This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft File: YsTHQ9XCr88n8QTrbgMWEWyFx94.mft (raw, json) Hash identifier: 3qE2LAUeRadq+54EPub9pWwaWkW2YPfUvGeIVPG8r94= Subject key identifier: 19:67:C9:3D:61:11:DD:21:9A:F6:51:90:17:2A:8B:78:19:BB:A3:20 Authority key identifier: 62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE Certificate issuer: /CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de Certificate serial: 019B22877EDAA4539A589510431449058FCD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft Manifest number: 0D46 Signing time: Mon 15 Dec 2025 15:01:03 +0000 Manifest this update: Mon 15 Dec 2025 15:01:03 +0000 Manifest next update: Tue 16 Dec 2025 15:01:03 +0000 Files and hashes: 1: O5Qp4JElVe0um1Rnuz-9xQyVCpc.roa (hash: 73YKFKe5WyNrwSKLy76+GejDIV4ldqnve1bMw3FlzZM=) 2: YsTHQ9XCr88n8QTrbgMWEWyFx94.crl (hash: YLGfKZX3QhVdEfVujq9r6IJ10+tJjoSLR+eUDqkVu28=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:87:7e:da:a4:53:9a:58:95:10:43:14:49:05:8f:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de Validity Not Before: Dec 15 15:01:03 2025 GMT Not After : Dec 16 15:01:03 2025 GMT Subject: CN=1967c93d6111dd219af65190172a8b7819bba320 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:85:00:d5:7e:4d:8b:fc:3c:e1:56:8c:52:eb: b1:a3:97:f2:f4:0d:ee:d0:76:b8:4b:87:27:73:4b: 2e:28:42:b2:d7:6d:cd:48:53:09:83:c6:1d:52:05: c1:fb:c3:05:a5:70:7c:92:36:5b:ff:32:74:16:c9: 78:b0:db:bb:ad:00:6a:bd:4e:d8:fd:db:2c:da:96: 9f:34:42:1a:bf:04:7f:a8:ee:02:f4:56:e5:99:01: d1:ad:ba:64:92:e9:b5:a6:39:ae:3a:76:53:15:6f: ea:09:84:01:0b:73:c1:f5:35:da:6b:74:a1:5c:fb: 74:2a:84:41:df:75:7a:d8:ab:b9:b8:8f:ca:35:cc: e5:ae:50:da:c2:be:76:d5:62:7c:97:0f:0c:ef:4c: 10:e0:70:ae:76:31:c6:a4:f7:0c:f7:ea:57:be:c6: f6:ac:5f:69:54:bf:14:7f:03:35:0d:d8:0b:f6:4b: 92:2b:ee:46:62:c0:a3:cc:d7:02:d6:b8:a9:c0:58: 81:1c:db:69:ff:50:1c:7e:ad:cc:49:24:a7:7e:d8: 62:e5:09:0b:d5:bb:69:69:1b:b4:76:7c:2e:27:81: 40:d9:cb:ec:96:67:10:64:59:53:7a:24:65:df:f4: 76:da:2b:65:c6:36:24:5b:15:74:05:5c:cd:33:08: 06:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:67:C9:3D:61:11:DD:21:9A:F6:51:90:17:2A:8B:78:19:BB:A3:20 X509v3 Authority Key Identifier: keyid:62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:04:82:3b:b8:49:dc:ac:39:6a:59:b6:45:3d:61:0e:da:c8: 46:91:97:8f:a8:9d:5a:8c:a7:2c:bc:8e:3e:7f:f9:f8:ea:04: 55:89:9b:49:09:92:a5:12:4e:da:34:aa:68:37:09:bb:b5:01: e5:b5:b8:6d:1d:de:6c:47:a5:4f:f7:c3:14:43:08:75:2a:e9: 3c:68:f0:0f:48:52:2b:46:35:28:69:b6:5f:db:2e:60:f3:02: 6c:5c:29:df:bf:33:7c:07:39:ec:2b:a7:09:74:c2:58:75:bb: 5e:c8:6b:9c:9d:68:e4:cb:64:54:68:96:f3:bf:98:9e:f4:0e: f8:9f:01:51:6f:c1:86:b8:0c:c5:bf:22:e1:19:6c:92:8f:71: ca:a5:ca:50:70:c2:de:55:2e:0e:2a:d5:c9:23:bf:c8:4d:0e: b3:3d:7f:29:a7:3b:1f:6f:ec:f4:70:8b:d6:60:92:2b:74:b6: 99:e7:53:e3:0c:aa:9e:7a:0c:6c:7e:5d:9b:42:1f:ff:9a:15: d8:e9:82:f6:fd:c7:26:f0:8b:59:6d:08:6c:24:c4:47:46:cf: c5:18:79:97:6f:1f:7a:29:52:39:da:bc:19:82:84:3e:43:98: 86:10:9e:d3:f3:7c:71:ee:bb:41:96:f8:67:8f:ec:cc:38:30: 07:63:45:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsih37apFOaWJUQQxRJBY/NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyYzRjNzQzZDVjMmFmY2YyN2YxMDRlYjZlMDMxNjExNmM4 NWM3ZGUwHhcNMjUxMjE1MTUwMTAzWhcNMjUxMjE2MTUwMTAzWjAzMTEwLwYDVQQD EygxOTY3YzkzZDYxMTFkZDIxOWFmNjUxOTAxNzJhOGI3ODE5YmJhMzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YUA1X5Ni/w84VaMUuuxo5fy9A3u 0Ha4S4cnc0suKEKy123NSFMJg8YdUgXB+8MFpXB8kjZb/zJ0Fsl4sNu7rQBqvU7Y /dss2pafNEIavwR/qO4C9FblmQHRrbpkkum1pjmuOnZTFW/qCYQBC3PB9TXaa3Sh XPt0KoRB33V62Ku5uI/KNczlrlDawr521WJ8lw8M70wQ4HCudjHGpPcM9+pXvsb2 rF9pVL8UfwM1DdgL9kuSK+5GYsCjzNcC1ripwFiBHNtp/1Acfq3MSSSnfthi5QkL 1btpaRu0dnwuJ4FA2cvslmcQZFlTeiRl3/R22itlxjYkWxV0BVzNMwgGFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBlnyT1hEd0hmvZRkBcqi3gZu6MgMB8GA1UdIwQY MBaAFGLEx0PVwq/PJ/EE624DFhFshcfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUt ZGUzNTJhOTJmNmJhLzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUtZGUzNTJhOTJmNmJh LzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwSCO7hJ 3Kw5alm2RT1hDtrIRpGXj6idWoynLLyOPn/5+OoEVYmbSQmSpRJO2jSqaDcJu7UB 5bW4bR3ebEelT/fDFEMIdSrpPGjwD0hSK0Y1KGm2X9suYPMCbFwp378zfAc57Cun CXTCWHW7XshrnJ1o5MtkVGiW87+YnvQO+J8BUW/BhrgMxb8i4Rlsko9xyqXKUHDC 3lUuDirVySO/yE0Osz1/Kac7H2/s9HCL1mCSK3S2medT4wyqnnoMbH5dm0If/5oV 2OmC9v3HJvCLWW0IbCTER0bPxRh5l28feilSOdq8GYKEPkOYhhCe0/N8ce67QZb4 Z4/szDgwB2NFWg== -----END CERTIFICATE-----Generated at Mon Dec 15 21:57:27 2025 by rpki-client