This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft File: YPa89uKxCboqFKc7l1rZVEhLS6U.mft (raw, json) Hash identifier: /8YlQvj1AVllhbDpJ4RQIZwWz+1Fhbm36b4hH/ZRxXU= Subject key identifier: F4:4A:A4:48:54:0C:83:1E:1F:A7:60:82:88:49:27:63:84:30:45:60 Authority key identifier: 60:F6:BC:F6:E2:B1:09:BA:2A:14:A7:3B:97:5A:D9:54:48:4B:4B:A5 Certificate issuer: /CN=60f6bcf6e2b109ba2a14a73b975ad954484b4ba5 Certificate serial: 019B3D237C2A786D135BEDD043E60ECFB008 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft Manifest number: 0C0A Signing time: Sat 20 Dec 2025 19:01:34 +0000 Manifest this update: Sat 20 Dec 2025 19:01:34 +0000 Manifest next update: Sun 21 Dec 2025 19:01:34 +0000 Files and hashes: 1: YPa89uKxCboqFKc7l1rZVEhLS6U.crl (hash: /X4xccgJwAJipPFT5dBAdFUTxPctFLhgVBgvEs7LFN0=) 2: oNp64lcp-PwrYsQaBw1j30tzyNw.roa (hash: FzeHCqPb/tC2Vmdnn3r7gfGFiDclam5dSTVPZrLAWO8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.crl rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:7c:2a:78:6d:13:5b:ed:d0:43:e6:0e:cf:b0:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60f6bcf6e2b109ba2a14a73b975ad954484b4ba5 Validity Not Before: Dec 20 19:01:34 2025 GMT Not After : Dec 21 19:01:34 2025 GMT Subject: CN=f44aa448540c831e1fa760828849276384304560 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:61:66:2f:ea:23:93:9f:a9:9a:99:d7:8c:08: 2a:a3:e5:00:04:be:6c:86:57:cc:65:10:50:ae:cb: 3c:55:92:a4:bb:f9:ab:d3:c4:a8:3d:26:d3:36:5b: d5:02:7a:29:51:fb:34:c3:5f:31:86:31:6a:4a:37: a1:ae:13:fe:03:19:e1:c8:bd:75:7b:15:12:aa:6c: a6:5c:6e:6b:db:df:3d:72:c5:a4:a2:7c:e3:58:4f: 6b:35:10:2d:25:25:8f:fc:2d:fa:0d:bc:75:71:50: 8c:34:5c:44:c3:b4:24:e2:34:b7:02:51:1c:01:f9: b0:60:5b:6e:2f:2d:f3:0c:d6:e3:bb:03:36:10:3a: 95:44:ac:eb:bf:65:60:68:a2:2d:14:0e:36:64:3d: 7f:38:89:e2:a0:2e:fb:f3:96:e4:c9:5c:90:1f:54: 1d:61:ee:19:73:9c:f3:8e:3c:37:f2:14:b1:9e:55: 52:ce:25:d8:d1:78:99:89:1e:c6:32:e7:41:18:3e: e6:37:d0:ac:42:31:86:0f:f6:3a:d7:c1:83:c1:9d: 7b:11:ba:f1:26:b8:7e:fa:90:ca:22:54:00:af:98: 04:e3:fa:22:86:f1:73:fe:a7:fd:00:e3:a2:be:38: f1:a8:dc:d3:52:3b:fb:a4:9f:86:da:59:47:6d:c9: 4d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:4A:A4:48:54:0C:83:1E:1F:A7:60:82:88:49:27:63:84:30:45:60 X509v3 Authority Key Identifier: keyid:60:F6:BC:F6:E2:B1:09:BA:2A:14:A7:3B:97:5A:D9:54:48:4B:4B:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPa89uKxCboqFKc7l1rZVEhLS6U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/83adbb-3627-4b87-9f7d-ab40253b5e2b/1/YPa89uKxCboqFKc7l1rZVEhLS6U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:c3:c6:8f:6a:1d:87:14:91:9b:45:78:57:69:74:07:3b:b8: