This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft File: yigmXgq4MyeqVJI0yrsT64_2ZDc.mft (raw, json) Hash identifier: hGO8/4wUtD/8RjyjTDG0OFG6iYmzqZkGPw4ILbQJirs= Subject key identifier: 51:FE:E3:53:86:88:3D:81:1B:F3:DE:DC:96:9E:54:D4:F4:60:B5:C5 Authority key identifier: CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37 Certificate issuer: /CN=ca28265e0ab83327aa549234cabb13eb8ff66437 Certificate serial: 019B52981888C9C05FA4DE710640661E1660 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft Manifest number: 10F4 Signing time: Wed 24 Dec 2025 23:00:58 +0000 Manifest this update: Wed 24 Dec 2025 23:00:58 +0000 Manifest next update: Thu 25 Dec 2025 23:00:58 +0000 Files and hashes: 1: yigmXgq4MyeqVJI0yrsT64_2ZDc.crl (hash: wQ6pH5ILtGpBmfysvSA1E7LnA/ub3QnAhUMKWLd3fG8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 23:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:98:18:88:c9:c0:5f:a4:de:71:06:40:66:1e:16:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca28265e0ab83327aa549234cabb13eb8ff66437 Validity Not Before: Dec 24 23:00:58 2025 GMT Not After : Dec 25 23:00:58 2025 GMT Subject: CN=51fee35386883d811bf3dedc969e54d4f460b5c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a5:a1:0c:c3:7b:46:07:bb:5c:f8:46:f8:fa: a3:17:b2:08:6a:63:79:ae:10:eb:c1:af:fe:2a:ab: fa:8c:42:d6:a9:b1:f9:ce:6e:bb:37:f7:bc:61:a0: 3c:6f:54:c8:70:ed:03:96:71:04:43:18:51:99:f5: 84:5c:00:f7:1d:48:1a:ed:12:fe:74:70:9b:c7:eb: d1:c4:7a:b7:f3:e8:ad:40:a6:07:bf:37:65:2c:f9: 8f:7d:4c:df:d6:75:2b:45:5e:a5:75:d7:5f:76:dd: e1:8e:8f:b6:c2:1f:02:d2:57:4c:e8:8e:ac:2f:8f: 94:74:61:35:d0:0e:1f:8b:b8:1b:f5:09:39:83:1e: 1a:69:bd:87:c9:67:a7:dc:c3:90:b9:e9:71:53:92: d1:9d:93:db:7c:20:5a:84:71:3b:d3:20:5e:c7:03: 8d:67:55:f2:61:d7:28:f0:7a:63:c4:da:b3:c9:98: bc:1f:c7:de:77:36:8d:c7:78:d4:5c:c5:b1:31:0f: 58:84:7f:ce:a2:f0:23:bf:48:66:3f:77:84:26:b8: 50:a7:4e:b9:85:71:aa:5f:21:08:dd:2f:e6:fb:9d: 66:ec:5a:ea:72:84:d4:7c:6f:82:c1:cc:47:97:dc: d1:d8:d5:f0:21:00:02:11:bb:99:6b:75:44:35:80: 84:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:FE:E3:53:86:88:3D:81:1B:F3:DE:DC:96:9E:54:D4:F4:60:B5:C5 X509v3 Authority Key Identifier: keyid:CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:e6:1e:0f:20:3e:37:0f:b9:ee:5b:c1:20:6e:94:99:0f:e7: a3:81:0f:c2:a1:50:96:37:60:e9:a8:11:47:85:c6:da:1e:63: 81:f7:51:2d:8c:ad:45:23:27:b4:6f:ab:f7:b5:da:6c:72:94: 83:80:bb:84:be:82:c1:25:e1:a3:d1:4e:cc:a0:0c:83:ea:e1: be:ad:fc:52:98:1d:97:4c:64:d8:53:ad:86:a4:18:c0:d0:fe: 84:b7:90:4d:7d:ab:d7:c3:3e:4b:0d:f2:32:41:c5:5d:72:b6: ef:1c:91:df:5f:aa:0e:50:93:b2:a9:af:2b:92:2a:df:f5:23: 7c:de:f1:0e:7c:12:83:c0:a9:4d:34:18:31:d1:64:0f:f5:3a: 6f:3c:72:09:e9:c2:5f:fe:df:31:58:a9:9d:83:64:57:0c:7d: d7:8e:0a:84:68:84:6b:c4:ff:a6:2c:f7:71:43:bc:5d:47:0f: b6:d5:0e:28:09:b2:bb:eb:44:6f:0e:f3:59:37:69:05:6c:2b: 60:35:51:77:da:e4:d4:45:7d:8a:52:c5:e8:36:01:91:dd:d2: 14:8e:14:5c:9e:e4:48:b7:bf:72:40:54:8b:b6:fd:f7:74:8e: d2:50:83:ce:96:65:be:f0:0f:ab:e2:12:c3:cb:58:10:1c:ef: 1a:24:d7:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSmBiIycBfpN5xBkBmHhZgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMjgyNjVlMGFiODMzMjdhYTU0OTIzNGNhYmIxM2ViOGZm NjY0MzcwHhcNMjUxMjI0MjMwMDU4WhcNMjUxMjI1MjMwMDU4WjAzMTEwLwYDVQQD Eyg1MWZlZTM1Mzg2ODgzZDgxMWJmM2RlZGM5NjllNTRkNGY0NjBiNWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaWhDMN7Rge7XPhG+PqjF7IIamN5 rhDrwa/+Kqv6jELWqbH5zm67N/e8YaA8b1TIcO0DlnEEQxhRmfWEXAD3HUga7RL+ dHCbx+vRxHq38+itQKYHvzdlLPmPfUzf1nUrRV6ldddfdt3hjo+2wh8C0ldM6I6s L4+UdGE10A4fi7gb9Qk5gx4aab2HyWen3MOQuelxU5LRnZPbfCBahHE70yBexwON Z1XyYdco8HpjxNqzyZi8H8fedzaNx3jUXMWxMQ9YhH/OovAjv0hmP3eEJrhQp065 hXGqXyEI3S/m+51m7FrqcoTUfG+CwcxHl9zR2NXwIQACEbuZa3VENYCEqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFH+41OGiD2BG/Pe3JaeVNT0YLXFMB8GA1UdIwQY MBaAFMooJl4KuDMnqlSSNMq7E+uP9mQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEt MTJkZmQ1ZTM5NWY5LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEtMTJkZmQ1ZTM5NWY5 LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOYeDyA+ Nw+57lvBIG6UmQ/no4EPwqFQljdg6agRR4XG2h5jgfdRLYytRSMntG+r97XabHKU g4C7hL6CwSXho9FOzKAMg+rhvq38Upgdl0xk2FOthqQYwND+hLeQTX2r18M+Sw3y MkHFXXK27xyR31+qDlCTsqmvK5Iq3/UjfN7xDnwSg8CpTTQYMdFkD/U6bzxyCenC X/7fMVipnYNkVwx9144KhGiEa8T/piz3cUO8XUcPttUOKAmyu+tEbw7zWTdpBWwr YDVRd9rk1EV9ilLF6DYBkd3SFI4UXJ7kSLe/ckBUi7b993SO0lCDzpZlvvAPq+IS w8tYEBzvGiTXCQ== -----END CERTIFICATE-----Generated at Thu Dec 25 09:15:41 2025 by rpki-client