This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft File: YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json) Hash identifier: Oxzg8AmwpNpjpt7P9tuFd+Xl14cHbqeR8oPY/o8q3AQ= Subject key identifier: 64:A2:6C:40:A2:5C:1C:FC:12:B1:35:3C:31:0A:39:4C:32:02:C3:41 Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 Certificate issuer: /CN=633333d71526f533b1c1cf0be9fc321b623396d3 Certificate serial: 019B5A1A63DD41848FFD1272105F7437A48F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft Manifest number: 082C Signing time: Fri 26 Dec 2025 10:00:37 +0000 Manifest this update: Fri 26 Dec 2025 10:00:37 +0000 Manifest next update: Sat 27 Dec 2025 10:00:37 +0000 Files and hashes: 1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: kandA+A4T9LRs8QE321TcygXaQ3bUPCjs9NVym9VXOM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:63:dd:41:84:8f:fd:12:72:10:5f:74:37:a4:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3 Validity Not Before: Dec 26 10:00:37 2025 GMT Not After : Dec 27 10:00:37 2025 GMT Subject: CN=64a26c40a25c1cfc12b1353c310a394c3202c341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:4c:59:5b:be:60:42:1a:f5:5e:7d:8f:f9:b5: c4:2f:2f:04:ac:f4:49:20:0e:0d:49:af:2c:a0:13: c3:b9:ab:a3:a6:11:00:60:ae:ae:72:2b:d8:85:a8: fa:f5:59:b6:66:e4:a9:ed:2a:03:0a:60:0d:e9:0d: 41:0a:8a:05:9b:c0:46:2e:36:48:71:75:95:fe:ed: e0:b8:90:a7:82:5c:8e:17:e2:75:c7:ab:0b:81:e9: dd:0c:6f:f0:87:6d:e5:50:b5:c3:ae:b1:3b:10:f6: b3:7f:7c:06:fa:6c:b9:4a:87:54:a3:09:eb:ca:af: 85:16:cf:f2:fd:b8:4a:1d:5f:f0:9d:b9:26:a5:b2: 9f:c3:75:58:86:34:1b:a6:75:b6:b4:78:26:16:2a: 39:2f:a5:59:2b:92:01:0a:ce:64:ad:57:d0:46:bd: 40:76:9d:83:41:34:1b:38:47:8b:ea:2c:e9:1e:4c: f8:27:d1:0e:c5:a8:f0:36:6a:01:4a:9a:15:62:51: eb:14:8d:66:2b:5f:9b:f1:50:d2:71:65:2c:39:1c: b1:94:b1:68:90:75:83:21:93:15:c0:06:45:10:c3: d0:6f:03:17:71:48:55:db:bc:b0:b9:bd:b8:92:86: c4:bd:fc:c9:5d:5a:3f:b8:2d:d7:74:0f:30:24:96: a9:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:A2:6C:40:A2:5C:1C:FC:12:B1:35:3C:31:0A:39:4C:32:02:C3:41 X509v3 Authority Key Identifier: keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:8b:7d:58:b4:f0:9e:39:08:41:77:62:33:ea:a6:fd:ee:f1: 37:c7:b6:55:14:ac:50:47:12:6f:35:fb:7d:a6:90:f7:56:23: 16:9e:70:58:1f:bb:e1:91:07:9c:c9:21:fa:38:a6:99:4e:09: f1:2d:48:91:86:76:01:c7:7b:3e:3e:d5:11:eb:82:11:3e:40: a1:40:b6:1e:a1:96:25:08:50:59:2e:e4:8d:af:a9:65:cd:6b: 17:8a:74:e8:8e:9f:50:85:54:87:34:bf:61:60:68:f4:5f:48: ed:f7:90:76:03:e8:46:23:0f:ff:7f:30:f9:6a:15:28:24:c4: a6:6a:63:cd:44:4b:8d:69:43:78:a5:d2:94:42:d7:05:5f:ff: 54:3c:0d:a7:be:53:4e:da:56:10:3b:39:97:c3:69:b8:26:ed: a7:96:3f:cc:12:02:7c:b1:2d:b0:e7:78:6c:df:a3:30:5c:be: 10:a2:fb:34:66:5b:08:5f:18:77:24:3c:7c:0b:e8:db:ca:65: 8f:8f:00:70:72:33:6c:e7:6a:95:d4:85:50:3c:65:1d:84:30: ae:6b:e0:8f:4b:b5:84:b1:18:79:63:04:1e:19:c9:35:02:dd: 34:3c:57:82:88:b5:21:61:a5:2c:5e:2f:ce:e8:e9:cc:41:25: e9:39:30:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGmPdQYSP/RJyEF90N6SPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz Mzk2ZDMwHhcNMjUxMjI2MTAwMDM3WhcNMjUxMjI3MTAwMDM3WjAzMTEwLwYDVQQD Eyg2NGEyNmM0MGEyNWMxY2ZjMTJiMTM1M2MzMTBhMzk0YzMyMDJjMzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0xZW75gQhr1Xn2P+bXELy8ErPRJ IA4NSa8soBPDuaujphEAYK6ucivYhaj69Vm2ZuSp7SoDCmAN6Q1BCooFm8BGLjZI cXWV/u3guJCnglyOF+J1x6sLgendDG/wh23lULXDrrE7EPazf3wG+my5SodUownr yq+FFs/y/bhKHV/wnbkmpbKfw3VYhjQbpnW2tHgmFio5L6VZK5IBCs5krVfQRr1A dp2DQTQbOEeL6izpHkz4J9EOxajwNmoBSpoVYlHrFI1mK1+b8VDScWUsORyxlLFo kHWDIZMVwAZFEMPQbwMXcUhV27ywub24kobEvfzJXVo/uC3XdA8wJJapHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGSibECiXBz8ErE1PDEKOUwyAsNBMB8GA1UdIwQY MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV4t9WLTw njkIQXdiM+qm/e7xN8e2VRSsUEcSbzX7faaQ91YjFp5wWB+74ZEHnMkh+jimmU4J 8S1IkYZ2Acd7Pj7VEeuCET5AoUC2HqGWJQhQWS7kja+pZc1rF4p06I6fUIVUhzS/ YWBo9F9I7feQdgPoRiMP/38w+WoVKCTEpmpjzURLjWlDeKXSlELXBV//VDwNp75T TtpWEDs5l8NpuCbtp5Y/zBICfLEtsOd4bN+jMFy+EKL7NGZbCF8YdyQ8fAvo28pl j48AcHIzbOdqldSFUDxlHYQwrmvgj0u1hLEYeWMEHhnJNQLdNDxXgoi1IWGlLF4v zujpzEEl6TkwZw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:04 2025 by rpki-client