e9:7c:63:45:ed:cd:60:81:8e:ca:6e:37:01:4b:54:29:46:9c: 1d:11:5b:3a:a7:01:6c:1f:cc:51:63:56:b9:42:59:6b:0a:af: e9:ad:92:13:41:7a:12:58:6a:4a:ff:4c:95:ee:3d:9c:2a:ad: 10:aa:6c:c5:77:ae:47:54:0e:b3:70:3a:88:c2:d2:8b:85:d8: 35:bd:c8:f9:c1:4a:5e:c9:5d:98:fe:90:56:cc:ce:6e:80:3f: 03:b4:5d:44:24:7d:83:94:dd:d9:62:a8:4b:fc:e4:99:91:65: 9a:04:fe:81:f7:f3:1d:54:f2:6c:4d:f5:85:e9:f4:ef:0a:a9: 47:32:f2:6e:f2:0e:d2:b9:a3:54:0f:05:e3:71:cd:5e:81:24: ac:ea:9f:aa:c8:22:42:64:f5:32:48:79:16:d9:72:82:aa:08: 82:f7:a5:ce:26:ab:fd:b2:c1:8e:c0:97:51:57:22:fd:0a:ec: 2a:30:6c:b2:9c:7a:2d:c8:b8:a4:c0:e0:ac:9e:73:b1:40:8f: 50:fb:93:17:ae:50:85:cd:36:39:d5:51:76:32:d6:46:4d:f3: 1f:f0:0d:70:48:e4:c7:d2:46:cb:e5:32:7e:db:f4:16:ad:e6: a1:94:9f:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I3wqeG0TW+3QQ+YOz7AIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwZjZiY2Y2ZTJiMTA5YmEyYTE0YTczYjk3NWFkOTU0NDg0 YjRiYTUwHhcNMjUxMjIwMTkwMTM0WhcNMjUxMjIxMTkwMTM0WjAzMTEwLwYDVQQD EyhmNDRhYTQ0ODU0MGM4MzFlMWZhNzYwODI4ODQ5Mjc2Mzg0MzA0NTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2FmL+ojk5+pmpnXjAgqo+UABL5s hlfMZRBQrss8VZKku/mr08SoPSbTNlvVAnopUfs0w18xhjFqSjehrhP+AxnhyL11 exUSqmymXG5r2989csWkonzjWE9rNRAtJSWP/C36Dbx1cVCMNFxEw7Qk4jS3AlEc AfmwYFtuLy3zDNbjuwM2EDqVRKzrv2VgaKItFA42ZD1/OInioC7785bkyVyQH1Qd Ye4Zc5zzjjw38hSxnlVSziXY0XiZiR7GMudBGD7mN9CsQjGGD/Y618GDwZ17Ebrx Jrh++pDKIlQAr5gE4/oihvFz/qf9AOOivjjxqNzTUjv7pJ+G2llHbclNTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRKpEhUDIMeH6dggohJJ2OEMEVgMB8GA1UdIwQY MBaAFGD2vPbisQm6KhSnO5da2VRIS0ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84M2FkYmItMzYyNy00Yjg3LTlmN2Qt YWI0MDI1M2I1ZTJiLzEvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS84M2FkYmItMzYyNy00Yjg3LTlmN2QtYWI0MDI1M2I1ZTJi LzEvWVBhODl1S3hDYm9xRktjN2wxclpWRWhMUzZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMcPGj2od hxSRm0V4V2l0Bzu46XxjRe3NYIGOym43AUtUKUacHRFbOqcBbB/MUWNWuUJZawqv 6a2SE0F6ElhqSv9Mle49nCqtEKpsxXeuR1QOs3A6iMLSi4XYNb3I+cFKXsldmP6Q VszOboA/A7RdRCR9g5Td2WKoS/zkmZFlmgT+gffzHVTybE31hen07wqpRzLybvIO 0rmjVA8F43HNXoEkrOqfqsgiQmT1Mkh5FtlygqoIgvelziar/bLBjsCXUVci/Qrs KjBsspx6Lci4pMDgrJ5zsUCPUPuTF65Qhc02OdVRdjLWRk3zH/ANcEjkx9JGy+Uy ftv0Fq3moZSf0Q== -----END CERTIFICATE-----Generated at Sun Dec 21 00:58:09 2025 by rpki-client