This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft File: yPGA3UiWddR5NSX-5s__Rpcv8zw.mft (raw, json) Hash identifier: PFX3/NyWl52AQo/l8e0jRljiVnHxtMpk+X44w34qns4= Subject key identifier: 01:F0:2E:E5:F9:B3:16:CF:05:9A:3D:95:C5:7F:90:52:6D:E6:33:E3 Authority key identifier: C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C Certificate issuer: /CN=c8f180dd489675d4793525fee6cfff46972ff33c Certificate serial: 019B21E334A866F146A86BD8E2CE4B80FF53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft Manifest number: 1777 Signing time: Mon 15 Dec 2025 12:01:36 +0000 Manifest this update: Mon 15 Dec 2025 12:01:36 +0000 Manifest next update: Tue 16 Dec 2025 12:01:36 +0000 Files and hashes: 1: yPGA3UiWddR5NSX-5s__Rpcv8zw.crl (hash: a6cPNztPfO+9QRi13JCjBr9qoWnTA92X7AIb/kTZ+Ag=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 12:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:e3:34:a8:66:f1:46:a8:6b:d8:e2:ce:4b:80:ff:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8f180dd489675d4793525fee6cfff46972ff33c Validity Not Before: Dec 15 12:01:36 2025 GMT Not After : Dec 16 12:01:36 2025 GMT Subject: CN=01f02ee5f9b316cf059a3d95c57f90526de633e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3a:76:0d:85:84:38:e2:6b:f6:1d:7b:dd:f6: 33:e9:13:bf:81:20:3c:45:89:61:bc:62:32:3d:8f: b9:b9:07:62:8f:02:59:4d:85:cd:c6:45:f3:47:92: 5b:6b:9d:5f:7d:fe:cf:b0:ea:49:d0:c5:b2:62:c9: 93:65:d8:63:18:3b:48:c6:fd:94:3d:02:ee:9e:81: b4:67:eb:2c:51:cc:54:5e:70:78:74:ee:4b:ed:12: ed:b0:17:43:83:59:78:87:f4:ed:1a:8f:3a:16:40: 1e:9d:14:74:82:cb:a1:ff:db:9b:a1:10:72:35:7a: c9:4f:b5:7a:bd:2c:35:da:70:8e:55:ce:a0:ed:40: 52:90:ba:f5:5f:cf:5c:bb:c1:b4:b3:35:72:78:6e: f2:d8:78:ea:95:80:ff:c1:12:96:76:42:90:ec:ff: b8:93:f8:b6:2d:e5:7b:63:66:32:a0:d1:84:1f:69: 3f:8c:9a:70:38:d9:bd:44:69:d8:be:4f:97:c0:38: fd:2c:5f:82:46:25:4f:0f:7b:29:58:18:44:28:11: 70:c4:5c:ef:c9:0b:1e:47:34:39:da:da:04:bb:0a: bd:32:6f:2a:0e:7e:79:85:f0:5a:a1:30:40:3d:91: cc:90:54:46:34:e0:8a:8f:28:62:a1:64:61:fa:92: f7:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:F0:2E:E5:F9:B3:16:CF:05:9A:3D:95:C5:7F:90:52:6D:E6:33:E3 X509v3 Authority Key Identifier: keyid:C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:8f:b5:ae:cb:8e:f0:71:3e:a7:5b:a0:87:93:4c:cf:6b:c0: 71:18:55:f0:87:92:02:3f:12:7b:ef:42:96:71:5e:0e:63:43: 67:eb:71:92:ee:e3:d8:d6:0d:76:51:4c:c1:d7:5d:78:63:9b: f8:3b:37:e7:6e:e5:03:03:40:f0:86:3e:71:ec:93:c8:b3:04: 4c:ce:7c:7c:c0:8e:75:7a:a0:ca:65:b3:fd:e2:1d:31:a0:42: a9:70:bd:c4:38:0a:ef:6b:e2:f2:ac:fa:5d:cf:fa:fa:d3:70: b4:0e:82:74:6e:3b:0e:df:a4:9b:0a:81:77:e0:df:ad:31:6a: 0a:7d:b7:a9:f1:4f:50:f0:23:f9:f8:c2:3c:5b:12:e1:68:70: 8c:45:50:c9:d5:c8:5a:a2:f9:aa:8a:7f:c0:9f:94:78:05:c9: cc:61:b0:b5:d4:f7:99:de:88:75:a7:68:f5:bf:a3:ce:ec:f5: ec:ed:55:27:72:3a:29:75:0e:5c:14:61:a8:2a:25:de:7f:50: 08:d5:ae:dd:c3:cc:1c:c3:cc:5d:96:9e:e9:63:a3:2c:32:0c: 75:ec:29:cd:16:5c:ba:da:60:38:70:ca:aa:ad:dc:07:97:46: ab:d3:29:58:21:f8:49:ef:0d:26:d9:6b:09:50:9b:be:4a:26: a9:81:dc:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsh4zSoZvFGqGvY4s5LgP9TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4ZjE4MGRkNDg5Njc1ZDQ3OTM1MjVmZWU2Y2ZmZjQ2OTcy ZmYzM2MwHhcNMjUxMjE1MTIwMTM2WhcNMjUxMjE2MTIwMTM2WjAzMTEwLwYDVQQD EygwMWYwMmVlNWY5YjMxNmNmMDU5YTNkOTVjNTdmOTA1MjZkZTYzM2UzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDp2DYWEOOJr9h173fYz6RO/gSA8 RYlhvGIyPY+5uQdijwJZTYXNxkXzR5Jba51fff7PsOpJ0MWyYsmTZdhjGDtIxv2U PQLunoG0Z+ssUcxUXnB4dO5L7RLtsBdDg1l4h/TtGo86FkAenRR0gsuh/9uboRBy NXrJT7V6vSw12nCOVc6g7UBSkLr1X89cu8G0szVyeG7y2HjqlYD/wRKWdkKQ7P+4 k/i2LeV7Y2YyoNGEH2k/jJpwONm9RGnYvk+XwDj9LF+CRiVPD3spWBhEKBFwxFzv yQseRzQ52toEuwq9Mm8qDn55hfBaoTBAPZHMkFRGNOCKjyhioWRh+pL3XQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAHwLuX5sxbPBZo9lcV/kFJt5jPjMB8GA1UdIwQY MBaAFMjxgN1IlnXUeTUl/ubP/0aXL/M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEt ZGJkNzYwMDQ1ZWI3LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEtZGJkNzYwMDQ1ZWI3 LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAao+1rsuO 8HE+p1ugh5NMz2vAcRhV8IeSAj8Se+9ClnFeDmNDZ+txku7j2NYNdlFMwdddeGOb +Ds3527lAwNA8IY+ceyTyLMETM58fMCOdXqgymWz/eIdMaBCqXC9xDgK72vi8qz6 Xc/6+tNwtA6CdG47Dt+kmwqBd+DfrTFqCn23qfFPUPAj+fjCPFsS4WhwjEVQydXI WqL5qop/wJ+UeAXJzGGwtdT3md6Idado9b+jzuz17O1VJ3I6KXUOXBRhqCol3n9Q CNWu3cPMHMPMXZae6WOjLDIMdewpzRZcutpgOHDKqq3cB5dGq9MpWCH4Se8NJtlr CVCbvkomqYHcng== -----END CERTIFICATE-----Generated at Mon Dec 15 16:48:47 2025 by rpki-client