This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json) Hash identifier: Gm93Bub3Mg3su/+psUQ5e822NaCkBKhoDXvqeIwkKtc= Subject key identifier: B7:3D:D2:39:22:E9:EC:66:BB:18:21:2D:A9:19:88:29:26:9B:2C:F8 Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50 Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50 Certificate serial: 019AF23FBCFE49F48D18334F905714BBC299 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft Manifest number: 08EF Signing time: Sat 06 Dec 2025 06:00:54 +0000 Manifest this update: Sat 06 Dec 2025 06:00:54 +0000 Manifest next update: Sun 07 Dec 2025 06:00:54 +0000 Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=) 2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: P0VI9Ee9DCYwxiCBbFcx8fVM0SMV+hNrtUoP63C1ke8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:bc:fe:49:f4:8d:18:33:4f:90:57:14:bb:c2:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50 Validity Not Before: Dec 6 06:00:54 2025 GMT Not After : Dec 7 06:00:54 2025 GMT Subject: CN=b73dd23922e9ec66bb18212da9198829269b2cf8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:c7:9c:3b:d2:81:d2:65:a5:13:a1:96:f3:97: 9e:0e:9c:84:6f:da:c3:1d:0b:64:d3:d4:4e:9e:47: 09:70:24:d2:d3:51:7d:c4:98:c0:fe:e6:af:1f:06: 80:b4:db:ac:e2:f7:e5:e0:c4:cc:5f:41:3b:07:d4: 9e:bc:97:41:2c:21:7e:3d:65:52:b3:14:42:ce:48: d6:b7:cf:63:16:17:59:24:dd:71:d7:b8:1a:dd:db: ed:79:9b:02:39:38:99:68:a2:69:e4:9d:47:b9:c7: 31:f5:78:ec:d6:d3:86:07:43:ea:d4:bd:79:a9:97: ff:c4:5e:fa:52:db:02:94:10:7e:76:80:9f:72:39: da:92:7f:be:24:90:a0:68:b5:40:79:a8:7e:d1:cf: 8c:2e:ce:8f:d3:47:6a:10:6f:c3:53:fc:ad:fa:97: 5b:90:9f:c1:f6:99:47:42:3e:ab:de:52:9f:81:68: b6:39:8f:7a:39:1b:00:89:a1:d9:c5:ff:3d:46:72: 0e:04:a0:f3:3b:1c:46:e6:dd:a5:23:fe:6f:fb:7c: 02:af:1d:be:d2:bf:47:85:72:e8:a8:85:70:2c:09: 48:52:a8:d0:c0:37:0e:11:77:e5:99:32:2a:50:4a: ed:78:c5:74:0a:1e:85:af:bb:c2:f3:e7:7e:87:0b: 41:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:3D:D2:39:22:E9:EC:66:BB:18:21:2D:A9:19:88:29:26:9B:2C:F8 X509v3 Authority Key Identifier: keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:a7:52:e7:26:3a:53:dc:ad:1b:f8:f4:c2:37:23:04:e3:7d: 92:1f:09:1f:2b:f8:ac:46:0e:97:8e:73:58:4e:1f:a1:2e:cd: 05:f4:d3:b5:0a:21:86:38:ee:14:d4:de:94:42:c2:35:80:9d: 94:87:da:db:eb:50:a4:ad:0a:e0:10:c1:f6:f6:51:a1:81:41: f8:bb:26:ff:c5:08:e5:1e:57:2b:89:59:28:5d:2a:1b:fc:8f: 29:c2:f8:ed:5b:28:ff:24:a9:fb:64:26:15:fc:74:1b:4d:bc: 5c:f9:fb:69:29:0c:1a:17:8b:66:81:a1:64:f6:c5:31:5d:9f: 95:2c:cf:d2:2d:da:e3:d3:df:47:a8:48:3e:ea:03:23:21:5b: 89:a4:19:dd:3f:0c:d3:b5:87:c6:22:37:6b:68:6d:fd:fc:f9: a2:76:36:c6:62:1d:e8:90:f0:7c:e7:80:5a:3c:f9:ce:bc:0e: 7b:5c:59:7e:0b:f0:18:02:e7:f9:97:35:79:ee:72:67:99:4f: c4:8a:77:2d:35:ac:af:48:ee:cc:2d:18:8c:cf:7d:f0:d7:2f: 4f:43:c8:38:32:ad:bb:c4:a5:14:97:2d:04:ba:06:78:79:19: 25:67:07:57:46:e5:f1:a4:d9:43:7f:70:94:9c:fa:8c:6c:ad: 8e:25:8e:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP7z+SfSNGDNPkFcUu8KZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz NWJkNTAwHhcNMjUxMjA2MDYwMDU0WhcNMjUxMjA3MDYwMDU0WjAzMTEwLwYDVQQD EyhiNzNkZDIzOTIyZTllYzY2YmIxODIxMmRhOTE5ODgyOTI2OWIyY2Y4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA88ecO9KB0mWlE6GW85eeDpyEb9rD HQtk09ROnkcJcCTS01F9xJjA/uavHwaAtNus4vfl4MTMX0E7B9SevJdBLCF+PWVS sxRCzkjWt89jFhdZJN1x17ga3dvteZsCOTiZaKJp5J1Huccx9Xjs1tOGB0Pq1L15 qZf/xF76UtsClBB+doCfcjnakn++JJCgaLVAeah+0c+MLs6P00dqEG/DU/yt+pdb kJ/B9plHQj6r3lKfgWi2OY96ORsAiaHZxf89RnIOBKDzOxxG5t2lI/5v+3wCrx2+ 0r9HhXLoqIVwLAlIUqjQwDcOEXflmTIqUErteMV0Ch6Fr7vC8+d+hwtBEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLc90jki6exmuxghLakZiCkmmyz4MB8GA1UdIwQY MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGadS5yY6 U9ytG/j0wjcjBON9kh8JHyv4rEYOl45zWE4foS7NBfTTtQohhjjuFNTelELCNYCd lIfa2+tQpK0K4BDB9vZRoYFB+Lsm/8UI5R5XK4lZKF0qG/yPKcL47Vso/ySp+2Qm Ffx0G028XPn7aSkMGheLZoGhZPbFMV2flSzP0i3a49PfR6hIPuoDIyFbiaQZ3T8M 07WHxiI3a2ht/fz5onY2xmId6JDwfOeAWjz5zrwOe1xZfgvwGALn+Zc1ee5yZ5lP xIp3LTWsr0juzC0YjM998NcvT0PIODKtu8SlFJctBLoGeHkZJWcHV0bl8aTZQ39w lJz6jGytjiWOqg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:50:57 2025 by rpki-client