This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft File: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json) Hash identifier: El/+/6sJs9tf8MfcVoMzLE+VVAnwDW/k+190OPPpN4M= Subject key identifier: 64:4F:69:32:62:A9:77:28:F8:8C:D9:B4:F6:1C:E5:EE:53:6B:97:DD Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9 Certificate issuer: /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9 Certificate serial: 019B375838D136349B97BC7F6DE09D38FBE6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft Manifest number: 1782 Signing time: Fri 19 Dec 2025 16:01:27 +0000 Manifest this update: Fri 19 Dec 2025 16:01:27 +0000 Manifest next update: Sat 20 Dec 2025 16:01:27 +0000 Files and hashes: 1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: 3BCKKrNoeK0nDu8+hJq5+ZB0aLvJOzrJfT6faA+AyYg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:58:38:d1:36:34:9b:97:bc:7f:6d:e0:9d:38:fb:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9 Validity Not Before: Dec 19 16:01:27 2025 GMT Not After : Dec 20 16:01:27 2025 GMT Subject: CN=644f693262a97728f88cd9b4f61ce5ee536b97dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:94:10:9f:22:c3:bc:ce:4e:fd:ef:33:35:33: b8:54:57:fe:68:64:2d:e2:1e:c6:8e:92:28:95:ca: 28:64:b7:dc:4e:38:93:2d:64:d2:9b:63:1b:72:74: 45:fc:ac:32:aa:c3:2f:e2:f3:e9:cf:d1:c3:ee:2d: 4d:dc:01:b0:c2:1a:62:d4:8f:10:86:c7:da:83:a9: fc:47:19:0d:65:e9:20:6c:62:8e:eb:7e:86:5a:87: 1f:48:1c:eb:ef:6e:8d:fd:d6:20:ed:5f:a3:c7:28: 42:7f:ac:d2:ad:97:77:f6:47:98:91:07:0d:87:7f: ba:dc:43:ca:ce:94:2f:9b:21:c1:0f:5c:cc:73:94: 71:a4:3c:2e:41:97:d9:c3:96:04:cb:99:55:fd:d5: f6:ea:5f:9c:38:32:f9:10:83:b5:2e:88:52:96:da: a7:9b:4b:bf:2d:3e:39:fc:37:3d:12:5a:ce:77:21: be:f8:17:59:9d:ec:69:99:6c:97:46:79:7e:32:e9: ef:4d:da:61:bd:ab:0e:74:50:cc:f9:3f:84:24:64: be:d2:4e:34:f5:e3:07:0e:41:9a:18:7a:11:ed:be: 06:2d:aa:1e:77:2b:3d:ee:61:47:f4:d2:bb:a1:75: 81:99:9b:e4:77:72:87:f6:4f:47:82:13:05:26:01: ff:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:4F:69:32:62:A9:77:28:F8:8C:D9:B4:F6:1C:E5:EE:53:6B:97:DD X509v3 Authority Key Identifier: keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:00:14:ab:b2:f8:67:a7:02:2e:64:8a:b9:7c:0e:6d:7d:42: c3:cf:ca:64:c1:a7:e0:bd:57:db:f6:bb:50:22:ac:7f:d2:81: dc:74:84:f0:96:69:90:2f:f6:2b:74:34:38:a8:bd:c4:0a:18: 5e:e4:32:b9:1a:6f:64:14:07:66:dd:99:2a:4b:17:e8:e3:f6: dc:54:3d:cd:d4:10:cd:64:b6:e2:73:59:7e:5e:79:de:c5:41: dd:91:d5:cf:4c:5c:55:e7:00:e5:2e:ef:08:43:e2:e3:e6:87: f7:a7:41:6e:c4:0a:b0:dd:9c:ff:c9:48:41:d8:9b:03:46:c7: fe:8a:57:39:4d:9e:40:98:ff:ac:9a:bc:1d:8d:8f:0f:7f:02: 1e:e6:dd:12:2b:b5:b6:37:06:fd:da:b8:91:92:0d:f5:eb:ab: 9f:f7:be:fe:7a:3f:a2:53:02:db:14:16:68:96:44:c9:e9:cf: d2:5d:0b:ec:be:e8:25:d0:24:19:01:ef:c4:29:97:55:a2:8b: 54:92:28:5b:76:49:ba:19:49:89:d1:5d:0f:f7:df:d8:ae:92: f1:df:0e:c5:de:ca:26:23:12:50:c4:e5:18:19:5d:5c:3d:7e: ce:fe:3e:89:7c:f4:04:8e:b2:11:69:4a:aa:ec:fd:ab:8e:44: 65:3a:1a:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3WDjRNjSbl7x/beCdOPvmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4 YTlhZTkwHhcNMjUxMjE5MTYwMTI3WhcNMjUxMjIwMTYwMTI3WjAzMTEwLwYDVQQD Eyg2NDRmNjkzMjYyYTk3NzI4Zjg4Y2Q5YjRmNjFjZTVlZTUzNmI5N2RkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQQnyLDvM5O/e8zNTO4VFf+aGQt 4h7GjpIolcooZLfcTjiTLWTSm2MbcnRF/KwyqsMv4vPpz9HD7i1N3AGwwhpi1I8Q hsfag6n8RxkNZekgbGKO636GWocfSBzr726N/dYg7V+jxyhCf6zSrZd39keYkQcN h3+63EPKzpQvmyHBD1zMc5RxpDwuQZfZw5YEy5lV/dX26l+cODL5EIO1LohSltqn m0u/LT45/Dc9ElrOdyG++BdZnexpmWyXRnl+MunvTdphvasOdFDM+T+EJGS+0k40 9eMHDkGaGHoR7b4GLaoedys97mFH9NK7oXWBmZvkd3KH9k9HghMFJgH/qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGRPaTJiqXco+IzZtPYc5e5Ta5fdMB8GA1UdIwQY MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1 LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAswAUq7L4 Z6cCLmSKuXwObX1Cw8/KZMGn4L1X2/a7UCKsf9KB3HSE8JZpkC/2K3Q0OKi9xAoY XuQyuRpvZBQHZt2ZKksX6OP23FQ9zdQQzWS24nNZfl553sVB3ZHVz0xcVecA5S7v CEPi4+aH96dBbsQKsN2c/8lIQdibA0bH/opXOU2eQJj/rJq8HY2PD38CHubdEiu1 tjcG/dq4kZIN9eurn/e+/no/olMC2xQWaJZEyenP0l0L7L7oJdAkGQHvxCmXVaKL VJIoW3ZJuhlJidFdD/ff2K6S8d8Oxd7KJiMSUMTlGBldXD1+zv4+iXz0BI6yEWlK quz9q45EZToacg== -----END CERTIFICATE-----Generated at Fri Dec 19 22:07:50 2025 by rpki-client