This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft File: yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json) Hash identifier: ubrx0TXIrIouAFg6GvAEm1PL+Durv+jOox1MduQHgMA= Subject key identifier: A3:8D:F8:9C:09:D8:C6:4C:D5:5F:43:83:67:93:15:4B:49:87:B9:5B Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13 Certificate issuer: /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013 Certificate serial: 019B5A513F9418E772C0C56F9D69490A1539 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft Manifest number: 0AAF Signing time: Fri 26 Dec 2025 11:00:32 +0000 Manifest this update: Fri 26 Dec 2025 11:00:32 +0000 Manifest next update: Sat 27 Dec 2025 11:00:32 +0000 Files and hashes: 1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: I2CjnRNimM09iOwA0UO1fPUPYVb9vQ75N0H5sROCYFI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:3f:94:18:e7:72:c0:c5:6f:9d:69:49:0a:15:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013 Validity Not Before: Dec 26 11:00:32 2025 GMT Not After : Dec 27 11:00:32 2025 GMT Subject: CN=a38df89c09d8c64cd55f43836793154b4987b95b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:07:9a:bf:db:6b:b2:b5:cc:74:b2:ac:26:aa: aa:4c:7a:ee:d4:4e:a5:56:07:4c:c6:04:72:88:8d: 81:ba:66:60:f2:ff:bf:c1:fc:41:51:dd:ad:0d:c6: 1c:3c:2b:fb:75:e7:dc:36:76:4a:e5:61:63:34:21: 1d:13:6a:ab:39:9f:eb:e4:76:d0:3d:5f:66:6e:d8: 20:0a:5f:b5:e8:a5:72:15:0f:7b:aa:7e:20:20:53: 04:d1:bd:18:b2:b3:39:da:02:6d:57:ba:ca:d6:ee: 4a:b5:a6:b5:1f:22:1c:49:f9:ca:9c:fd:90:81:ce: c8:98:56:ba:ca:08:49:ac:3c:c2:f5:5f:34:10:b3: 43:7c:22:bb:90:c7:38:ad:c3:c8:ad:de:52:ec:56: fd:fe:b4:e4:d3:f0:5b:44:56:cb:4a:57:43:34:33: 69:c9:cb:bf:4d:c7:fc:d5:8b:3c:9c:38:54:17:65: 61:62:24:47:f7:c9:36:3a:49:68:8d:06:38:bb:e9: 75:9d:e8:8a:74:e3:bf:e6:4e:06:d2:0c:83:b1:20: fa:63:aa:11:68:dd:5c:98:b3:3b:dd:90:ac:d5:8e: 39:07:79:e9:11:0b:a8:d6:9e:dd:1e:d7:49:82:f1: 77:08:01:58:7f:29:f5:3d:ed:78:29:4c:f8:d3:cf: ac:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:8D:F8:9C:09:D8:C6:4C:D5:5F:43:83:67:93:15:4B:49:87:B9:5B X509v3 Authority Key Identifier: keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:ca:f3:72:97:61:2c:3c:23:66:e4:ab:01:91:8c:ad:82:37: 93:51:3d:b7:0a:fc:71:6e:03:d1:0b:d1:67:ac:2c:ae:ba:79: ae:ce:0b:b0:e9:67:c1:c3:39:29:e3:f4:4b:10:4d:cc:ec:8e: cc:66:2b:d6:9f:e4:f3:2b:ab:af:f2:67:e0:3d:28:9e:72:84: e3:95:df:b8:0d:a3:a0:b6:cb:94:ed:17:8c:a6:f6:46:48:f4: 27:21:7f:59:4b:83:1c:24:41:85:ad:83:cc:77:4e:4d:04:ad: 7e:c5:78:7e:23:46:d7:49:c8:62:e3:4b:6a:c1:73:40:81:53: dc:73:07:92:d5:1d:82:99:49:f5:58:ae:1a:84:15:de:c8:69: bc:0f:a0:bc:3b:73:68:c5:c0:d0:d1:3c:9c:64:73:07:12:de: 54:42:bf:e1:b5:c5:7e:25:f1:47:62:e8:bf:91:71:5e:a9:a5: c4:44:c9:50:cf:7c:a4:11:c3:8b:69:09:08:b1:09:f9:7b:c9: 47:ac:3e:28:7e:e1:9e:5a:ca:df:17:28:72:96:a5:e8:7b:b8: e3:49:25:10:39:47:f7:77:19:4f:a4:10:8c:98:17:61:b6:92: 20:43:bf:1c:20:1c:06:56:c4:d5:b5:0e:21:92:26:c8:fe:8d: d1:f7:d2:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUT+UGOdywMVvnWlJChU5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4 ODkwMTMwHhcNMjUxMjI2MTEwMDMyWhcNMjUxMjI3MTEwMDMyWjAzMTEwLwYDVQQD EyhhMzhkZjg5YzA5ZDhjNjRjZDU1ZjQzODM2NzkzMTU0YjQ5ODdiOTViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Qeav9trsrXMdLKsJqqqTHru1E6l VgdMxgRyiI2BumZg8v+/wfxBUd2tDcYcPCv7defcNnZK5WFjNCEdE2qrOZ/r5HbQ PV9mbtggCl+16KVyFQ97qn4gIFME0b0YsrM52gJtV7rK1u5Ktaa1HyIcSfnKnP2Q gc7ImFa6yghJrDzC9V80ELNDfCK7kMc4rcPIrd5S7Fb9/rTk0/BbRFbLSldDNDNp ycu/Tcf81Ys8nDhUF2VhYiRH98k2OklojQY4u+l1neiKdOO/5k4G0gyDsSD6Y6oR aN1cmLM73ZCs1Y45B3npEQuo1p7dHtdJgvF3CAFYfyn1Pe14KUz408+sUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKON+JwJ2MZM1V9Dg2eTFUtJh7lbMB8GA1UdIwQY MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8rzcpdh LDwjZuSrAZGMrYI3k1E9twr8cW4D0QvRZ6wsrrp5rs4LsOlnwcM5KeP0SxBNzOyO zGYr1p/k8yurr/Jn4D0onnKE45XfuA2joLbLlO0XjKb2Rkj0JyF/WUuDHCRBha2D zHdOTQStfsV4fiNG10nIYuNLasFzQIFT3HMHktUdgplJ9ViuGoQV3shpvA+gvDtz aMXA0NE8nGRzBxLeVEK/4bXFfiXxR2Lov5FxXqmlxETJUM98pBHDi2kJCLEJ+XvJ R6w+KH7hnlrK3xcocpal6Hu440klEDlH93cZT6QQjJgXYbaSIEO/HCAcBlbE1bUO IZImyP6N0ffSmQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:21 2025 by rpki-client