This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft File: yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json) Hash identifier: Dp8zfFk1qgu6WTYXdhXBQRKlYHhelW/vF6gyBDpFTaQ= Subject key identifier: 36:2A:DC:8E:27:F8:A6:BF:68:DF:18:C6:1C:BF:82:71:F2:B7:62:8C Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13 Certificate issuer: /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013 Certificate serial: 019B67D675C92F953FA32D421CA7FE5AD9E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft Manifest number: 0AB6 Signing time: Mon 29 Dec 2025 02:01:06 +0000 Manifest this update: Mon 29 Dec 2025 02:01:06 +0000 Manifest next update: Tue 30 Dec 2025 02:01:06 +0000 Files and hashes: 1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: MrMmyEx0QkSGggOUvK2zUsA0zU+8XhoBzPX4FeXAErg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 02:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:67:d6:75:c9:2f:95:3f:a3:2d:42:1c:a7:fe:5a:d9:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013 Validity Not Before: Dec 29 02:01:06 2025 GMT Not After : Dec 30 02:01:06 2025 GMT Subject: CN=362adc8e27f8a6bf68df18c61cbf8271f2b7628c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:76:05:31:78:cf:7d:56:7b:43:d2:ee:f7:e4: b0:f1:99:01:be:b7:b9:da:6c:a7:fe:da:21:ae:2c: 92:cb:5a:68:b6:71:86:24:69:72:e1:06:18:87:ba: eb:8a:33:53:e2:10:30:2c:1a:6d:c1:79:7a:1f:f0: 47:7a:05:be:ea:20:4a:94:1e:7f:a1:66:51:9f:59: 15:c3:5c:05:86:c1:08:98:60:43:ad:4f:5f:e1:c6: 77:ff:42:d1:0f:e8:36:75:8a:1c:eb:8c:ac:e3:fb: 19:b8:26:a1:a2:12:0b:bb:22:38:36:c3:be:37:ff: 14:01:b8:ae:da:ab:e9:95:ad:91:9f:1a:aa:5a:91: 9e:7a:2b:ca:c5:85:86:17:67:3b:08:bf:5b:fb:cc: 29:d8:5f:92:ae:f8:ab:06:42:35:0e:19:97:95:ec: 58:df:eb:9b:f7:88:14:09:65:87:ff:3f:f9:bd:dc: d8:1a:01:23:8c:4c:0b:39:cc:3d:95:4d:60:7f:0d: 4b:55:91:31:1b:0e:d8:95:25:60:91:1c:81:30:3b: 92:90:68:c8:77:20:75:53:88:8d:6a:c9:53:47:86: 69:4a:09:e5:21:11:63:74:d9:88:51:3e:ef:4b:87: 21:91:fd:c4:8d:3d:5b:a6:4b:c8:20:ec:64:4b:c4: 44:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:2A:DC:8E:27:F8:A6:BF:68:DF:18:C6:1C:BF:82:71:F2:B7:62:8C X509v3 Authority Key Identifier: keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:d1:ed:84:e6:28:8a:91:9f:1b:8a:40:83:72:30:73:2f:bb: b9:0a:b6:51:23:c8:4d:a8:db:2f:38:43:39:e8:f7:3f:3d:77: c0:35:89:3f:54:8c:73:fa:09:23:ba:c7:00:e6:78:6a:27:87: a6:d5:4a:28:90:57:3e:0d:77:85:0f:23:d1:b9:af:76:b4:1c: 54:61:4a:f5:81:5c:cc:51:b6:86:75:5c:aa:4f:9c:3f:4b:6d: f8:1b:94:e7:0b:e4:6d:71:f7:3a:25:ed:7e:c9:a2:7d:78:f8: 5e:af:fd:5d:2b:65:b2:f4:65:e3:19:ab:2a:70:39:ca:e2:df: 32:52:d0:7b:b9:50:1a:08:05:f9:41:35:50:2f:e1:f9:93:ed: da:c2:c7:bb:44:01:20:86:28:ed:42:fe:91:2d:f0:ac:75:93: 1e:12:be:da:02:25:e0:9c:16:ec:a8:d4:97:47:f9:94:59:0b: 11:d6:f2:75:45:3e:a3:65:e0:fa:1f:90:23:bc:bc:72:2c:43: 07:1e:35:eb:1d:fc:fb:a4:58:40:f4:36:d0:93:1f:9a:f8:e5: eb:30:6a:ee:61:7f:66:27:4f:41:3b:2e:6f:89:22:19:e6:5c: 51:87:40:27:9e:41:f5:66:ee:70:37:3d:1b:af:85:2c:34:7f: 1a:db:74:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtn1nXJL5U/oy1CHKf+WtngMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4 ODkwMTMwHhcNMjUxMjI5MDIwMTA2WhcNMjUxMjMwMDIwMTA2WjAzMTEwLwYDVQQD EygzNjJhZGM4ZTI3ZjhhNmJmNjhkZjE4YzYxY2JmODI3MWYyYjc2MjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nYFMXjPfVZ7Q9Lu9+Sw8ZkBvre5 2myn/tohriySy1potnGGJGly4QYYh7rrijNT4hAwLBptwXl6H/BHegW+6iBKlB5/ oWZRn1kVw1wFhsEImGBDrU9f4cZ3/0LRD+g2dYoc64ys4/sZuCahohILuyI4NsO+ N/8UAbiu2qvpla2RnxqqWpGeeivKxYWGF2c7CL9b+8wp2F+SrvirBkI1DhmXlexY 3+ub94gUCWWH/z/5vdzYGgEjjEwLOcw9lU1gfw1LVZExGw7YlSVgkRyBMDuSkGjI dyB1U4iNaslTR4ZpSgnlIRFjdNmIUT7vS4chkf3EjT1bpkvIIOxkS8REjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDYq3I4n+Ka/aN8Yxhy/gnHyt2KMMB8GA1UdIwQY MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAetHthOYo ipGfG4pAg3Iwcy+7uQq2USPITajbLzhDOej3Pz13wDWJP1SMc/oJI7rHAOZ4aieH ptVKKJBXPg13hQ8j0bmvdrQcVGFK9YFczFG2hnVcqk+cP0tt+BuU5wvkbXH3OiXt fsmifXj4Xq/9XStlsvRl4xmrKnA5yuLfMlLQe7lQGggF+UE1UC/h+ZPt2sLHu0QB IIYo7UL+kS3wrHWTHhK+2gIl4JwW7KjUl0f5lFkLEdbydUU+o2Xg+h+QI7y8cixD Bx416x38+6RYQPQ20JMfmvjl6zBq7mF/ZidPQTsub4kiGeZcUYdAJ55B9WbucDc9 G6+FLDR/Gtt0nA== -----END CERTIFICATE-----Generated at Mon Dec 29 10:13:08 2025 by rpki-client