This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft File: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json) Hash identifier: Hf6fxufR1x9P38C/gPEfKhXh9RqS5Y4sNuHqDnSrXGs= Subject key identifier: FB:CE:52:03:5D:7D:48:3B:1A:77:7E:3A:3D:1D:C9:74:3A:89:FF:D0 Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 Certificate issuer: /CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Certificate serial: 019B5A51D455C2B002594BE264B309176D2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 11:01:10 +0000 Manifest this update: Fri 26 Dec 2025 11:01:10 +0000 Manifest next update: Sat 27 Dec 2025 11:01:10 +0000 Files and hashes: 1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: aXM0YzfAu7BevmuT/DOxzRKdGcoT5+Hwb6EBJ0dfak4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:d4:55:c2:b0:02:59:4b:e2:64:b3:09:17:6d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Validity Not Before: Dec 26 11:01:10 2025 GMT Not After : Dec 27 11:01:10 2025 GMT Subject: CN=fbce52035d7d483b1a777e3a3d1dc9743a89ffd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:5b:c9:75:c1:76:84:15:c6:c1:d3:19:31:be: e4:00:f4:b7:cb:ca:1a:69:2d:61:e3:60:66:dc:fb: 93:71:57:1d:38:fb:d1:49:7d:58:b5:b7:0c:9f:92: 38:c1:13:96:67:9b:b7:99:58:b0:f5:d3:5d:a2:0b: 51:88:6c:7c:20:85:04:62:9f:70:c7:fd:6a:22:9b: 0a:c1:6e:17:71:cf:a4:9b:d7:9a:91:c9:a7:f0:cb: e6:41:4b:9a:c4:b3:ff:47:a9:df:1d:47:0f:b0:d9: 59:34:dc:3b:d2:56:70:5d:80:4b:67:59:77:a9:b3: a3:5f:9d:d5:0e:92:d9:b6:a0:8c:d6:d3:96:d7:29: 4f:14:7d:fd:87:24:41:ac:57:66:07:9d:06:f8:ec: c6:fc:cc:a7:e0:53:b5:66:6d:9b:01:72:9b:7b:20: 97:09:ca:8f:39:1b:20:bb:72:73:27:37:99:40:65: f8:75:14:bb:46:e3:44:38:8d:c0:46:61:39:6b:f2: 7a:e7:df:5c:b8:e9:ad:44:57:f8:93:04:1d:57:3d: 38:83:e7:68:27:1a:32:37:67:bc:1f:15:a4:9e:78: a5:c1:63:69:1f:e2:77:88:b5:20:f3:d9:9f:a2:aa: a6:ae:a5:9a:e5:a3:e1:03:16:63:fb:8e:f8:1a:90: e3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:CE:52:03:5D:7D:48:3B:1A:77:7E:3A:3D:1D:C9:74:3A:89:FF:D0 X509v3 Authority Key Identifier: keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:08:90:78:e0:f4:e8:bb:7c:e1:23:89:45:98:29:f1:85:8f: d2:5b:00:e2:e7:b7:61:98:19:06:e3:e3:b7:58:17:00:16:26: 73:45:1b:41:75:f1:74:a2:69:20:5f:d1:c7:b8:d3:38:d7:47: 9a:8a:31:1f:c7:a4:9f:10:85:5b:e8:1a:e9:58:40:74:ff:a9: 6f:bf:da:9a:17:5b:64:a9:8e:cc:5e:4b:20:e5:10:62:93:79: ff:f8:af:75:d3:5f:9a:f1:b9:e9:61:b9:5d:72:86:d9:58:bf: 58:d3:af:a7:38:5e:6c:cb:d8:0d:87:7b:63:39:c6:50:ab:02: 4f:83:ba:fa:f3:f5:6e:0c:b4:f6:fe:7c:ee:ad:61:47:ef:5a: df:4d:98:0e:a5:bc:d7:d0:10:fb:32:dc:7c:ba:f7:2e:db:40: d0:11:da:b8:e3:b5:6d:e5:f1:00:02:09:97:bc:7d:42:f4:aa: 43:fe:2d:5c:9b:24:8c:1a:3a:ae:6a:83:83:bc:01:46:61:b6: 0a:73:3b:b0:87:8e:59:8c:d7:6a:6a:4f:e7:21:74:dd:10:e4: 1f:64:a6:c7:98:45:96:0d:e0:17:0b:21:64:62:8a:99:7d:bc: da:c0:7a:a8:20:bb:bc:b2:3e:78:e0:1a:18:1b:51:44:6a:ec: 4b:20:97:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUdRVwrACWUviZLMJF20sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw YWM1MzAwHhcNMjUxMjI2MTEwMTEwWhcNMjUxMjI3MTEwMTEwWjAzMTEwLwYDVQQD EyhmYmNlNTIwMzVkN2Q0ODNiMWE3NzdlM2EzZDFkYzk3NDNhODlmZmQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFvJdcF2hBXGwdMZMb7kAPS3y8oa aS1h42Bm3PuTcVcdOPvRSX1YtbcMn5I4wROWZ5u3mViw9dNdogtRiGx8IIUEYp9w x/1qIpsKwW4Xcc+km9eakcmn8MvmQUuaxLP/R6nfHUcPsNlZNNw70lZwXYBLZ1l3 qbOjX53VDpLZtqCM1tOW1ylPFH39hyRBrFdmB50G+OzG/Myn4FO1Zm2bAXKbeyCX CcqPORsgu3JzJzeZQGX4dRS7RuNEOI3ARmE5a/J6599cuOmtRFf4kwQdVz04g+do JxoyN2e8HxWknnilwWNpH+J3iLUg89mfoqqmrqWa5aPhAxZj+474GpDj0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPvOUgNdfUg7Gnd+Oj0dyXQ6if/QMB8GA1UdIwQY MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2 LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQiQeOD0 6Lt84SOJRZgp8YWP0lsA4ue3YZgZBuPjt1gXABYmc0UbQXXxdKJpIF/Rx7jTONdH mooxH8eknxCFW+ga6VhAdP+pb7/amhdbZKmOzF5LIOUQYpN5//ivddNfmvG56WG5 XXKG2Vi/WNOvpzhebMvYDYd7YznGUKsCT4O6+vP1bgy09v587q1hR+9a302YDqW8 19AQ+zLcfLr3LttA0BHauOO1beXxAAIJl7x9QvSqQ/4tXJskjBo6rmqDg7wBRmG2 CnM7sIeOWYzXampP5yF03RDkH2Smx5hFlg3gFwshZGKKmX282sB6qCC7vLI+eOAa GBtRRGrsSyCXsA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:01 2025 by rpki-client