This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft File: ylmb3Bz8eujML7oV_NgMoRc3hGc.mft (raw, json) Hash identifier: FtvDf/GnMh53KqYZh/5lC2vgNZxfkMz9LwKY9M+IF3Y= Subject key identifier: F5:12:B9:41:F9:53:91:EA:FF:AA:95:D0:A3:B4:23:EF:44:8C:3E:B9 Authority key identifier: CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67 Certificate issuer: /CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467 Certificate serial: 019B11939C86FB3D41EA7C13F6441815B628 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft Manifest number: 0389 Signing time: Fri 12 Dec 2025 08:00:44 +0000 Manifest this update: Fri 12 Dec 2025 08:00:44 +0000 Manifest next update: Sat 13 Dec 2025 08:00:44 +0000 Files and hashes: 1: ylmb3Bz8eujML7oV_NgMoRc3hGc.crl (hash: UQmn96IJRWOyk4j8F6vibG6tJBX2kjMGDdYYP9N9Nzs=) 2: zIZvUw6LEttnk9GqCkFL8S-ncbM.roa (hash: g5dRThI/Wu6nM24igsF8Y2hQEgVjjdxUN3aRLJWGc3E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:93:9c:86:fb:3d:41:ea:7c:13:f6:44:18:15:b6:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca599bdc1cfc7ae8cc2fba15fcd80ca117378467 Validity Not Before: Dec 12 08:00:44 2025 GMT Not After : Dec 13 08:00:44 2025 GMT Subject: CN=f512b941f95391eaffaa95d0a3b423ef448c3eb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ca:2d:35:6a:1f:fd:a2:3f:2f:80:60:b8:bb: 3c:b9:bb:65:3b:2a:54:5c:df:31:d9:81:10:aa:f4: 11:6e:fc:06:b2:6f:43:15:0c:c8:4f:48:d0:f1:76: c6:39:fd:aa:a4:79:c7:6a:7b:9d:3d:d4:74:be:0c: 48:13:97:e0:d1:69:63:fa:27:4d:ce:92:f8:4f:89: 91:f3:9b:d7:cd:ef:d4:dd:22:d1:a9:52:15:d0:4e: 28:d4:16:fe:8b:99:a2:2a:a0:92:4b:de:3e:c4:40: 43:fa:d4:02:3c:46:32:45:e8:d7:2f:84:05:8f:ad: d5:e9:90:17:b1:57:d4:da:7d:23:22:18:fb:b3:19: 46:06:12:7c:b5:1e:4c:3d:76:c0:09:3e:c8:6e:1e: 02:9c:2b:0d:b0:aa:74:99:b1:cb:54:9a:8e:7c:58: f9:46:a3:c9:ca:d0:b7:1f:17:b0:47:e9:fd:5b:32: e8:1b:20:f8:6f:00:b7:e1:f3:33:71:ad:da:fa:ac: a7:6f:4a:b3:05:fc:4d:95:1a:e5:4c:02:38:45:67: 12:5a:80:54:1e:3b:8c:01:e5:18:58:f4:bc:3c:a3: e6:cb:fb:a9:97:a2:a6:39:a8:09:6f:e9:58:36:d4: 96:75:8c:d9:d1:96:47:47:9c:d0:a1:bd:be:ff:f9: 5f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:12:B9:41:F9:53:91:EA:FF:AA:95:D0:A3:B4:23:EF:44:8C:3E:B9 X509v3 Authority Key Identifier: keyid:CA:59:9B:DC:1C:FC:7A:E8:CC:2F:BA:15:FC:D8:0C:A1:17:37:84:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylmb3Bz8eujML7oV_NgMoRc3hGc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1cecb8-97d9-473f-b004-cc912746e47e/1/ylmb3Bz8eujML7oV_NgMoRc3hGc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:ab:f1:1c:8b:41:d9:2b:a7:2e:d6:74:45:e6:cc:6a:dc:3a: