This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft File: yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json) Hash identifier: NxToooV/BYXvsLpMd03GpboSyPNDC0tb8IBssGJc0Zo= Subject key identifier: D2:EC:2B:5F:A8:DA:BA:CD:10:04:9A:24:5A:F5:D2:77:E4:CB:A6:52 Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D Certificate issuer: /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d Certificate serial: 019B300C10C24DA8B8813B383BB0C75BEE10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft Manifest number: 03F3 Signing time: Thu 18 Dec 2025 06:00:55 +0000 Manifest this update: Thu 18 Dec 2025 06:00:55 +0000 Manifest next update: Fri 19 Dec 2025 06:00:55 +0000 Files and hashes: 1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: Ffz0nBCv77OyCGQNFJ6OU2c684dtSMZ23mW/y8DMrL4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:0c:10:c2:4d:a8:b8:81:3b:38:3b:b0:c7:5b:ee:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d Validity Not Before: Dec 18 06:00:55 2025 GMT Not After : Dec 19 06:00:55 2025 GMT Subject: CN=d2ec2b5fa8dabacd10049a245af5d277e4cba652 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:18:b1:8c:d7:01:7a:e9:a4:45:55:78:91:eb: cb:cf:27:65:71:e1:f2:34:2f:bf:ad:33:4f:81:d8: 14:c8:c8:d8:3f:b3:71:06:24:75:4d:f2:65:df:48: cf:86:9e:ca:2b:b9:02:d4:b8:10:10:2d:12:f8:12: 52:59:ea:f7:c8:b9:d4:2e:fb:af:c2:47:ff:0f:32: e3:4a:25:73:52:f0:d7:55:7f:ad:39:cf:bd:25:ba: 85:1c:d6:63:03:45:c8:dc:45:8c:06:5a:21:36:e3: 6e:6c:17:38:f0:16:6c:df:c5:1c:08:b9:37:a3:45: af:96:50:9e:3d:d5:aa:68:73:e9:12:d9:1b:c3:1a: 6a:c9:83:8b:9a:c6:9c:ab:04:5a:34:18:9a:69:05: 7a:36:b9:00:de:36:37:9f:de:69:3c:47:4e:83:6f: 09:65:ad:75:72:11:b5:28:a9:d0:ce:69:6b:4a:63: 59:fd:fc:c3:b1:a7:4b:a7:77:7e:11:e2:30:69:7a: 0c:1a:cf:82:0b:6d:03:c0:9c:96:d4:53:eb:24:3a: 95:b1:52:e2:4d:a2:62:bc:5d:ce:cd:11:56:b2:34: 65:10:de:0d:3e:32:0e:2d:d5:3b:0b:c7:76:6a:a0: ef:16:05:13:c5:8b:23:07:73:fc:7e:42:54:40:42: c2:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EC:2B:5F:A8:DA:BA:CD:10:04:9A:24:5A:F5:D2:77:E4:CB:A6:52 X509v3 Authority Key Identifier: keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:f5:c9:c9:da:1c:13:1e:21:8b:8a:6c:c5:55:98:b6:48:d7: e8:1b:b6:0e:ef:a8:99:c8:aa:9b:75:ae:df:64:1d:e3:ad:cd: 00:08:68:9e:80:67:44:16:b8:68:c7:56:3c:62:b9:cd:2f:5b: 3a:76:59:8f:31:9c:2b:a0:e6:5f:f5:c9:81:ca:94:bf:66:f9: 3e:f5:38:9b:47:95:be:c0:3c:2f:fa:62:82:35:48:e4:d0:6e: 70:75:e0:20:0f:0e:4a:04:76:2a:39:13:0f:16:5f:e3:e2:62: a5:07:b1:5b:ea:e1:d2:12:a8:1c:e3:e2:9d:27:29:28:a6:46: 95:07:f9:45:b1:af:b2:d3:b1:08:b0:eb:b2:43:9d:f5:28:4c: f3:dc:4c:e3:78:75:34:85:ff:cd:d5:9f:eb:44:89:1b:f5:5a: 65:a7:c2:69:80:8f:65:1f:33:73:16:83:a3:d2:2d:54:52:de: ba:72:ee:e4:49:2a:6b:22:48:8d:05:4b:10:df:b3:61:db:80: 00:df:29:c9:32:44:7e:34:b3:4b:6e:6e:74:2c:5a:ba:d0:e4: b5:34:bb:23:c3:82:14:f0:9c:f2:47:c5:15:d5:eb:08:d1:14: 36:cf:59:d7:70:e2:9c:fb:cd:c4:c7:5e:61:9e:fe:1a:c7:dd: d7:8e:17:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswDBDCTai4gTs4O7DHW+4QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5 ZDAzMWQwHhcNMjUxMjE4MDYwMDU1WhcNMjUxMjE5MDYwMDU1WjAzMTEwLwYDVQQD EyhkMmVjMmI1ZmE4ZGFiYWNkMTAwNDlhMjQ1YWY1ZDI3N2U0Y2JhNjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhixjNcBeumkRVV4kevLzydlceHy NC+/rTNPgdgUyMjYP7NxBiR1TfJl30jPhp7KK7kC1LgQEC0S+BJSWer3yLnULvuv wkf/DzLjSiVzUvDXVX+tOc+9JbqFHNZjA0XI3EWMBlohNuNubBc48BZs38UcCLk3 o0WvllCePdWqaHPpEtkbwxpqyYOLmsacqwRaNBiaaQV6NrkA3jY3n95pPEdOg28J Za11chG1KKnQzmlrSmNZ/fzDsadLp3d+EeIwaXoMGs+CC20DwJyW1FPrJDqVsVLi TaJivF3OzRFWsjRlEN4NPjIOLdU7C8d2aqDvFgUTxYsjB3P8fkJUQELCiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNLsK1+o2rrNEASaJFr10nfky6ZSMB8GA1UdIwQY MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARfXJydoc Ex4hi4psxVWYtkjX6Bu2Du+omciqm3Wu32Qd463NAAhonoBnRBa4aMdWPGK5zS9b OnZZjzGcK6DmX/XJgcqUv2b5PvU4m0eVvsA8L/pigjVI5NBucHXgIA8OSgR2KjkT DxZf4+JipQexW+rh0hKoHOPinScpKKZGlQf5RbGvstOxCLDrskOd9ShM89xM43h1 NIX/zdWf60SJG/VaZafCaYCPZR8zcxaDo9ItVFLeunLu5EkqayJIjQVLEN+zYduA AN8pyTJEfjSzS25udCxautDktTS7I8OCFPCc8kfFFdXrCNEUNs9Z13DinPvNxMde YZ7+Gsfd144XOw== -----END CERTIFICATE-----Generated at Thu Dec 18 08:00:21 2025 by rpki-client