This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft File: Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft (raw, json) Hash identifier: EhLGesNEJ5VRmpwTFF2w8KzOt6bKPsY6OkDcPibYDtI= Subject key identifier: C4:2F:28:40:D8:3A:F1:B9:26:2F:84:86:20:41:47:F3:2E:E7:73:0C Authority key identifier: 62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0 Certificate issuer: /CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0 Certificate serial: 019B3231E034E05E27FEC38B33D4D82EFC6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 16:01:28 +0000 Manifest this update: Thu 18 Dec 2025 16:01:28 +0000 Manifest next update: Fri 19 Dec 2025 16:01:28 +0000 Files and hashes: 1: Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl (hash: g8r8vfnmLd9w11n6a8FGym/iHgDRUl5rTLMeTouXmRg=) 2: dZjzanZ5Xa3WwYz-n1bsR4-cdN4.roa (hash: x2Q62dC7uuAXO8D8ST0Y3bzPEAD8rzw3v3/5eqKnb5o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:e0:34:e0:5e:27:fe:c3:8b:33:d4:d8:2e:fc:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=62d6e4bffa2b4d1bc40e92b30af0d21a74b0bbd0 Validity Not Before: Dec 18 16:01:28 2025 GMT Not After : Dec 19 16:01:28 2025 GMT Subject: CN=c42f2840d83af1b9262f8486204147f32ee7730c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a1:06:8d:a1:db:2e:6a:f9:99:8d:c8:8e:5c: ed:80:61:bc:a9:6d:18:7c:57:23:98:ab:9c:d6:08: 18:29:d8:18:d3:71:1f:59:8b:fe:bc:09:ab:88:f0: 37:14:36:ec:cf:da:ea:7f:6f:ce:e5:55:e0:b7:06: d5:4f:6c:c7:3e:fc:52:e9:59:e7:f6:00:e6:c9:ed: 71:86:ac:48:43:fc:32:60:ec:84:f9:b7:a2:4c:21: e5:7f:2d:93:1c:e2:fd:fe:33:6b:fa:47:1a:eb:42: e6:4e:cf:fc:bf:9a:47:32:20:96:bd:7f:3f:da:4f: 6e:bb:de:42:bf:f0:63:c3:e3:57:bb:3a:c1:8e:9c: 7d:7d:8b:52:45:df:9b:75:27:c7:c0:a3:b6:3d:08: 3b:1d:5c:69:2c:34:10:67:f2:5e:59:32:47:05:d4: 77:a9:aa:5b:fd:ab:c9:78:c7:64:26:d2:ed:cc:c9: 54:32:2c:7d:20:1b:62:63:fc:18:a2:c2:53:73:a5: 71:4a:70:8c:73:59:e0:a2:4e:77:5a:7e:21:82:b6: 9c:a3:bf:32:68:6b:73:8b:02:42:0c:85:d1:dd:45: 62:30:d6:4a:e3:b1:fc:df:ae:93:2f:17:6d:ad:5f: 03:45:3f:bb:b6:e2:25:14:96:71:6d:d3:b0:e4:82: 7e:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:2F:28:40:D8:3A:F1:B9:26:2F:84:86:20:41:47:F3:2E:E7:73:0C X509v3 Authority Key Identifier: keyid:62:D6:E4:BF:FA:2B:4D:1B:C4:0E:92:B3:0A:F0:D2:1A:74:B0:BB:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ytbkv_orTRvEDpKzCvDSGnSwu9A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/876750-a230-4f26-b442-f15554fa4b0b/1/Ytbkv_orTRvEDpKzCvDSGnSwu9A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:82:cb:68:59:86:42:26:eb:ee:1f:e1:13:13:bb:dd:0b:f6: