This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft File: yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json) Hash identifier: 0f6X28t1Yl/QtchpwZvMH/jzULlgRw4UIlyMlLf9SW4= Subject key identifier: E1:8F:AF:73:C9:A4:7F:E4:02:DA:B3:6C:9E:FF:8B:08:2E:C5:48:74 Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D Certificate issuer: /CN=c8cec13bd6f30420de74d2c31564dadda08e014d Certificate serial: 019B5977A5E5825C1375EF765F7540C730D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft Manifest number: 01C1 Signing time: Fri 26 Dec 2025 07:02:52 +0000 Manifest this update: Fri 26 Dec 2025 07:02:52 +0000 Manifest next update: Sat 27 Dec 2025 07:02:52 +0000 Files and hashes: 1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: S84gEj3ORX1kE8o0MbOXx7BpGyYodJSc3bDezRErydI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:a5:e5:82:5c:13:75:ef:76:5f:75:40:c7:30:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d Validity Not Before: Dec 26 07:02:52 2025 GMT Not After : Dec 27 07:02:52 2025 GMT Subject: CN=e18faf73c9a47fe402dab36c9eff8b082ec54874 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f7:ca:36:38:f2:00:92:ec:0f:2e:c5:47:fe: 73:30:06:40:12:fc:e1:9e:f8:17:e5:b1:d4:3d:7c: 9d:3f:f2:31:3a:0a:da:37:d5:96:a2:78:09:f0:89: 12:c2:2b:51:81:cf:14:9b:7a:51:dd:da:4a:a6:12: 31:6f:95:09:75:bd:f9:2f:ef:a5:4a:c9:af:48:cd: 40:cb:12:d3:4f:a8:ee:c7:e4:2f:7d:cd:f1:f8:4f: 7d:bd:25:35:0c:f2:7b:b6:12:db:4f:be:b0:80:5f: 04:bb:40:cc:8e:1c:b6:fa:cf:a1:cb:65:bc:62:69: 1b:1b:5f:e8:18:5f:c9:0e:9f:68:64:99:4c:9e:07: 2c:d4:b0:6c:a9:1d:f1:95:9a:80:97:bc:38:d5:fb: 7b:7c:f4:1b:2d:84:9b:1c:fd:7f:fc:23:7f:92:e7: 37:77:82:b5:14:ff:c0:5b:1d:37:58:98:00:87:68: e0:d5:f2:8f:43:29:ed:88:04:40:d5:8c:39:59:17: 37:93:45:f8:96:b1:3e:53:f5:7c:bf:12:f9:bf:58: 26:5c:a0:a4:84:8f:73:e7:28:5f:45:ff:77:cb:ac: d3:3b:5d:9b:fd:dc:4a:43:a0:30:5f:37:c3:26:7e: c2:b8:01:5b:a7:41:e6:76:46:f9:98:54:fb:7a:51: 82:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:8F:AF:73:C9:A4:7F:E4:02:DA:B3:6C:9E:FF:8B:08:2E:C5:48:74 X509v3 Authority Key Identifier: keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:ef:94:9f:af:d5:51:48:cc:b0:8f:d2:ea:11:3e:cd:02:65: dd:6f:ef:b6:98:ba:0e:10:69:44:c8:cc:9b:2f:50:0f:e7:64: 3d:d0:05:cf:06:d4:68:f3:61:52:5e:f0:6c:37:1a:9f:55:28: 0d:e1:4d:15:5b:29:87:40:e8:2b:1a:c2:01:a1:41:bf:66:d9: 62:f8:5e:a7:8b:0d:2e:5a:1e:e3:e4:34:d8:93:9f:fa:5e:9c: 7a:fe:3a:26:cb:9d:4f:76:c3:b4:d2:91:e1:de:1d:04:57:7b: 73:49:99:b8:40:45:61:17:6c:72:49:fe:16:33:a6:3d:85:a2: 0c:7a:1f:d4:91:05:25:eb:e1:ae:7d:bc:d1:b3:53:d1:25:00: e1:11:e2:d0:29:71:4c:92:85:39:a2:c8:a2:85:5f:70:ec:2d: 9b:f9:0e:d6:ec:e8:17:57:f7:9b:c4:bb:21:66:01:37:5b:35: b1:bd:c4:b3:cb:df:88:4c:18:7f:c5:a4:e3:7f:d0:a6:d8:02: d2:8c:24:1c:c1:d4:f5:a0:12:66:ca:aa:f0:a4:14:65:4b:87: 5c:db:59:8f:4c:53:bb:d9:0c:77:a4:86:1c:80:88:0e:62:12: f9:fc:16:b7:8c:c7:87:48:26:a4:ea:ad:a5:c7:fe:44:44:54: 90:fc:4d:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd6XlglwTde92X3VAxzDSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4 ZTAxNGQwHhcNMjUxMjI2MDcwMjUyWhcNMjUxMjI3MDcwMjUyWjAzMTEwLwYDVQQD EyhlMThmYWY3M2M5YTQ3ZmU0MDJkYWIzNmM5ZWZmOGIwODJlYzU0ODc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxffKNjjyAJLsDy7FR/5zMAZAEvzh nvgX5bHUPXydP/IxOgraN9WWongJ8IkSwitRgc8Um3pR3dpKphIxb5UJdb35L++l SsmvSM1AyxLTT6jux+Qvfc3x+E99vSU1DPJ7thLbT76wgF8Eu0DMjhy2+s+hy2W8 YmkbG1/oGF/JDp9oZJlMngcs1LBsqR3xlZqAl7w41ft7fPQbLYSbHP1//CN/kuc3 d4K1FP/AWx03WJgAh2jg1fKPQyntiARA1Yw5WRc3k0X4lrE+U/V8vxL5v1gmXKCk hI9z5yhfRf93y6zTO12b/dxKQ6AwXzfDJn7CuAFbp0Hmdkb5mFT7elGC/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOGPr3PJpH/kAtqzbJ7/iwguxUh0MB8GA1UdIwQY MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZO+Un6/V UUjMsI/S6hE+zQJl3W/vtpi6DhBpRMjMmy9QD+dkPdAFzwbUaPNhUl7wbDcan1Uo DeFNFVsph0DoKxrCAaFBv2bZYvhep4sNLloe4+Q02JOf+l6cev46JsudT3bDtNKR 4d4dBFd7c0mZuEBFYRdsckn+FjOmPYWiDHof1JEFJevhrn280bNT0SUA4RHi0Clx TJKFOaLIooVfcOwtm/kO1uzoF1f3m8S7IWYBN1s1sb3Es8vfiEwYf8Wk43/QptgC 0owkHMHU9aASZsqq8KQUZUuHXNtZj0xTu9kMd6SGHICIDmIS+fwWt4zHh0gmpOqt pcf+RERUkPxN9w== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:20 2025 by rpki-client