This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.mft File: ymTavZvEZIX2qRY27edT2jjI82Q.mft (raw, json) Hash identifier: orYtBvgJbFPryzKC2H5Ief2g5Vdf1u+nHoZV34Tgg6s= Subject key identifier: 63:AB:9B:3C:9B:CE:51:45:CC:8E:A6:15:E1:4D:9C:1F:41:B4:B0:E8 Authority key identifier: CA:64:DA:BD:9B:C4:64:85:F6:A9:16:36:ED:E7:53:DA:38:C8:F3:64 Certificate issuer: /CN=ca64dabd9bc46485f6a91636ede753da38c8f364 Certificate serial: 019B3DC792A51861FAC197DF13B421F2794B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymTavZvEZIX2qRY27edT2jjI82Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 22:00:47 +0000 Manifest this update: Sat 20 Dec 2025 22:00:47 +0000 Manifest next update: Sun 21 Dec 2025 22:00:47 +0000 Files and hashes: 1: NA5mgzoDK6jbbKh48XeliWtbDYM.roa (hash: 9nIV3wU01lTdftDhSQVjEb+D2h3DXok24aEDQGNAM3o=) 2: ymTavZvEZIX2qRY27edT2jjI82Q.crl (hash: 357DddADH3CkWjHlsU8Z5LxWF/0vHQwZrgJTaUoFHeo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.crl rsync://rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.mft rsync://rpki.ripe.net/repository/DEFAULT/ymTavZvEZIX2qRY27edT2jjI82Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:92:a5:18:61:fa:c1:97:df:13:b4:21:f2:79:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca64dabd9bc46485f6a91636ede753da38c8f364 Validity Not Before: Dec 20 22:00:47 2025 GMT Not After : Dec 21 22:00:47 2025 GMT Subject: CN=63ab9b3c9bce5145cc8ea615e14d9c1f41b4b0e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:48:bd:16:1d:9b:c6:99:59:3b:f4:35:97:48: a4:85:d8:50:cb:44:ff:ee:aa:f2:15:e2:90:1b:0c: d5:37:68:b5:71:98:1e:e6:dc:a2:18:02:c8:5d:b6: 28:ee:18:4f:13:69:53:37:3e:b1:f7:e9:40:c3:bb: 3c:43:1f:95:23:d3:02:09:16:a2:d3:93:52:0d:3c: 63:c2:78:d6:1a:bf:3f:fe:95:b3:44:bf:a4:ee:ff: 50:30:73:2f:3a:4f:7a:be:1e:c6:e9:db:8a:55:b4: 88:a8:e6:7c:92:b3:10:37:df:a0:4d:51:f7:00:0a: 1f:2f:3b:da:10:f9:f8:87:70:7e:89:5f:ae:70:32: 87:a2:df:c4:94:42:88:c9:3a:c4:4f:15:a4:1d:f7: f2:0b:f4:1a:9f:86:0f:48:94:e5:4f:47:be:ff:dc: 54:09:19:99:cb:98:3b:81:1a:8d:52:c2:43:d6:83: 54:b6:03:0e:c6:3f:1c:a5:41:08:e4:d8:4e:96:53: f6:fd:49:53:3b:91:59:04:1c:b8:1a:29:01:8c:42: b9:ab:33:b3:6e:67:83:d5:39:6f:bb:b6:ec:9b:f9: 25:c4:ac:35:7a:75:c8:18:6e:09:67:44:3a:8a:46: 46:27:85:1e:a1:5c:06:3a:24:c1:3c:d7:50:8c:62: 24:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:AB:9B:3C:9B:CE:51:45:CC:8E:A6:15:E1:4D:9C:1F:41:B4:B0:E8 X509v3 Authority Key Identifier: