This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft File: Yefv0ZrydUeUJswZJcW8Ls7ums4.mft (raw, json) Hash identifier: n5ua/n0ru1evdrJeosG6V34HVu9fUufrZSVuPF8zz+A= Subject key identifier: B2:02:2C:6D:48:87:64:15:C4:A5:B7:C0:D3:8A:86:73:91:C8:DE:0F Authority key identifier: 61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE Certificate issuer: /CN=61e7efd19af275479426cc1925c5bc2eceee9ace Certificate serial: 019B5ABF85B8EC77561FF34862705B4874B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft Manifest number: 16A9 Signing time: Fri 26 Dec 2025 13:00:59 +0000 Manifest this update: Fri 26 Dec 2025 13:00:59 +0000 Manifest next update: Sat 27 Dec 2025 13:00:59 +0000 Files and hashes: 1: Yefv0ZrydUeUJswZJcW8Ls7ums4.crl (hash: qcSaC3DkH46Chr+rXKo+8q0g6WiowfFilseStArvsdA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:85:b8:ec:77:56:1f:f3:48:62:70:5b:48:74:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61e7efd19af275479426cc1925c5bc2eceee9ace Validity Not Before: Dec 26 13:00:59 2025 GMT Not After : Dec 27 13:00:59 2025 GMT Subject: CN=b2022c6d48876415c4a5b7c0d38a867391c8de0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c8:6f:87:74:48:b6:3c:71:12:56:77:03:71: 78:08:71:2e:4a:ef:d7:7a:cb:33:9d:24:5d:77:50: c5:c1:f9:96:37:55:af:a9:8a:26:ba:bf:6f:77:64: dd:e0:1d:cd:7f:4e:9b:0b:0f:2a:5b:31:00:c3:e5: d0:18:6d:23:20:9b:ae:f2:f9:ef:e2:24:cc:cc:24: 74:e8:23:26:c3:08:c9:51:f3:b8:5c:b7:8a:a1:35: 1d:cb:78:99:cb:b6:04:6d:d5:69:68:85:a0:5f:8c: b9:b9:cb:ce:98:00:9e:1b:a0:1a:5b:24:5a:f6:3c: be:7f:25:9c:78:b4:07:88:a6:80:d1:5c:bf:12:21: 1f:39:a8:78:0d:e4:06:c3:e3:e4:b0:6b:f3:4f:54: d6:fb:f6:da:05:97:2a:58:38:64:d6:c4:7b:94:21: a1:d6:16:b6:66:89:be:ac:42:02:5c:c4:e8:25:9f: 8d:22:95:70:1e:c4:03:85:29:fb:2e:35:aa:9c:6b: 81:03:29:00:bc:e0:e9:1e:36:62:1a:23:c1:c5:c5: cc:4b:02:99:37:3f:95:eb:cb:a5:68:db:74:1d:75: 03:d4:c5:cd:80:e5:70:23:b1:ea:31:e4:49:88:82: d3:4c:7c:b7:31:97:55:8e:03:da:99:33:ce:0e:87: 18:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:02:2C:6D:48:87:64:15:C4:A5:B7:C0:D3:8A:86:73:91:C8:DE:0F X509v3 Authority Key Identifier: keyid:61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:58:cf:4a:72:dd:eb:d8:6a:f4:51:c5:11:35:e1:cc:eb:6f: 03:1a:14:4c:77:21:80:53:58:4b:d9:27:10:bd:e7:da:8e:cc: 58:15:e1:72:66:a5:a4:cd:42:af:7b:02:2d:8f:6a:4f:0c:1a: c0:49:91:22:71:52:ac:ca:8c:4b:26:87:cb:13:d1:21:bb:0a: a1:d5:a1:38:20:22:98:a3:61:86:e8:51:05:42:2c:f7:67:72: 1c:45:8e:4e:fa:22:0a:d9:33:f1:e6:fb:a4:ed:dd:bf:29:4f: 8b:fa:2a:88:66:3a:74:d4:88:ea:2c:dd:f1:f3:5d:b3:f3:14: 60:1d:47:8d:1b:ed:a0:24:8e:e1:ea:54:26:9c:0f:a9:fb:c9: 9c:b2:0b:e1:6a:cb:f6:6d:36:fb:33:51:6b:d1:a2:ef:2c:45: fc:1d:a2:17:fc:26:81:62:70:e9:46:8c:e2:06:f7:3d:0b:74: eb:2f:af:db:52:5b:0e:fa:e6:bc:f3:bb:33:34:c4:2d:c3:d2: 0e:39:ca:4f:27:79:c2:67:a6:12:b5:c5:5a:ea:78:15:f6:81: e6:71:78:b6:2e:10:77:bf:2f:46:52:92:5d:ce:6c:85:37:bf: 99:f0:c9:56:2b:08:33:fa:4e:96:61:e6:34:e5:58:94:cf:8e: ea:fc:f4:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav4W47HdWH/NIYnBbSHS2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxZTdlZmQxOWFmMjc1NDc5NDI2Y2MxOTI1YzViYzJlY2Vl ZTlhY2UwHhcNMjUxMjI2MTMwMDU5WhcNMjUxMjI3MTMwMDU5WjAzMTEwLwYDVQQD EyhiMjAyMmM2ZDQ4ODc2NDE1YzRhNWI3YzBkMzhhODY3MzkxYzhkZTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8hvh3RItjxxElZ3A3F4CHEuSu/X essznSRdd1DFwfmWN1WvqYomur9vd2Td4B3Nf06bCw8qWzEAw+XQGG0jIJuu8vnv 4iTMzCR06CMmwwjJUfO4XLeKoTUdy3iZy7YEbdVpaIWgX4y5ucvOmACeG6AaWyRa 9jy+fyWceLQHiKaA0Vy/EiEfOah4DeQGw+PksGvzT1TW+/baBZcqWDhk1sR7lCGh 1ha2Zom+rEICXMToJZ+NIpVwHsQDhSn7LjWqnGuBAykAvODpHjZiGiPBxcXMSwKZ Nz+V68ulaNt0HXUD1MXNgOVwI7HqMeRJiILTTHy3MZdVjgPamTPODocYDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLICLG1Ih2QVxKW3wNOKhnORyN4PMB8GA1UdIwQY MBaAFGHn79Ga8nVHlCbMGSXFvC7O7prOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2Yt MDg3NDBkZjg3MTA2LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2YtMDg3NDBkZjg3MTA2 LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANFjPSnLd 69hq9FHFETXhzOtvAxoUTHchgFNYS9knEL3n2o7MWBXhcmalpM1Cr3sCLY9qTwwa wEmRInFSrMqMSyaHyxPRIbsKodWhOCAimKNhhuhRBUIs92dyHEWOTvoiCtkz8eb7 pO3dvylPi/oqiGY6dNSI6izd8fNds/MUYB1HjRvtoCSO4epUJpwPqfvJnLIL4WrL 9m02+zNRa9Gi7yxF/B2iF/wmgWJw6UaM4gb3PQt06y+v21JbDvrmvPO7MzTELcPS DjnKTyd5wmemErXFWup4FfaB5nF4ti4Qd78vRlKSXc5shTe/mfDJVisIM/pOlmHm NOVYlM+O6vz0ZA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:23 2025 by rpki-client