This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft File: YsTHQ9XCr88n8QTrbgMWEWyFx94.mft (raw, json) Hash identifier: 9LWvYIC9viFk0J0MpsqQCEEQBT7gA1vua0jiy6E9sFI= Subject key identifier: 73:4B:74:C2:22:4D:91:EE:6E:9C:BC:82:5C:DE:86:BF:4F:86:9D:32 Authority key identifier: 62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE Certificate issuer: /CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de Certificate serial: 019B4926DFDF9DC371CB9F9618FEBC979239 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft Manifest number: 0D5A Signing time: Tue 23 Dec 2025 03:00:42 +0000 Manifest this update: Tue 23 Dec 2025 03:00:42 +0000 Manifest next update: Wed 24 Dec 2025 03:00:42 +0000 Files and hashes: 1: O5Qp4JElVe0um1Rnuz-9xQyVCpc.roa (hash: 73YKFKe5WyNrwSKLy76+GejDIV4ldqnve1bMw3FlzZM=) 2: YsTHQ9XCr88n8QTrbgMWEWyFx94.crl (hash: a6H8I6NmSx1OGh5T0S4R5LSIL5Caz7b5C4rsFhIqPYk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:26:df:df:9d:c3:71:cb:9f:96:18:fe:bc:97:92:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=62c4c743d5c2afcf27f104eb6e0316116c85c7de Validity Not Before: Dec 23 03:00:42 2025 GMT Not After : Dec 24 03:00:42 2025 GMT Subject: CN=734b74c2224d91ee6e9cbc825cde86bf4f869d32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:40:ec:28:d2:cd:92:e4:07:8c:0f:4d:03:ac: 94:ae:3c:10:98:af:bf:0f:28:0d:a3:e3:28:d4:18: 67:ab:f1:64:28:4c:a8:36:02:94:f0:6f:9f:8c:5c: 8b:63:38:00:3c:7e:04:38:74:05:40:25:d6:0f:26: a1:b2:57:be:f5:8c:12:e6:ef:44:f6:a2:b3:06:a2: 26:92:d9:6c:5c:cc:96:b3:cf:bc:26:e4:de:23:6c: c9:ab:73:56:ff:95:b7:f4:3a:79:98:f7:a8:5b:c7: 2d:f4:19:4b:a6:33:49:2f:4e:8f:49:75:16:71:e9: 3c:1b:dc:5d:24:4f:07:0c:16:19:12:ea:f9:48:5b: 8b:2f:f9:ea:44:3a:38:52:4d:63:f1:97:e5:61:ad: 2f:9a:5a:16:d5:de:f0:ac:5e:67:ba:fe:03:0e:31: ad:41:03:ea:54:72:5d:61:7b:aa:dd:e5:5a:45:51: a4:35:8d:8e:ce:45:45:2a:b2:17:79:ec:9c:cf:ef: 71:43:75:f8:f9:ac:55:d1:fd:25:02:3c:e1:1c:de: ca:d6:91:3e:4b:11:7e:15:30:ff:d2:68:dc:02:8a: 2e:df:16:ac:39:fa:15:72:93:58:3c:a1:2a:3f:33: 72:4d:c0:67:29:20:bb:73:67:ad:04:b4:59:3b:b7: 1a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:4B:74:C2:22:4D:91:EE:6E:9C:BC:82:5C:DE:86:BF:4F:86:9D:32 X509v3 Authority Key Identifier: keyid:62:C4:C7:43:D5:C2:AF:CF:27:F1:04:EB:6E:03:16:11:6C:85:C7:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsTHQ9XCr88n8QTrbgMWEWyFx94.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/728c40-f712-4fef-8945-de352a92f6ba/1/YsTHQ9XCr88n8QTrbgMWEWyFx94.