlHar8iaz4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:ca:4b:4f:dd:ce:6e:73:32:51:6d:a7:de:e2:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b Validity Not Before: Dec 6 10:01:16 2025 GMT Not After : Dec 7 10:01:16 2025 GMT Subject: CN=87fb7a436ed1b74ef7abd481018fab501ba3615b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:cf:ee:10:ee:2f:8c:c3:8f:08:12:86:62:08: c7:3f:d8:ed:b2:cc:2a:2d:c5:6e:38:6b:da:35:9f: 0f:49:ca:e5:3b:1b:12:48:27:82:ad:cd:71:9c:d9: f1:87:1a:76:e5:6a:2d:16:53:6f:6c:dd:2f:ee:53: 57:dc:ea:2a:5d:8f:eb:3a:69:4b:b1:f2:24:6d:9d: 79:cc:b7:ea:b2:2a:fc:fd:95:cd:d2:7e:c3:3c:ec: b1:79:99:bf:98:bf:23:5a:d6:50:74:8c:bd:53:8f: d9:f5:62:97:51:84:c1:58:c1:6e:ba:6a:10:c7:52: 9f:fa:c1:d2:d7:29:4a:68:e2:02:97:e8:8f:7f:d8: 2b:a6:92:a5:b9:3f:ab:f8:06:33:a2:21:d9:a1:f3: 55:12:b6:9e:a6:af:0d:cd:6f:0a:d7:9a:d5:c2:bb: 58:fd:b7:64:23:d0:87:e2:be:30:1c:4f:68:0d:bc: 2b:44:35:63:25:52:1d:db:20:32:c6:6e:52:e9:bc: 75:4d:5a:5e:a4:0a:ee:c6:80:66:53:83:74:52:be: 96:53:21:bd:42:19:ea:1a:39:30:0d:da:0f:22:79: 68:7b:13:c2:92:40:6d:85:bb:92:4c:b7:ee:dc:f3: 44:db:d8:cc:cc:6d:12:db:b8:d8:ad:dd:93:21:aa: fb:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:FB:7A:43:6E:D1:B7:4E:F7:AB:D4:81:01:8F:AB:50:1B:A3:61:5B X509v3 Authority Key Identifier: keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:17:54:1c:bc:31:0b:62:00:c4:51:4c:12:da:56:ec:90:ef: 74:71:0e:d6:79:ed:97:57:9c:6d:fd:1a:f8:31:76:6f:85:48: c1:92:f8:e8:04:2a:38:e0:5d:a2:e1:7e:ce:1e:85:2d:fe:58: aa:74:da:5b:33:f0:64:e8:6b:56:b7:8c:3d:6d:09:d8:06:d0: 6f:41:54:26:84:04:af:22:5b:5c:b2:01:ba:19:86:60:28:18: e8:69:90:be:a0:f8:cb:e0:a0:17:ef:a0:0d:f3:08:5a:93:21: 57:3e:01:b6:18:8e:16:ad:d0:2d:55:54:ad:dc:26:e0:3b:8f: ff:72:22:44:c0:e0:b4:37:29:a8:f8:60:4f:2c:10:b2:66:c2: 74:bf:43:84:5a:86:8d:57:af:7a:8e:81:df:9d:1c:dd:5e:b9: f1:49:4c:03:9d:b5:bb:62:83:e2:36:d2:07:82:5b:40:c3:69: 81:56:51:84:25:8c:81:4d:31:35:5c:93:51:91:6e:ba:05:bf: d4:f6:35:b9:de:b3:f0:ac:08:77:cf:05:95:74:c7:08:40:6a: 07:cc:93:f1:4a:21:94:1f:8a:99:ab:83:ba:b3:46:43:59:c5: 8d:ec:a2:5b:ad:c8:af:80:c7:f5:bb:c7:6c:6e:ee:09:e1:b8: 01:27:19:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8pLT93ObnMyUW2n3uKqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy NWNjMWIwHhcNMjUxMjA2MTAwMTE2WhcNMjUxMjA3MTAwMTE2WjAzMTEwLwYDVQQD Eyg4N2ZiN2E0MzZlZDFiNzRlZjdhYmQ0ODEwMThmYWI1MDFiYTM2MTViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM/uEO4vjMOPCBKGYgjHP9jtsswq LcVuOGvaNZ8PScrlOxsSSCeCrc1xnNnxhxp25WotFlNvbN0v7lNX3OoqXY/rOmlL sfIkbZ15zLfqsir8/ZXN0n7DPOyxeZm/mL8jWtZQdIy9U4/Z9WKXUYTBWMFuumoQ x1Kf+sHS1ylKaOICl+iPf9grppKluT+r+AYzoiHZofNVEraepq8NzW8K15rVwrtY /bdkI9CH4r4wHE9oDbwrRDVjJVId2yAyxm5S6bx1TVpepAruxoBmU4N0Ur6WUyG9 QhnqGjkwDdoPInloexPCkkBthbuSTLfu3PNE29jMzG0S27jYrd2TIar71QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIf7ekNu0bdO96vUgQGPq1Abo2FbMB8GA1UdIwQY MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt NzBiODg3MWI4ZTIwLzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxdUHLwx C2IAxFFMEtpW7JDvdHEO1nntl1ecbf0a+DF2b4VIwZL46AQqOOBdouF+zh6FLf5Y qnTaWzPwZOhrVreMPW0J2AbQb0FUJoQEryJbXLIBuhmGYCgY6GmQvqD4y+CgF++g DfMIWpMhVz4BthiOFq3QLVVUrdwm4DuP/3IiRMDgtDcpqPhgTywQsmbCdL9DhFqG jVeveo6B350c3V658UlMA521u2KD4jbSB4JbQMNpgVZRhCWMgU0xNVyTUZFuugW/ 1PY1ud6z8KwId88FlXTHCEBqB8yT8UohlB+KmauDurNGQ1nFjeyiW63Ir4DH9bvH bG7uCeG4AScZRA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:49:23 2025 by rpki-client