keyid:CA:64:DA:BD:9B:C4:64:85:F6:A9:16:36:ED:E7:53:DA:38:C8:F3:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymTavZvEZIX2qRY27edT2jjI82Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/241882-a437-4ab3-b38e-5028c259b267/1/ymTavZvEZIX2qRY27edT2jjI82Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:dc:c8:44:43:74:bc:c3:1b:3a:09:e6:95:f2:d6:90:29:5e: df:81:b8:90:e0:0b:aa:7e:0d:ce:51:21:6d:62:aa:5b:42:55: 3d:b0:fe:91:ed:a2:f8:89:2b:4e:27:78:b6:fd:0e:2a:e3:20: cf:33:a7:47:4e:43:e2:03:b6:9d:71:fc:25:ce:1e:2e:f9:d6: 24:73:5d:02:88:dd:65:c0:03:29:0f:58:b4:9e:45:95:03:a8: bd:67:ba:1f:a9:54:34:4f:63:22:c9:b0:ca:34:a5:e2:fc:eb: 26:9d:c6:2c:c2:cc:f7:17:4b:f4:3d:09:e8:db:80:fd:04:c2: 28:1e:cf:b6:a3:99:1e:57:6c:e0:0d:e0:c3:a0:a3:76:65:4e: 75:73:98:10:af:2c:35:e4:28:40:d8:53:71:d9:51:de:f6:70: 52:e9:ca:72:76:c8:44:23:90:77:2c:88:03:77:25:19:fb:b4: e3:2a:d8:25:d7:0b:da:00:0f:e3:c3:bd:01:f4:50:d7:2b:29: b6:ee:13:4a:a1:f0:14:d3:34:cb:cb:a5:56:b8:76:9d:f5:a7: ee:c4:f9:82:db:37:b4:46:38:85:3f:a3:5a:27:4d:75:32:16: 52:99:1e:6c:aa:77:eb:22:7c:e2:6f:e0:62:44:07:6c:92:d3: 5c:16:af:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x5KlGGH6wZffE7Qh8nlLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNjRkYWJkOWJjNDY0ODVmNmE5MTYzNmVkZTc1M2RhMzhj OGYzNjQwHhcNMjUxMjIwMjIwMDQ3WhcNMjUxMjIxMjIwMDQ3WjAzMTEwLwYDVQQD Eyg2M2FiOWIzYzliY2U1MTQ1Y2M4ZWE2MTVlMTRkOWMxZjQxYjRiMGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ki9Fh2bxplZO/Q1l0ikhdhQy0T/ 7qryFeKQGwzVN2i1cZge5tyiGALIXbYo7hhPE2lTNz6x9+lAw7s8Qx+VI9MCCRai 05NSDTxjwnjWGr8//pWzRL+k7v9QMHMvOk96vh7G6duKVbSIqOZ8krMQN9+gTVH3 AAofLzvaEPn4h3B+iV+ucDKHot/ElEKIyTrETxWkHffyC/Qan4YPSJTlT0e+/9xU CRmZy5g7gRqNUsJD1oNUtgMOxj8cpUEI5NhOllP2/UlTO5FZBBy4GikBjEK5qzOz bmeD1Tlvu7bsm/klxKw1enXIGG4JZ0Q6ikZGJ4UeoVwGOiTBPNdQjGIkCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGOrmzybzlFFzI6mFeFNnB9BtLDoMB8GA1UdIwQY MBaAFMpk2r2bxGSF9qkWNu3nU9o4yPNkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW1UYXZadkVaSVgycVJZMjdlZFQyampJODJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yNDE4ODItYTQzNy00YWIzLWIzOGUt NTAyOGMyNTliMjY3LzEveW1UYXZadkVaSVgycVJZMjdlZFQyampJODJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC8yNDE4ODItYTQzNy00YWIzLWIzOGUtNTAyOGMyNTliMjY3 LzEveW1UYXZadkVaSVgycVJZMjdlZFQyampJODJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl9zIREN0 vMMbOgnmlfLWkCle34G4kOALqn4NzlEhbWKqW0JVPbD+ke2i+IkrTid4tv0OKuMg zzOnR05D4gO2nXH8Jc4eLvnWJHNdAojdZcADKQ9YtJ5FlQOovWe6H6lUNE9jIsmw yjSl4vzrJp3GLMLM9xdL9D0J6NuA/QTCKB7PtqOZHlds4A3gw6CjdmVOdXOYEK8s NeQoQNhTcdlR3vZwUunKcnbIRCOQdyyIA3clGfu04yrYJdcL2gAP48O9AfRQ1ysp tu4TSqHwFNM0y8ulVrh2nfWn7sT5gts3tEY4hT+jWidNdTIWUpkebKp36yJ84m/g YkQHbJLTXBav2Q== -----END CERTIFICATE-----Generated at Sun Dec 21 05:52:19 2025 by rpki-client