This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft File: yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json) Hash identifier: fTa9CC5RpMxv/L2x/QF3i5gwvu+Duod5k6lOIX8CmF8= Subject key identifier: B7:FF:B6:54:56:86:9B:53:C8:1B:A8:12:04:C0:23:7A:0F:CD:82:E8 Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D Certificate issuer: /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d Certificate serial: 019B38A2448F43BE398490853F02349F6491 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft Manifest number: 1782 Signing time: Fri 19 Dec 2025 22:01:57 +0000 Manifest this update: Fri 19 Dec 2025 22:01:57 +0000 Manifest next update: Sat 20 Dec 2025 22:01:57 +0000 Files and hashes: 1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: ofcDIYe+9ZcgXqA9JeZTDza9k/UVV0+Qihfn8a6jFMQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:44:8f:43:be:39:84:90:85:3f:02:34:9f:64:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d Validity Not Before: Dec 19 22:01:57 2025 GMT Not After : Dec 20 22:01:57 2025 GMT Subject: CN=b7ffb65456869b53c81ba81204c0237a0fcd82e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3d:10:ed:ed:cc:70:f4:63:73:01:a2:ac:ff: 98:8a:d6:66:8e:1d:ca:1f:72:d1:01:95:a0:0a:b4: 08:40:3b:5a:ff:b3:4a:ef:95:8f:ed:53:2f:ff:f6: f0:6b:92:0e:06:01:89:bb:bb:c3:01:46:d3:dc:a9: d7:cd:6e:cf:40:82:ca:b3:cd:f6:b1:e4:ba:23:e5: 5d:7f:f9:1a:8d:ea:48:ea:81:dc:60:61:29:e4:43: 62:1f:13:1b:dc:33:4c:3e:24:57:de:0b:34:14:e8: 46:5f:cf:0b:48:89:d6:5c:d6:4d:b1:18:2e:9a:f5: f6:39:64:3b:20:03:74:84:65:90:35:4f:bf:7c:2d: 31:94:21:41:fd:10:1a:93:91:5e:9c:01:cc:fe:23: ca:8b:c0:ea:bf:2e:66:ac:72:31:9e:39:1a:ec:2a: 8f:71:50:2a:0c:78:b0:8d:5d:08:a3:99:41:e3:37: 7f:2d:1a:59:85:48:5b:6e:34:78:99:f9:3a:af:34: fa:fd:47:47:66:00:2b:87:18:68:4d:a2:07:1f:20: b8:c8:bb:ae:07:14:f6:75:9e:77:ea:30:f8:59:86: 10:4a:34:0c:3b:19:e3:69:0d:06:f5:fb:b7:e9:4c: b2:fc:ed:2b:eb:c1:4a:7d:0f:0d:b2:65:d3:1a:55: 70:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:FF:B6:54:56:86:9B:53:C8:1B:A8:12:04:C0:23:7A:0F:CD:82:E8 X509v3 Authority Key Identifier: keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:5d:d9:d0:0f:c1:e9:89:43:e6:c0:30:8a:8b:bc:99:ce:46: c5:41:e6:b1:46:01:c6:08:1f:ab:50:5c:66:70:4a:1c:53:71: 43:6f:23:5b:96:27:a5:c8:0f:36:bc:1f:6a:34:63:d7:0d:09: 74:22:b9:0b:a0:89:2b:2a:d3:2c:de:07:8b:04:48:f4:bb:b1: 58:0c:98:ce:78:be:0b:f2:a5:69:fa:77:3e:0d:8a:53:d6:17: cb:ce:0d:6c:8b:65:54:b6:ad:db:19:2a:5f:62:05:31:a5:aa: ba:6a:30:e2:47:ad:25:f5:24:cc:f4:f4:b0:9e:c4:5d:d5:57: ad:6b:1d:1e:15:e1:32:ae:7b:52:de:f2:e4:98:f2:c0:4e:bd: 35:ea:19:ca:91:27:59:b5:0f:c2:bf:f7:17:6b:78:2f:c1:e8: 4d:02:17:9b:f3:0f:f5:58:e9:bd:bc:76:fd:6b:f2:29:10:41: 55:f3:ae:31:8f:ed:e5:20:8a:c5:11:ee:62:1b:15:ce:3f:3f: 5f:18:18:1d:7b:97:0b:7c:78:ec:7a:f9:9b:9c:b3:c3:fb:ac: 91:a5:20:c8:a4:6c:b3:f9:64:0b:16:66:e1:7c:e5:40:11:5c: 7e:32:64:2c:bf:ad:e4:5c:e0:64:42:66:2d:f9:c7:71:06:71: 74:0f:92:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4okSPQ745hJCFPwI0n2SRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0 Y2FmNGQwHhcNMjUxMjE5MjIwMTU3WhcNMjUxMjIwMjIwMTU3WjAzMTEwLwYDVQQD EyhiN2ZmYjY1NDU2ODY5YjUzYzgxYmE4MTIwNGMwMjM3YTBmY2Q4MmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArj0Q7e3McPRjcwGirP+YitZmjh3K H3LRAZWgCrQIQDta/7NK75WP7VMv//bwa5IOBgGJu7vDAUbT3KnXzW7PQILKs832 seS6I+Vdf/kajepI6oHcYGEp5ENiHxMb3DNMPiRX3gs0FOhGX88LSInWXNZNsRgu mvX2OWQ7IAN0hGWQNU+/fC0xlCFB/RAak5FenAHM/iPKi8Dqvy5mrHIxnjka7CqP cVAqDHiwjV0Io5lB4zd/LRpZhUhbbjR4mfk6rzT6/UdHZgArhxhoTaIHHyC4yLuu BxT2dZ536jD4WYYQSjQMOxnjaQ0G9fu36Uyy/O0r68FKfQ8NsmXTGlVwswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLf/tlRWhptTyBuoEgTAI3oPzYLoMB8GA1UdIwQY MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADF3Z0A/B 6YlD5sAwiou8mc5GxUHmsUYBxggfq1BcZnBKHFNxQ28jW5YnpcgPNrwfajRj1w0J dCK5C6CJKyrTLN4HiwRI9LuxWAyYzni+C/Klafp3Pg2KU9YXy84NbItlVLat2xkq X2IFMaWqumow4ketJfUkzPT0sJ7EXdVXrWsdHhXhMq57Ut7y5JjywE69NeoZypEn WbUPwr/3F2t4L8HoTQIXm/MP9Vjpvbx2/WvyKRBBVfOuMY/t5SCKxRHuYhsVzj8/ XxgYHXuXC3x47Hr5m5yzw/uskaUgyKRss/lkCxZm4XzlQBFcfjJkLL+t5FzgZEJm LfnHcQZxdA+SxA== -----END CERTIFICATE-----Generated at Sat Dec 20 02:03:21 2025 by rpki-client