This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft File: YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft (raw, json) Hash identifier: TvcbTku1fwOjRsw5NNmBkDjdjwbELl6k5Mn3Zg4ITAA= Subject key identifier: 94:E9:40:6A:43:FE:E1:DD:89:B4:F6:AF:4B:7B:D1:D4:FA:01:1C:AB Authority key identifier: 61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31 Certificate issuer: /CN=61041121ccc6e65d933961fd572d59e261f21a31 Certificate serial: 019B0E933648F0540A0BA650C5B57FA031AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft Manifest number: 1771 Signing time: Thu 11 Dec 2025 18:01:27 +0000 Manifest this update: Thu 11 Dec 2025 18:01:27 +0000 Manifest next update: Fri 12 Dec 2025 18:01:27 +0000 Files and hashes: 1: EwMUoWYW4dc0tRkkx15ciptmQak.roa (hash: IxyoruIJ2PWmvP6nW1K1qsmgYgo96Vwp6Gm5YCkQlWE=) 2: YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl (hash: 0AUMNfWspinRTKjKjOxma5l30gCogZpE3htycen3ky8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 18:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:93:36:48:f0:54:0a:0b:a6:50:c5:b5:7f:a0:31:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61041121ccc6e65d933961fd572d59e261f21a31 Validity Not Before: Dec 11 18:01:27 2025 GMT Not After : Dec 12 18:01:27 2025 GMT Subject: CN=94e9406a43fee1dd89b4f6af4b7bd1d4fa011cab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fa:94:49:65:48:0c:61:97:2e:95:29:6f:aa: a4:93:e1:47:f3:b6:86:d5:93:f7:7c:76:06:e3:28: e9:3f:ad:f0:55:a2:ac:d6:08:2b:f0:b4:d6:b9:1c: b9:46:62:f6:eb:0d:c0:d2:c2:69:9f:10:a6:c8:89: 91:19:d5:1f:50:dd:f2:68:55:01:fd:a7:6f:f0:de: 99:66:34:b2:c7:e1:ab:04:45:4c:f3:cd:23:ee:79: 45:18:ce:19:88:9b:a1:f4:33:12:73:13:44:15:af: fe:6f:a7:05:e7:dc:16:4d:69:bd:f1:e6:66:85:0d: 0f:fa:7e:87:62:28:46:b9:73:90:55:b5:45:29:8e: ef:e1:6f:ff:c5:f0:61:5c:43:b7:83:39:98:a0:86: 97:ff:f5:a9:a5:bc:27:99:d2:fa:64:44:c6:32:76: 1b:e0:05:c5:36:6e:48:d2:ae:44:54:e7:4a:a9:e8: 3b:19:99:eb:19:8f:53:d8:50:80:29:a3:20:43:e8: 1a:91:9d:81:25:b3:c0:09:1a:ac:3f:41:40:a1:7a: 19:bb:80:d2:72:d3:39:26:c3:e1:cd:93:fa:7c:a4: c3:58:43:5c:49:ae:ff:00:9f:d6:f8:50:9a:44:ce: 82:b2:e6:9c:86:91:95:6e:7b:7c:57:ea:35:8a:81: 16:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:E9:40:6A:43:FE:E1:DD:89:B4:F6:AF:4B:7B:D1:D4:FA:01:1C:AB X509v3 Authority Key Identifier: