This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft File: RYemiKiamJlJQWqBnMSoDepFTJ0.mft (raw, json) Hash identifier: e8YD2NTxCrexQZvdPqkkGie+/p49hzo1qKoxV4fLEUo= Subject key identifier: 79:72:82:7A:37:B3:1E:49:E9:5E:44:4A:9B:18:59:85:5A:B0:3F:33 Authority key identifier: 45:87:A6:88:A8:9A:98:99:49:41:6A:81:9C:C4:A8:0D:EA:45:4C:9D Certificate issuer: /CN=4587a688a89a989949416a819cc4a80dea454c9d Certificate serial: 019B59E45C29323EEB2D1183FAB948F5D9A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft Manifest number: 0451 Signing time: Fri 26 Dec 2025 09:01:36 +0000 Manifest this update: Fri 26 Dec 2025 09:01:36 +0000 Manifest next update: Sat 27 Dec 2025 09:01:36 +0000 Files and hashes: 1: RYemiKiamJlJQWqBnMSoDepFTJ0.crl (hash: L80pQh6OfxwB34mDu0Ox8M3wgE8T43csY2s1NQ2RmNY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.crl rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:5c:29:32:3e:eb:2d:11:83:fa:b9:48:f5:d9:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4587a688a89a989949416a819cc4a80dea454c9d Validity Not Before: Dec 26 09:01:36 2025 GMT Not After : Dec 27 09:01:36 2025 GMT Subject: CN=7972827a37b31e49e95e444a9b1859855ab03f33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:49:e6:23:e1:d6:99:6f:0e:e3:6d:15:72:cc: 60:87:6c:d3:19:10:30:d7:0e:b2:74:a2:81:a6:c8: 94:47:4a:70:be:2f:eb:b0:d2:6f:b8:14:c0:74:7b: 6c:9f:d7:6c:ad:b6:44:ed:aa:86:36:b2:4d:34:c0: b8:c5:ae:77:6a:25:c8:32:08:c8:ea:12:9c:7c:39: 40:ee:cc:d9:08:8a:94:1c:e3:61:d4:e7:c8:a7:48: 96:04:99:cd:07:9c:61:31:38:db:f2:95:b3:8a:34: 17:81:ef:ff:08:f9:08:3d:aa:e5:f9:ef:f1:88:9c: 63:51:3b:80:04:19:3e:70:df:e2:6d:f6:7e:c4:a4: e9:37:de:6a:73:d1:57:3b:d5:be:0d:50:40:05:73: b8:cb:24:50:91:41:a0:bb:e5:08:3e:d9:c9:44:8c: 59:8b:4d:2b:fb:6c:0d:fe:ed:ae:9f:58:54:b9:8f: 1f:2b:d5:2a:95:a7:49:ea:b3:96:5f:e8:9c:35:d0: 13:5b:53:65:b6:ab:87:33:bc:16:ad:a6:f6:d3:1e: 59:be:6e:39:59:69:44:81:b4:b6:4f:65:51:18:3f: 22:7c:3d:ac:53:68:f4:e9:bf:56:87:04:65:1f:38: 43:d7:dc:4f:f9:88:31:15:5c:40:45:eb:a0:f2:d3: c8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:72:82:7A:37:B3:1E:49:E9:5E:44:4A:9B:18:59:85:5A:B0:3F:33 X509v3 Authority Key Identifier: keyid:45:87:A6:88:A8:9A:98:99:49:41:6A:81:9C:C4:A8:0D:EA:45:4C:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:cf:1b:87:52:8b:8e:ee:ad:96:96:01:7b:e8:a3:8f:a7:fc: c1:42:06:ba:bd:b6:c3:e0:df:29:e8:a4:82:52:98:98:64:72: 40:78:93:fc:99:20:21:ce:c9:b7:02:f6:56:40:ef:59:a1:cc: 30:8f:9c:ea:0f:67:cc:b9:b8:42:fd:a4:2a:bd:cd:c2:4c:0d: f2:ab:d0:c3:1c:e6:54:ab:e1:68:d7:6c:7f:6c:52:10:e6:c1: f2:c5:62:9e:94:47:2e:6a:64:8b:0a:fb:ce:46:a5:76:f0:5b: 5d:03:72:dd:e3:cc:e1:56:49:bc:6b:b7:e9:de:6e:98:a2:e5: 60:2f:37:0d:74:86:a8:a9:c0:07:8f:83:8a:94:b0:01:6e:f6: 6a:26:87:60:1a:8c:a5:05:0a:3c:11:02:4a:12:1a:64:24:c3: 64:13:08:c6:f2:97:2c:91:09:90:6d:ee:3b:4a:11:df:cc:ff: 74:bf:ef:4e:00:74:8d:f9:21:13:dc:9f:99:cc:22:81:f0:68: 40:5a:85:b3:a8:d3:f9:a0:f3:91:40:11:c8:dc:dc:41:3d:6d: 92:0c:f9:74:f8:a8:f6:cd:7a:b0:9f:4d:21:ca:e1:d1:ee:7c: 36:58:a0:29:df:50:84:e0:c4:59:c5:ff:ab:a2:bb:25:c6:56: 72:af:63:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5FwpMj7rLRGD+rlI9dmnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1ODdhNjg4YTg5YTk4OTk0OTQxNmE4MTljYzRhODBkZWE0 NTRjOWQwHhcNMjUxMjI2MDkwMTM2WhcNMjUxMjI3MDkwMTM2WjAzMTEwLwYDVQQD Eyg3OTcyODI3YTM3YjMxZTQ5ZTk1ZTQ0NGE5YjE4NTk4NTVhYjAzZjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApknmI+HWmW8O420Vcsxgh2zTGRAw 1w6ydKKBpsiUR0pwvi/rsNJvuBTAdHtsn9dsrbZE7aqGNrJNNMC4xa53aiXIMgjI 6hKcfDlA7szZCIqUHONh1OfIp0iWBJnNB5xhMTjb8pWzijQXge//CPkIParl+e/x iJxjUTuABBk+cN/ibfZ+xKTpN95qc9FXO9W+DVBABXO4yyRQkUGgu+UIPtnJRIxZ i00r+2wN/u2un1hUuY8fK9UqladJ6rOWX+icNdATW1NltquHM7wWrab20x5Zvm45 WWlEgbS2T2VRGD8ifD2sU2j06b9WhwRlHzhD19xP+YgxFVxAReug8tPIuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHlygno3sx5J6V5ESpsYWYVasD8zMB8GA1UdIwQY MBaAFEWHpoiompiZSUFqgZzEqA3qRUydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82MWQyYjMtNzlkYi00ODk5LThiODAt MmY3MjU5NTYxNDhmLzEvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ni82MWQyYjMtNzlkYi00ODk5LThiODAtMmY3MjU5NTYxNDhm LzEvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfc8bh1KL ju6tlpYBe+ijj6f8wUIGur22w+DfKeikglKYmGRyQHiT/JkgIc7JtwL2VkDvWaHM MI+c6g9nzLm4Qv2kKr3NwkwN8qvQwxzmVKvhaNdsf2xSEObB8sVinpRHLmpkiwr7 zkaldvBbXQNy3ePM4VZJvGu36d5umKLlYC83DXSGqKnAB4+DipSwAW72aiaHYBqM pQUKPBECShIaZCTDZBMIxvKXLJEJkG3uO0oR38z/dL/vTgB0jfkhE9yfmcwigfBo QFqFs6jT+aDzkUARyNzcQT1tkgz5dPio9s16sJ9NIcrh0e58NligKd9QhODEWcX/ q6K7JcZWcq9jZA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:48 2025 by rpki-client