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:3b:3d:fd:d6:e8:5c:d6:fb:88:16:15:66:de:90:b7:14:11: be:fe:87:86:05:11:44:3a:be:7f:af:fe:bc:d5:85:6d:a8:9e: 18:92:cd:e3:24:2c:3e:88:26:d3:fc:88:c4:e7:20:b3:dd:c0: 50:46:16:fb:36:f1:f4:65:65:83:9f:a5:4a:58:e0:18:a6:19: 1d:04:ab:57:ce:4e:2a:0b:43:e0:88:ca:91:4f:a4:cc:23:07: 41:95:48:57:39:84:09:a3:0e:e7:91:93:d6:1f:fe:63:9b:e9: 87:b7:3b:7a:e7:3c:b0:fc:a6:28:51:84:7c:08:8d:29:73:0f: 76:fd:1c:b8:4e:08:35:f6:b1:3c:c5:fc:1c:7d:e7:09:6e:7b: 90:88:62:e5:38:e6:23:44:79:c2:61:a3:94:28:ed:50:bd:1d: 35:67:dc:be:f1:0a:e5:43:a8:33:ab:ae:35:9e:ae:ee:13:08: e9:3c:01:c0:a4:07:2f:76:f8:80:87:79:37:4a:08:02:04:49: 09:80:2b:8f:2f:4a:63:b4:35:f6:48:3e:ac:ef:3f:7b:59:18: fe:ea:60:fe:75:df:9f:f6:62:ff:9c:64:4a:b8:8f:21:d2:37: c8:d4:66:f2:88:d3:c8:62:e6:c6:63:b9:34:a7:f4:dd:05:0e: fd:0f:ef:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJJt/fncNxy5+WGP68l5I5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyYzRjNzQzZDVjMmFmY2YyN2YxMDRlYjZlMDMxNjExNmM4 NWM3ZGUwHhcNMjUxMjIzMDMwMDQyWhcNMjUxMjI0MDMwMDQyWjAzMTEwLwYDVQQD Eyg3MzRiNzRjMjIyNGQ5MWVlNmU5Y2JjODI1Y2RlODZiZjRmODY5ZDMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UDsKNLNkuQHjA9NA6yUrjwQmK+/ DygNo+Mo1Bhnq/FkKEyoNgKU8G+fjFyLYzgAPH4EOHQFQCXWDyahsle+9YwS5u9E 9qKzBqImktlsXMyWs8+8JuTeI2zJq3NW/5W39Dp5mPeoW8ct9BlLpjNJL06PSXUW cek8G9xdJE8HDBYZEur5SFuLL/nqRDo4Uk1j8ZflYa0vmloW1d7wrF5nuv4DDjGt QQPqVHJdYXuq3eVaRVGkNY2OzkVFKrIXeeycz+9xQ3X4+axV0f0lAjzhHN7K1pE+ SxF+FTD/0mjcAoou3xasOfoVcpNYPKEqPzNyTcBnKSC7c2etBLRZO7caawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHNLdMIiTZHubpy8glzehr9Php0yMB8GA1UdIwQY MBaAFGLEx0PVwq/PJ/EE624DFhFshcfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUt ZGUzNTJhOTJmNmJhLzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My83MjhjNDAtZjcxMi00ZmVmLTg5NDUtZGUzNTJhOTJmNmJh LzEvWXNUSFE5WENyODhuOFFUcmJnTVdFV3lGeDk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJzs9/dbo XNb7iBYVZt6QtxQRvv6HhgURRDq+f6/+vNWFbaieGJLN4yQsPogm0/yIxOcgs93A UEYW+zbx9GVlg5+lSljgGKYZHQSrV85OKgtD4IjKkU+kzCMHQZVIVzmECaMO55GT 1h/+Y5vph7c7euc8sPymKFGEfAiNKXMPdv0cuE4INfaxPMX8HH3nCW57kIhi5Tjm I0R5wmGjlCjtUL0dNWfcvvEK5UOoM6uuNZ6u7hMI6TwBwKQHL3b4gId5N0oIAgRJ CYArjy9KY7Q19kg+rO8/e1kY/upg/nXfn/Zi/5xkSriPIdI3yNRm8ojTyGLmxmO5 NKf03QUO/Q/v+w== -----END CERTIFICATE-----Generated at Tue Dec 23 05:54:01 2025 by rpki-client