keyid:61:04:11:21:CC:C6:E6:5D:93:39:61:FD:57:2D:59:E2:61:F2:1A:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/383be6-7c31-4dca-b3c1-dba6d7594c19/1/YQQRIczG5l2TOWH9Vy1Z4mHyGjE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:58:35:ec:58:dd:89:7e:d4:8b:a0:ba:3f:b8:3f:0e:18:49: 19:d3:6b:a2:fc:4a:46:4c:72:b8:17:b4:df:74:29:d1:34:fe: 2d:c0:c1:b3:35:ca:c0:40:2d:f7:96:be:40:55:b1:29:57:d2: 0e:e9:e6:ba:5d:cc:47:3f:a8:b4:b1:ac:96:e1:8d:09:25:9e: 2d:f4:24:10:43:f3:4e:26:78:57:ce:50:87:41:36:23:e2:ad: 60:72:b5:4e:8a:46:45:2b:b6:1d:c9:16:b6:be:2a:22:c7:e7: 25:35:c1:0e:c8:fd:47:8a:e5:f1:0e:1d:ab:83:c9:7f:f5:35: 9e:82:66:e6:cc:82:f2:8a:3f:5e:26:e8:ed:bf:3a:3b:6b:26: 18:0b:57:19:e6:66:3c:8a:d7:9f:26:e7:8c:47:2c:c7:d9:9f: 1e:1d:22:44:3a:0e:05:12:ce:2c:ee:ce:69:25:4a:c2:2c:77: 67:22:89:41:24:67:f7:f2:11:c0:3a:71:1b:38:19:92:7e:17: 1a:c8:2a:50:6f:73:78:63:68:b8:14:bb:b0:3e:a8:69:43:5c: 52:f9:ac:38:b3:94:21:a5:f8:2f:92:88:85:05:15:57:fa:76: 75:a0:09:22:b3:f2:2f:03:a5:b6:44:0a:6a:65:24:26:46:f7: 99:28:9c:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOkzZI8FQKC6ZQxbV/oDGuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxMDQxMTIxY2NjNmU2NWQ5MzM5NjFmZDU3MmQ1OWUyNjFm MjFhMzEwHhcNMjUxMjExMTgwMTI3WhcNMjUxMjEyMTgwMTI3WjAzMTEwLwYDVQQD Eyg5NGU5NDA2YTQzZmVlMWRkODliNGY2YWY0YjdiZDFkNGZhMDExY2FiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvqUSWVIDGGXLpUpb6qkk+FH87aG 1ZP3fHYG4yjpP63wVaKs1ggr8LTWuRy5RmL26w3A0sJpnxCmyImRGdUfUN3yaFUB /adv8N6ZZjSyx+GrBEVM880j7nlFGM4ZiJuh9DMScxNEFa/+b6cF59wWTWm98eZm hQ0P+n6HYihGuXOQVbVFKY7v4W//xfBhXEO3gzmYoIaX//WppbwnmdL6ZETGMnYb 4AXFNm5I0q5EVOdKqeg7GZnrGY9T2FCAKaMgQ+gakZ2BJbPACRqsP0FAoXoZu4DS ctM5JsPhzZP6fKTDWENcSa7/AJ/W+FCaRM6CsuachpGVbnt8V+o1ioEW+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJTpQGpD/uHdibT2r0t70dT6ARyrMB8GA1UdIwQY MBaAFGEEESHMxuZdkzlh/VctWeJh8hoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEt ZGJhNmQ3NTk0YzE5LzEvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zODNiZTYtN2MzMS00ZGNhLWIzYzEtZGJhNmQ3NTk0YzE5 LzEvWVFRUkljekc1bDJUT1dIOVZ5MVo0bUh5R2pFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADFg17Fjd iX7Ui6C6P7g/DhhJGdNrovxKRkxyuBe033Qp0TT+LcDBszXKwEAt95a+QFWxKVfS Dunmul3MRz+otLGsluGNCSWeLfQkEEPzTiZ4V85Qh0E2I+KtYHK1TopGRSu2HckW tr4qIsfnJTXBDsj9R4rl8Q4dq4PJf/U1noJm5syC8oo/Xibo7b86O2smGAtXGeZm PIrXnybnjEcsx9mfHh0iRDoOBRLOLO7OaSVKwix3ZyKJQSRn9/IRwDpxGzgZkn4X GsgqUG9zeGNouBS7sD6oaUNcUvmsOLOUIaX4L5KIhQUVV/p2daAJIrPyLwOltkQK amUkJkb3mSicvg== -----END CERTIFICATE-----Generated at Fri Dec 12 01:16:04 2025 by rpki-client