This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft File: YcaCaHQ-gj4OHIcAYMChQiPxUes.mft (raw, json) Hash identifier: aAg9OgfFyX1Wiq9P22KYR30w4eVCOBL87Cm59m/cRkM= Subject key identifier: AC:13:D5:5F:AE:DA:C4:AC:7B:9B:C4:2C:3E:9D:B1:4D:1B:5C:01:3F Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb Certificate serial: 019B34C5F92153B7FE19E7FC0D51C3940DB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft Manifest number: 1783 Signing time: Fri 19 Dec 2025 04:02:28 +0000 Manifest this update: Fri 19 Dec 2025 04:02:28 +0000 Manifest next update: Sat 20 Dec 2025 04:02:28 +0000 Files and hashes: 1: KXik7lH7rXobKNDojQJvsYz5RkY.roa (hash: OmHOyyMTUBadMMSlHfFTN/cjiEKBhDbZve1q3aoF8Wg=) 2: YcaCaHQ-gj4OHIcAYMChQiPxUes.crl (hash: M26FigqgP5m6MhTl/rE7KgmTbu6XM5aBS+85pVVkCV4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:02:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:f9:21:53:b7:fe:19:e7:fc:0d:51:c3:94:0d:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb Validity Not Before: Dec 19 04:02:28 2025 GMT Not After : Dec 20 04:02:28 2025 GMT Subject: CN=ac13d55faedac4ac7b9bc42c3e9db14d1b5c013f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9d:c0:d9:25:e5:17:cc:31:76:42:8c:b2:aa: 82:b4:26:93:dd:e7:40:64:41:3d:6c:2e:86:59:cb: bc:64:c1:87:c4:a5:dc:e6:14:70:14:41:46:a3:ae: 0f:f7:dd:87:5b:31:f7:86:5a:d9:46:52:c1:3e:bc: 38:8c:4b:26:9b:e8:8a:eb:7a:5a:de:1c:cc:4c:1a: 84:39:20:a8:5e:dc:b1:24:c5:83:7f:27:15:d6:b5: e6:74:c5:e8:71:88:ba:f3:1f:56:54:08:54:05:3b: be:9e:d5:8a:44:e4:a3:ac:4c:58:0c:51:45:f0:b6: 4c:2a:bc:aa:17:e6:b8:65:e1:5b:f7:04:cb:c6:04: 31:f1:ca:e7:ad:db:18:fa:79:62:5c:1b:9f:cd:30: 40:be:c9:bb:04:dd:b4:17:5e:40:e1:a5:9f:84:d2: b8:af:66:06:06:7c:00:44:c4:9d:4c:ff:9d:e0:65: e7:23:41:09:a5:fb:82:19:15:2b:93:be:72:4d:3e: 20:0c:53:19:95:e4:2d:48:c8:f0:5a:79:8b:02:7a: 8c:ac:1e:fd:a8:1e:4f:bc:1c:4f:2f:f9:b6:31:5b: f1:29:79:3b:c8:75:87:95:18:36:13:62:4c:67:d7: dd:e1:f9:c7:50:d0:f4:66:11:7f:42:13:4e:7f:16: 79:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:13:D5:5F:AE:DA:C4:AC:7B:9B:C4:2C:3E:9D:B1:4D:1B:5C:01:3F X509v3 Authority Key Identifier: keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:e0:63:04:be:6b:84:b8:6d:f0:55:be:81:3c:2f:43:05:d6: a7:1a:0d:fd:42:47:76:ab:b2:1d:e2:5c:df:93:c4:bb:2e:b1: fe:f6:de:d8:3e:20:28:4a:0d:68:d4:91:30:6b:ab:70:f4:63: 29:96:c8:49:a7:32:99:70:3b:b6:6d:48:bc:91:53:81:36:2e: f3:21:ef:14:f8:92:28:ca:1a:5a:2d:06:1d:47:75:32:20:e2: 1e:a0:bf:ea:38:f5:08:39:3f:e1:af:38:40:b6:fa:37:e6:f4: 57:43:24:8e:1e:a1:ce:81:ee:4f:ad:69:30:88:fb:a8:8e:6b: 39:b9:20:c1:8c:cb:82:14:1d:94:c0:a7:56:ce:1c:ac:9c:97: b9:db:86:c2:d1:25:d2:fe:50:c0:93:21:2e:e8:be:80:98:e3: 92:01:71:1a:f7:85:26:99:44:bc:6e:73:85:f5:db:9b:19:0a: ca:e0:a9:33:7d:5c:3b:11:cd:c0:71:d7:4d:99:52:c0:37:6c: 61:a0:7b:55:e9:fc:16:49:c1:91:b3:e7:ea:05:21:07:d5:85: be:e7:de:00:d6:49:62:fb:c0:29:9c:37:d9:f0:f5:7b:9d:e3: 77:4e:07:8d:88:38:2b:ed:80:67:e3:f6:b7:22:69:9d:47:a8: 97:00:f3:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xfkhU7f+Gef8DVHDlA23MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm MTUxZWIwHhcNMjUxMjE5MDQwMjI4WhcNMjUxMjIwMDQwMjI4WjAzMTEwLwYDVQQD EyhhYzEzZDU1ZmFlZGFjNGFjN2I5YmM0MmMzZTlkYjE0ZDFiNWMwMTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq53A2SXlF8wxdkKMsqqCtCaT3edA ZEE9bC6GWcu8ZMGHxKXc5hRwFEFGo64P992HWzH3hlrZRlLBPrw4jEsmm+iK63pa 3hzMTBqEOSCoXtyxJMWDfycV1rXmdMXocYi68x9WVAhUBTu+ntWKROSjrExYDFFF 8LZMKryqF+a4ZeFb9wTLxgQx8crnrdsY+nliXBufzTBAvsm7BN20F15A4aWfhNK4 r2YGBnwARMSdTP+d4GXnI0EJpfuCGRUrk75yTT4gDFMZleQtSMjwWnmLAnqMrB79 qB5PvBxPL/m2MVvxKXk7yHWHlRg2E2JMZ9fd4fnHUND0ZhF/QhNOfxZ57wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwT1V+u2sSse5vELD6dsU0bXAE/MB8GA1UdIwQY MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt NmQwNWMwZDBkYTZmLzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+BjBL5r hLht8FW+gTwvQwXWpxoN/UJHdquyHeJc35PEuy6x/vbe2D4gKEoNaNSRMGurcPRj KZbISacymXA7tm1IvJFTgTYu8yHvFPiSKMoaWi0GHUd1MiDiHqC/6jj1CDk/4a84 QLb6N+b0V0Mkjh6hzoHuT61pMIj7qI5rObkgwYzLghQdlMCnVs4crJyXuduGwtEl 0v5QwJMhLui+gJjjkgFxGveFJplEvG5zhfXbmxkKyuCpM31cOxHNwHHXTZlSwDds YaB7Ven8FknBkbPn6gUhB9WFvufeANZJYvvAKZw32fD1e53jd04HjYg4K+2AZ+P2 tyJpnUeolwDzyA== -----END CERTIFICATE-----Generated at Fri Dec 19 10:39:16 2025 by rpki-client