This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.mft File: YHZWuPfoG1FJtIYPgSex1OO0h9w.mft (raw, json) Hash identifier: BbBLOW0K5bA/beGc9IBhgY3Pj64aYUQms00EB/+Qcjw= Subject key identifier: BB:10:93:3B:8B:1A:A0:48:BE:E9:AE:E5:A3:D9:66:27:E6:F1:CD:36 Authority key identifier: 60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC Certificate issuer: /CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc Certificate serial: 019AF19BBF6AEEFFB0428E33014239840F75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.mft Manifest number: 0D72 Signing time: Sat 06 Dec 2025 03:01:47 +0000 Manifest this update: Sat 06 Dec 2025 03:01:47 +0000 Manifest next update: Sun 07 Dec 2025 03:01:47 +0000 Files and hashes: 1: 7-uxb2sVoc0kcAT2m9SP5qVnZ8E.roa (hash: acdZUKxa+ye22RHZ+hlpmz4eeOUGVIjJiD1cAB8HEbo=) 2: YHZWuPfoG1FJtIYPgSex1OO0h9w.crl (hash: PoEvQ/0xCDheoYk47S6nTktw+S1RZtenyDzWgDRJvas=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.mft rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:bf:6a:ee:ff:b0:42:8e:33:01:42:39:84:0f:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=607656b8f7e81b5149b4860f8127b1d4e3b487dc Validity Not Before: Dec 6 03:01:47 2025 GMT Not After : Dec 7 03:01:47 2025 GMT Subject: CN=bb10933b8b1aa048bee9aee5a3d96627e6f1cd36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d9:2e:0b:69:08:83:2c:80:78:07:6b:55:5e: f7:cd:9b:ae:c5:8e:03:6a:18:a4:83:e1:c7:6c:df: 30:a3:af:fd:07:92:c3:65:c0:7a:79:24:e7:36:a2: 72:b6:14:1d:d9:58:d8:b9:50:af:21:23:b6:45:d6: 52:c7:04:43:98:5e:27:b2:02:b1:a2:65:ee:3f:7f: e6:ec:ba:99:73:4d:80:89:0a:90:a4:c9:58:0d:ce: 97:c6:95:d4:9b:25:c9:4c:ed:cf:d0:d6:cc:0b:bf: d1:ea:b8:a6:03:42:ac:2c:10:8c:8e:c7:21:f0:61: 46:f3:ad:6b:bf:6f:95:85:2e:98:10:bf:3e:fc:53: 0a:94:8e:dc:f4:b7:07:3f:6b:16:fc:68:6d:56:42: 34:0a:6a:cf:3e:bb:cb:6e:72:7f:09:0e:f8:b7:92: 53:72:23:b5:67:2d:57:eb:aa:4c:a2:64:e0:c3:25: 7c:7d:ad:3d:00:03:0b:42:d1:66:a3:f4:56:4d:82: c7:3d:c4:c9:71:13:b8:2c:b4:f9:1a:b7:9a:6a:c6: 45:88:89:53:08:44:b3:1e:37:74:b1:84:a8:3f:7d: 24:8d:97:81:65:7b:af:d5:11:e0:4e:1d:cb:ca:59: 59:0e:58:75:21:00:9c:2c:04:9a:4d:a7:20:4b:33: 55:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:10:93:3B:8B:1A:A0:48:BE:E9:AE:E5:A3:D9:66:27:E6:F1:CD:36 X509v3 Authority Key Identifier: keyid:60:76:56:B8:F7:E8:1B:51:49:B4:86:0F:81:27:B1:D4:E3:B4:87:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHZWuPfoG1FJtIYPgSex1OO0h9w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cee55d-985a-4e36-8e39-82bc8a3180c6/1/YHZWuPfoG1FJtIYPgSex1OO0h9w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:cc:07:37:68:d6:70:d4:70:df:5b:d3:67:58:22:97:e0:d8: e3:09:b1:eb:ae:14:59:3e:51:c8:70:d3:f1:5c:d6:1f:52:95: c8:44:11:eb:2c:23:c4:8b:04:3d:ba:7c:8c:29:01:2f:b0:69: 38:59:38:c1:f1:35:9e:43:4d:d1:31:26:5c:e6:6a:f2:b6:a2: ba:68:9f:e2:c3:17:35:fa:98:01:a5:86:8d:b2:4b:de:f6:29: 7f:29:3a:c7:1c:65:58:52:f6:d9:b6:80:c3:08:7a:60:50:52: a7:96:0f:69:3a:e3:f2:bc:2e:91:0e:63:c4:c2:9b:b4:92:2d: b9:da:7d:28:5a:81:ab:48:c3:e4:d8:cb:0e:7c:47:93:a5:6d: 8e:cf:81:a1:04:13:d4:30:d8:e9:c7:cf:a6:5d:dc:dd:bb:7e: c5:23:6f:de:5f:16:a8:e9:29:ed:a7:75:49:f7:35:c7:cd:04: a1:9d:56:d1:f9:a3:ef:1a:37:65:a0:1a:dd:f0:5a:13:10:cb: 43:3b:85:15:3a:fc:9b:1d:6b:c2:9b:06:85:49:21:a1:06:b7: dd:c6:e4:64:8b:ba:2b:e7:5d:3a:b4:bd:41:5d:94:b9:14:52: 34:b1:31:58:36:4c:0a:67:8c:33:8f:90:b3:1b:8f:c2:a8:ff: b5:b8:11:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm79q7v+wQo4zAUI5hA91MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNzY1NmI4ZjdlODFiNTE0OWI0ODYwZjgxMjdiMWQ0ZTNi NDg3ZGMwHhcNMjUxMjA2MDMwMTQ3WhcNMjUxMjA3MDMwMTQ3WjAzMTEwLwYDVQQD EyhiYjEwOTMzYjhiMWFhMDQ4YmVlOWFlZTVhM2Q5NjYyN2U2ZjFjZDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydkuC2kIgyyAeAdrVV73zZuuxY4D ahikg+HHbN8wo6/9B5LDZcB6eSTnNqJythQd2VjYuVCvISO2RdZSxwRDmF4nsgKx omXuP3/m7LqZc02AiQqQpMlYDc6XxpXUmyXJTO3P0NbMC7/R6rimA0KsLBCMjsch 8GFG861rv2+VhS6YEL8+/FMKlI7c9LcHP2sW/GhtVkI0CmrPPrvLbnJ/CQ74t5JT ciO1Zy1X66pMomTgwyV8fa09AAMLQtFmo/RWTYLHPcTJcRO4LLT5GreaasZFiIlT CESzHjd0sYSoP30kjZeBZXuv1RHgTh3LyllZDlh1IQCcLASaTacgSzNVGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLsQkzuLGqBIvumu5aPZZifm8c02MB8GA1UdIwQY MBaAFGB2Vrj36BtRSbSGD4EnsdTjtIfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzkt ODJiYzhhMzE4MGM2LzEvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9jZWU1NWQtOTg1YS00ZTM2LThlMzktODJiYzhhMzE4MGM2 LzEvWUhaV3VQZm9HMUZKdElZUGdTZXgxT08waDl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcwHN2jW cNRw31vTZ1gil+DY4wmx664UWT5RyHDT8VzWH1KVyEQR6ywjxIsEPbp8jCkBL7Bp OFk4wfE1nkNN0TEmXOZq8raiumif4sMXNfqYAaWGjbJL3vYpfyk6xxxlWFL22baA wwh6YFBSp5YPaTrj8rwukQ5jxMKbtJItudp9KFqBq0jD5NjLDnxHk6Vtjs+BoQQT 1DDY6cfPpl3c3bt+xSNv3l8WqOkp7ad1Sfc1x80EoZ1W0fmj7xo3ZaAa3fBaExDL QzuFFTr8mx1rwpsGhUkhoQa33cbkZIu6K+ddOrS9QV2UuRRSNLExWDZMCmeMM4+Q sxuPwqj/tbgRtg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:57:44 2025 by rpki-client