This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft File: ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json) Hash identifier: L9NJb2OHxIfXmMHQOZ5/QWuXmz79G/2HweFuFCQjLl8= Subject key identifier: 3B:93:9A:A9:C6:B9:8F:3A:DF:94:B9:F6:27:A8:86:01:A1:3C:20:CC Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D Certificate issuer: /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d Certificate serial: 019AF0BF7FF92641904BF1A2BC98935D6847 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft Manifest number: 05FA Signing time: Fri 05 Dec 2025 23:01:13 +0000 Manifest this update: Fri 05 Dec 2025 23:01:13 +0000 Manifest next update: Sat 06 Dec 2025 23:01:13 +0000 Files and hashes: 1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: dh0vpyNJoTaGd4DwDE3idgNtGuKcMOLawS+hKNHIwxY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:7f:f9:26:41:90:4b:f1:a2:bc:98:93:5d:68:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d Validity Not Before: Dec 5 23:01:13 2025 GMT Not After : Dec 6 23:01:13 2025 GMT Subject: CN=3b939aa9c6b98f3adf94b9f627a88601a13c20cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:dc:e6:01:db:41:8f:e2:e2:7f:a5:a4:19:a2: a1:25:b0:8f:11:ad:e4:bd:b3:11:58:db:91:7e:94: f9:07:e6:4d:48:e9:da:20:2b:78:72:31:f2:1b:cf: 91:2a:79:48:1e:b2:41:f2:81:45:c0:12:d4:7c:14: 3c:10:20:f2:b4:5a:3e:08:eb:fb:2e:6b:f7:71:23: 64:24:ac:3a:ed:6d:1c:05:ca:67:2b:71:e0:9e:e6: 5a:00:c9:12:36:e6:a5:6d:32:ce:46:50:b0:17:a1: e2:cc:a2:1b:9b:d9:44:61:c8:b2:ae:ee:f0:54:e7: 2a:3f:7d:07:6d:ff:85:fd:2c:08:5f:5e:90:bf:86: 92:01:35:8d:7b:77:c1:a8:89:77:d4:7d:7a:ec:6c: fd:95:18:b0:01:a1:e1:24:dc:b7:f9:c5:df:cd:f6: 27:de:2b:5e:58:48:6a:fa:51:44:c6:d4:18:3e:d7: 78:ec:56:88:9e:13:d4:c9:1b:9a:81:b3:0c:f3:63: 63:78:69:83:02:f2:24:f3:80:36:8c:0a:a9:32:f4: b7:a0:b6:21:d7:60:c5:98:e8:df:0d:75:92:47:1c: 39:6b:5e:91:a5:b9:08:e8:bf:32:c2:e7:da:c5:68: a8:13:a7:08:e9:64:e9:d4:42:db:99:d4:08:96:20: 61:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:93:9A:A9:C6:B9:8F:3A:DF:94:B9:F6:27:A8:86:01:A1:3C:20:CC X509v3 Authority Key Identifier: keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:22:64:78:b5:ee:5d:f9:53:32:31:02:53:62:d8:c2:e3:24: f4:cd:6c:ae:07:98:ce:a2:05:3d:ac:e7:4f:be:82:d9:9a:d1: a6:d6:8d:f0:42:e8:e6:b1:69:b0:0c:ad:2a:d9:5e:71:59:62: ea:68:ff:91:0b:95:08:93:a4:00:67:40:ca:3c:74:61:cc:8c: 0c:8f:89:d8:5e:b4:66:e7:c3:67:64:72:19:85:ae:ff:dc:fa: 01:57:98:95:98:2e:57:bb:02:6f:21:4c:96:22:51:d4:b3:ad: 42:5c:4e:f1:48:d6:fc:6c:53:d4:a5:48:af:b2:eb:51:50:bc: ec:fc:20:d2:02:99:f5:ee:94:f2:60:53:5a:dd:48:b0:02:3a: 14:19:35:6d:94:b2:b0:2e:57:69:d8:08:39:84:34:b2:85:8c: 52:07:4f:62:43:5d:03:3a:8d:ed:a4:1a:3c:2c:8b:c0:f8:7e: c3:03:33:d6:0f:8d:d2:e2:68:1e:82:a5:89:57:41:ba:ad:d7: ba:22:0e:7f:db:ab:cd:83:0f:51:57:c4:b6:55:9c:6f:6e:f1: cf:9e:3d:37:a4:88:d3:28:87:b0:9d:a6:28:b1:54:9d:93:60: 8c:21:a0:89:cc:d4:a3:cf:48:7b:f6:c7:cb:db:fe:37:f4:54: 43:69:2f:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv3/5JkGQS/GivJiTXWhHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh YjY4MGQwHhcNMjUxMjA1MjMwMTEzWhcNMjUxMjA2MjMwMTEzWjAzMTEwLwYDVQQD EygzYjkzOWFhOWM2Yjk4ZjNhZGY5NGI5ZjYyN2E4ODYwMWExM2MyMGNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldzmAdtBj+Lif6WkGaKhJbCPEa3k vbMRWNuRfpT5B+ZNSOnaICt4cjHyG8+RKnlIHrJB8oFFwBLUfBQ8ECDytFo+COv7 Lmv3cSNkJKw67W0cBcpnK3HgnuZaAMkSNualbTLORlCwF6HizKIbm9lEYciyru7w VOcqP30Hbf+F/SwIX16Qv4aSATWNe3fBqIl31H167Gz9lRiwAaHhJNy3+cXfzfYn 3iteWEhq+lFExtQYPtd47FaInhPUyRuagbMM82NjeGmDAvIk84A2jAqpMvS3oLYh 12DFmOjfDXWSRxw5a16RpbkI6L8ywufaxWioE6cI6WTp1ELbmdQIliBhFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDuTmqnGuY8635S59ieohgGhPCDMMB8GA1UdIwQY MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPiJkeLXu XflTMjECU2LYwuMk9M1srgeYzqIFPaznT76C2ZrRptaN8ELo5rFpsAytKtlecVli 6mj/kQuVCJOkAGdAyjx0YcyMDI+J2F60ZufDZ2RyGYWu/9z6AVeYlZguV7sCbyFM liJR1LOtQlxO8UjW/GxT1KVIr7LrUVC87Pwg0gKZ9e6U8mBTWt1IsAI6FBk1bZSy sC5XadgIOYQ0soWMUgdPYkNdAzqN7aQaPCyLwPh+wwMz1g+N0uJoHoKliVdBuq3X uiIOf9urzYMPUVfEtlWcb27xz549N6SI0yiHsJ2mKLFUnZNgjCGgiczUo89Ie/bH y9v+N/RUQ2kvVA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:47:49 2025 by rpki-client