f2:f1:a4:0e:3d:4b:ab:27:06:a2:e8:76:aa:16:00:42:47:e6: 65:a0:96:81:45:59:7f:94:24:b4:8e:b5:e1:5c:88:09:4c:be: 55:26:fd:c1:ea:34:cf:18:e9:17:7a:ef:39:c6:60:34:e1:ee: ba:04:59:69:0b:ca:d1:dd:a1:5e:ed:d9:16:aa:86:25:16:e0: 2a:2a:e9:7d:b3:57:1b:09:33:02:5d:d7:ba:23:1e:a5:3d:e3: 94:d4:4d:b7:26:f7:8a:7a:51:9d:93:8b:b0:2f:33:c5:16:3e: 57:e4:9e:1e:b6:6d:f8:af:f7:1c:a4:91:5c:70:86:c4:99:30: 78:3f:37:61:0b:3e:e5:15:f0:e0:3e:db:74:cf:c7:f2:59:7b: e4:ff:e4:5f:87:ca:a4:0d:14:5a:55:5a:72:05:f1:9e:cb:13: 9d:98:c1:73:cb:3c:e3:9c:34:15:a8:a7:17:54:7b:66:a9:85: 87:63:f5:23:f2:10:76:e6:66:6c:d9:88:31:ff:50:e2:5e:fb: 0f:cb:cc:81:b2:19:3d:21:06:1f:4d:19:aa:12:69:ce:b2:39: 26:15:3e:ef:4e:c6:9c:9c:59:40:07:13:20:b5:57:49:d2:26: 2e:ac:e8:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMeA04F4n/sOLM9TYLvxqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyZDZlNGJmZmEyYjRkMWJjNDBlOTJiMzBhZjBkMjFhNzRi MGJiZDAwHhcNMjUxMjE4MTYwMTI4WhcNMjUxMjE5MTYwMTI4WjAzMTEwLwYDVQQD EyhjNDJmMjg0MGQ4M2FmMWI5MjYyZjg0ODYyMDQxNDdmMzJlZTc3MzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6EGjaHbLmr5mY3IjlztgGG8qW0Y fFcjmKuc1ggYKdgY03EfWYv+vAmriPA3FDbsz9rqf2/O5VXgtwbVT2zHPvxS6Vnn 9gDmye1xhqxIQ/wyYOyE+beiTCHlfy2THOL9/jNr+kca60LmTs/8v5pHMiCWvX8/ 2k9uu95Cv/Bjw+NXuzrBjpx9fYtSRd+bdSfHwKO2PQg7HVxpLDQQZ/JeWTJHBdR3 qapb/avJeMdkJtLtzMlUMix9IBtiY/wYosJTc6VxSnCMc1ngok53Wn4hgraco78y aGtziwJCDIXR3UViMNZK47H8366TLxdtrV8DRT+7tuIlFJZxbdOw5IJ+awIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMQvKEDYOvG5Ji+EhiBBR/Mu53MMMB8GA1UdIwQY MBaAFGLW5L/6K00bxA6Sswrw0hp0sLvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDIt ZjE1NTU0ZmE0YjBiLzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi84NzY3NTAtYTIzMC00ZjI2LWI0NDItZjE1NTU0ZmE0YjBi LzEvWXRia3Zfb3JUUnZFRHBLekN2RFNHblN3dTlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAroLLaFmG Qibr7h/hExO73Qv28vGkDj1LqycGouh2qhYAQkfmZaCWgUVZf5QktI614VyICUy+ VSb9weo0zxjpF3rvOcZgNOHuugRZaQvK0d2hXu3ZFqqGJRbgKirpfbNXGwkzAl3X uiMepT3jlNRNtyb3inpRnZOLsC8zxRY+V+SeHrZt+K/3HKSRXHCGxJkweD83YQs+ 5RXw4D7bdM/H8ll75P/kX4fKpA0UWlVacgXxnssTnZjBc8s845w0FainF1R7ZqmF h2P1I/IQduZmbNmIMf9Q4l77D8vMgbIZPSEGH00ZqhJpzrI5JhU+707GnJxZQAcT ILVXSdImLqzoQQ== -----END CERTIFICATE-----Generated at Thu Dec 18 22:39:07 2025 by rpki-client