This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft File: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft (raw, json) Hash identifier: gTPiLFc7HJtFgjOdZvdibphC4R5VT0aSkBunkUI3L8k= Subject key identifier: E5:40:7E:BD:31:6A:C4:7B:FB:5C:7B:26:F4:E8:5C:33:59:EE:B4:0D Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 Certificate issuer: /CN=ca434d399d93a19d8a8108456c5575096c2ae588 Certificate serial: 019AF1D1E14D14823F89BD104073AD0A0BE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft Manifest number: 0782 Signing time: Sat 06 Dec 2025 04:00:54 +0000 Manifest this update: Sat 06 Dec 2025 04:00:54 +0000 Manifest next update: Sun 07 Dec 2025 04:00:54 +0000 Files and hashes: 1: 6KeHOxxWviP0lluNL5sOXVdQY7c.roa (hash: kUeVBsIsjzs7OuA1c4/VFEC1ddAvMO/ONIYaR+/BuFA=) 2: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl (hash: PsSGqeiH+Y65bpt5Dlh4OVq85kiLTpwQAPRFEyyr59I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:e1:4d:14:82:3f:89:bd:10:40:73:ad:0a:0b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588 Validity Not Before: Dec 6 04:00:54 2025 GMT Not After : Dec 7 04:00:54 2025 GMT Subject: CN=e5407ebd316ac47bfb5c7b26f4e85c3359eeb40d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cf:ee:f3:9b:51:b7:3e:6f:1f:08:bc:d3:f0: 98:17:6b:bc:df:91:a9:c3:50:c0:b4:f9:d6:be:a9: 93:d5:88:62:93:06:56:ed:c8:83:1b:37:3a:4d:bd: a5:66:ea:1c:63:3b:7e:24:55:c6:1e:24:33:91:cd: 89:f2:ee:70:3d:e4:cb:d2:1d:41:88:d3:ba:97:8d: cf:9b:a2:3b:ec:f9:8d:3e:c3:3a:4e:9c:76:e6:ed: 29:3a:cf:9d:5f:95:88:13:64:b5:7a:72:f8:c7:98: 9a:6d:c4:3e:f7:ea:c1:40:6a:8d:11:d5:91:a5:fc: af:e6:2e:75:c6:a1:0a:a4:95:b4:ca:81:59:b6:93: f5:4a:b7:c1:cc:2a:34:56:45:9b:80:eb:64:7b:2b: ca:bd:3c:fb:f1:cc:a4:c8:2a:62:58:a7:1a:43:18: 8e:69:3e:d8:47:e2:b1:68:47:1b:f5:bc:3d:90:1e: e1:13:a4:2e:79:89:1d:1f:a0:11:10:a1:33:5a:df: 99:c3:b8:09:92:15:19:7b:26:7f:8b:a5:b5:b9:24: c8:8f:74:bc:b8:83:d5:b0:95:2f:e6:57:d5:ed:68: 50:e2:14:46:61:d4:30:1e:a3:a1:64:54:2e:50:63: 5d:e8:1f:df:2a:64:e3:96:b9:e9:30:4a:46:84:6d: b3:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:40:7E:BD:31:6A:C4:7B:FB:5C:7B:26:F4:E8:5C:33:59:EE:B4:0D X509v3 Authority Key Identifier: keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:0a:1f:23:a0:0d:a7:08:51:dd:40:ba:dd:2d:4e:9c:75:14: 06:2d:18:e7:ed:36:8e:6a:94:6d:c3:e2:7d:da:2b:5c:15:af: d2:76:ce:53:a4:b1:e1:d2:3f:af:b6:54:35:ff:74:54:f4:56: 4c:e8:95:e5:43:1b:cf:b5:a0:fd:cd:ab:12:95:58:59:e9:de: 25:90:09:0b:6a:a1:a8:73:65:07:75:1a:88:95:dd:41:21:da: 39:59:f8:54:51:3c:72:6a:e3:2f:14:89:45:ae:95:05:c7:af: 96:0b:2c:5b:83:f9:2f:f5:e5:0b:ef:51:52:90:b7:2e:98:d4: b8:07:6f:87:2c:14:de:35:31:c4:3d:23:09:19:c2:43:ba:6e: 49:e0:e0:07:f9:ca:f5:bf:c8:60:51:a1:04:ce:99:51:de:3b: 95:0e:79:10:80:90:ea:9b:97:65:ad:32:e3:7a:95:d7:2e:9a: 4c:60:7c:0b:bf:4b:b7:a4:b4:e3:e2:c4:a6:d7:41:e3:7b:ba: a4:a7:93:d3:2d:1d:69:26:61:db:7c:f5:84:93:f7:0e:4b:20: 1c:f8:94:c2:e1:dc:dd:fc:eb:7e:bb:97:75:de:fd:8c:5d:39: 67:85:cc:32:b1:67:69:e4:bb:2b:1b:8e:b4:5c:ed:e0:38:2c: bd:58:4e:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0eFNFII/ib0QQHOtCgvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy YWU1ODgwHhcNMjUxMjA2MDQwMDU0WhcNMjUxMjA3MDQwMDU0WjAzMTEwLwYDVQQD EyhlNTQwN2ViZDMxNmFjNDdiZmI1YzdiMjZmNGU4NWMzMzU5ZWViNDBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys/u85tRtz5vHwi80/CYF2u835Gp w1DAtPnWvqmT1YhikwZW7ciDGzc6Tb2lZuocYzt+JFXGHiQzkc2J8u5wPeTL0h1B iNO6l43Pm6I77PmNPsM6Tpx25u0pOs+dX5WIE2S1enL4x5iabcQ+9+rBQGqNEdWR pfyv5i51xqEKpJW0yoFZtpP1SrfBzCo0VkWbgOtkeyvKvTz78cykyCpiWKcaQxiO aT7YR+KxaEcb9bw9kB7hE6QueYkdH6AREKEzWt+Zw7gJkhUZeyZ/i6W1uSTIj3S8 uIPVsJUv5lfV7WhQ4hRGYdQwHqOhZFQuUGNd6B/fKmTjlrnpMEpGhG2zOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOVAfr0xasR7+1x7JvToXDNZ7rQNMB8GA1UdIwQY MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt ZGIyMzY4MjcxOTEzLzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARgofI6AN pwhR3UC63S1OnHUUBi0Y5+02jmqUbcPifdorXBWv0nbOU6Sx4dI/r7ZUNf90VPRW TOiV5UMbz7Wg/c2rEpVYWeneJZAJC2qhqHNlB3UaiJXdQSHaOVn4VFE8cmrjLxSJ Ra6VBcevlgssW4P5L/XlC+9RUpC3LpjUuAdvhywU3jUxxD0jCRnCQ7puSeDgB/nK 9b/IYFGhBM6ZUd47lQ55EICQ6puXZa0y43qV1y6aTGB8C79Lt6S04+LEptdB43u6 pKeT0y0daSZh23z1hJP3DksgHPiUwuHc3fzrfruXdd79jF05Z4XMMrFnaeS7KxuO tFzt4DgsvVhO0w== -----END CERTIFICATE-----Generated at Sat Dec 6 11:39:07 2025 by rpki-client