This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft File: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft (raw, json) Hash identifier: gGVgXBFpmNAUTq8OA1HdtSw7ttKg2yHwlVRKplSarKQ= Subject key identifier: F8:CB:02:7A:25:A2:CB:B3:EF:A4:F3:81:86:51:3D:10:0B:7B:A7:44 Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 Certificate issuer: /CN=ca434d399d93a19d8a8108456c5575096c2ae588 Certificate serial: 019B35698E82B2B5DB2979DDEEA20CA8889C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft Manifest number: 07A5 Signing time: Fri 19 Dec 2025 07:01:08 +0000 Manifest this update: Fri 19 Dec 2025 07:01:08 +0000 Manifest next update: Sat 20 Dec 2025 07:01:08 +0000 Files and hashes: 1: 6KeHOxxWviP0lluNL5sOXVdQY7c.roa (hash: kUeVBsIsjzs7OuA1c4/VFEC1ddAvMO/ONIYaR+/BuFA=) 2: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl (hash: Tfqn9+2OJag/RMHSYuk7tE1VQfjS7ix2MKW4R6sz9W8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:8e:82:b2:b5:db:29:79:dd:ee:a2:0c:a8:88:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588 Validity Not Before: Dec 19 07:01:08 2025 GMT Not After : Dec 20 07:01:08 2025 GMT Subject: CN=f8cb027a25a2cbb3efa4f38186513d100b7ba744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:95:db:9d:52:d5:ab:92:a4:03:6a:11:d3:54: 5b:56:7a:63:c3:a3:d3:ed:6e:24:f9:fc:00:81:b5: 53:31:ba:fd:eb:35:d0:dd:2e:18:5c:f9:45:9e:4d: 9b:cc:46:23:38:77:2a:c6:02:83:bc:fb:96:df:1c: 54:ce:cd:10:82:41:31:30:ea:dc:51:3e:d9:71:05: a2:27:d8:aa:8e:9b:db:ca:b5:48:76:f2:92:13:22: 71:7b:4c:bc:0c:66:cf:36:f6:63:35:bd:de:26:59: b9:fb:3e:36:3a:2b:14:d6:ee:e2:d7:de:8f:13:8d: 99:c2:9e:7f:c3:80:cd:3d:0b:81:da:b9:86:b9:4b: 81:b3:a0:c5:22:cc:6a:4d:ac:0d:ba:6f:bc:d0:94: 32:9f:07:5b:77:e0:d1:23:fd:41:d8:9d:b1:85:32: 33:81:50:e8:c5:9b:97:05:37:d9:5e:33:a8:6d:64: fe:a1:88:3d:c1:4f:2c:51:24:e2:f1:31:8e:03:30: 3d:98:29:9a:d2:65:2e:70:2c:7a:4b:09:c3:e4:85: 47:45:5c:3e:8a:dd:af:5f:a9:ec:76:79:e3:cd:be: 40:11:7e:d9:89:23:72:28:b5:f0:56:55:e0:c5:ce: af:82:29:e3:06:e6:d8:a5:07:d9:b0:ab:2f:9b:40: 8f:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:CB:02:7A:25:A2:CB:B3:EF:A4:F3:81:86:51:3D:10:0B:7B:A7:44 X509v3 Authority Key Identifier: keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:e4:7a:bf:92:36:69:dd:1f:4a:67:78:0d:a7:5a:7c:b8:0b: 03:5e:1c:3d:06:a7:1a:24:2a:a0:88:39:b3:bb:a5:7b:79:46: bc:b9:c5:b4:c2:be:ef:ca:55:a2:40:9b:2f:40:64:f5:0f:7a: 11:cc:20:c6:55:6d:14:c8:55:6d:7d:43:6c:ac:66:9b:62:5a: fd:83:df:df:d0:27:57:d7:15:94:b2:95:78:04:5b:19:53:56: 2b:32:e1:6f:9f:c5:ba:02:4d:e1:9a:62:08:c8:b7:bc:1e:8c: e9:5d:d6:fd:ec:73:bd:44:16:c5:d6:3f:5d:77:89:67:40:40: 95:ca:46:93:5b:c8:d0:6a:15:a5:b5:ca:60:9b:e2:3a:81:c7: d8:06:ee:5d:0c:68:74:d4:6d:6d:51:5e:dc:f9:a2:20:f2:cd: 0f:2e:70:5d:9d:cc:cc:52:62:60:34:5e:dd:f2:2a:e2:90:24: 92:58:cb:53:fd:7e:61:bc:f1:fb:6b:ee:14:00:f4:ca:86:d4: 91:d4:ba:77:d7:84:5c:24:a7:77:b7:e1:fa:42:5a:a7:dc:56: 9b:90:55:42:8e:b1:0e:74:2b:a9:7b:85:1f:fe:7f:b5:0e:38: 2e:16:82:05:2f:a8:9a:8b:9f:aa:af:16:38:91:12:51:3a:4e: 2d:3a:46:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aY6CsrXbKXnd7qIMqIicMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy YWU1ODgwHhcNMjUxMjE5MDcwMTA4WhcNMjUxMjIwMDcwMTA4WjAzMTEwLwYDVQQD EyhmOGNiMDI3YTI1YTJjYmIzZWZhNGYzODE4NjUxM2QxMDBiN2JhNzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJXbnVLVq5KkA2oR01RbVnpjw6PT 7W4k+fwAgbVTMbr96zXQ3S4YXPlFnk2bzEYjOHcqxgKDvPuW3xxUzs0QgkExMOrc UT7ZcQWiJ9iqjpvbyrVIdvKSEyJxe0y8DGbPNvZjNb3eJlm5+z42OisU1u7i196P E42Zwp5/w4DNPQuB2rmGuUuBs6DFIsxqTawNum+80JQynwdbd+DRI/1B2J2xhTIz gVDoxZuXBTfZXjOobWT+oYg9wU8sUSTi8TGOAzA9mCma0mUucCx6SwnD5IVHRVw+ it2vX6nsdnnjzb5AEX7ZiSNyKLXwVlXgxc6vginjBubYpQfZsKsvm0CPHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPjLAnolosuz76TzgYZRPRALe6dEMB8GA1UdIwQY MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt ZGIyMzY4MjcxOTEzLzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACOR6v5I2 ad0fSmd4DadafLgLA14cPQanGiQqoIg5s7ule3lGvLnFtMK+78pVokCbL0Bk9Q96 EcwgxlVtFMhVbX1DbKxmm2Ja/YPf39AnV9cVlLKVeARbGVNWKzLhb5/FugJN4Zpi CMi3vB6M6V3W/exzvUQWxdY/XXeJZ0BAlcpGk1vI0GoVpbXKYJviOoHH2AbuXQxo dNRtbVFe3PmiIPLNDy5wXZ3MzFJiYDRe3fIq4pAkkljLU/1+Ybzx+2vuFAD0yobU kdS6d9eEXCSnd7fh+kJap9xWm5BVQo6xDnQrqXuFH/5/tQ44LhaCBS+omoufqq8W OJESUTpOLTpGkw== -----END CERTIFICATE-----Generated at Fri Dec 19 12:07:11 2025 by rpki-client