e4:2b:a4:ee:0e:3d:73:67:c5:0e:e6:e8:69:2a:77:93:21:3c: d5:10:b4:0d:cc:f4:e7:75:53:e8:30:89:d7:0c:ee:3a:1b:20: 0d:c4:07:fc:d7:df:60:fc:11:01:d9:71:63:e4:95:56:33:80: 5c:5f:62:0d:a4:a6:86:66:be:5c:06:39:9a:66:02:ae:75:44: 98:ed:c2:d2:75:87:cf:37:40:c9:3c:24:e2:27:ed:56:af:f9: 24:34:6c:2b:7f:55:b3:ce:c1:db:c0:11:c9:81:af:39:27:c9: 70:aa:2b:a0:4b:c1:00:5c:6e:b9:ef:07:cc:ec:81:b6:53:0f: 16:05:be:0d:e7:b7:84:63:79:3b:d7:2b:69:d5:16:fe:4c:52: b8:d9:d1:7d:8c:80:44:64:07:82:89:bb:7f:51:c3:de:f3:79: d0:c7:c2:df:31:e3:73:36:4e:b2:0e:7c:6e:c1:e3:cb:ec:a4: a8:dd:21:0f:4f:b3:ae:4f:fa:05:ea:42:04:38:37:b6:ce:c0: 79:83:76:0a:02:e6:e3:0e:86:36:49:db:e2:c8:6f:6d:ea:74: 71:ce:5b:6d:43:63:6b:30:f7:15:13:77:4b:3e:05:35:09:28: 30:f1:bd:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsRk5yG+z1B6nwT9kQYFbYoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNTk5YmRjMWNmYzdhZThjYzJmYmExNWZjZDgwY2ExMTcz Nzg0NjcwHhcNMjUxMjEyMDgwMDQ0WhcNMjUxMjEzMDgwMDQ0WjAzMTEwLwYDVQQD EyhmNTEyYjk0MWY5NTM5MWVhZmZhYTk1ZDBhM2I0MjNlZjQ0OGMzZWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsotNWof/aI/L4BguLs8ubtlOypU XN8x2YEQqvQRbvwGsm9DFQzIT0jQ8XbGOf2qpHnHanudPdR0vgxIE5fg0Wlj+idN zpL4T4mR85vXze/U3SLRqVIV0E4o1Bb+i5miKqCSS94+xEBD+tQCPEYyRejXL4QF j63V6ZAXsVfU2n0jIhj7sxlGBhJ8tR5MPXbACT7Ibh4CnCsNsKp0mbHLVJqOfFj5 RqPJytC3HxewR+n9WzLoGyD4bwC34fMzca3a+qynb0qzBfxNlRrlTAI4RWcSWoBU HjuMAeUYWPS8PKPmy/upl6KmOagJb+lYNtSWdYzZ0ZZHR5zQob2+//lfzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPUSuUH5U5Hq/6qV0KO0I+9EjD65MB8GA1UdIwQY MBaAFMpZm9wc/HrozC+6FfzYDKEXN4RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQt Y2M5MTI3NDZlNDdlLzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi8xY2VjYjgtOTdkOS00NzNmLWIwMDQtY2M5MTI3NDZlNDdl LzEveWxtYjNCejhldWpNTDdvVl9OZ01vUmMzaEdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkavxHItB 2SunLtZ0RebMatw65Cuk7g49c2fFDuboaSp3kyE81RC0Dcz053VT6DCJ1wzuOhsg DcQH/NffYPwRAdlxY+SVVjOAXF9iDaSmhma+XAY5mmYCrnVEmO3C0nWHzzdAyTwk 4iftVq/5JDRsK39Vs87B28ARyYGvOSfJcKoroEvBAFxuue8HzOyBtlMPFgW+Dee3 hGN5O9cradUW/kxSuNnRfYyARGQHgom7f1HD3vN50MfC3zHjczZOsg58bsHjy+yk qN0hD0+zrk/6BepCBDg3ts7AeYN2CgLm4w6GNknb4shvbep0cc5bbUNjazD3FRN3 Sz4FNQkoMPG9oA== -----END CERTIFICATE-----Generated at Fri Dec 12 12:59:24 2025 by rpki-client