This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft File: YMZLBPqPX-5oZvXHn499zqUBJRU.mft (raw, json) Hash identifier: QXNcPa0yYMgLAp4uw3xzKR7Ry5AbDSYm7kUFduDSKa8= Subject key identifier: 65:61:44:2B:2F:39:12:E3:E8:D5:F0:10:F8:F8:8E:CB:1B:DE:95:7A Authority key identifier: 60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15 Certificate issuer: /CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515 Certificate serial: 019B3B6BB12F9A6E92DA63883451DD2CD385 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft Manifest number: 1377 Signing time: Sat 20 Dec 2025 11:01:12 +0000 Manifest this update: Sat 20 Dec 2025 11:01:12 +0000 Manifest next update: Sun 21 Dec 2025 11:01:12 +0000 Files and hashes: 1: Q9vdhvNHwOEEPnjfpoIoeq4pq_E.roa (hash: AjW64DrutKx53AvwTAQKpO/FJMGHUcE1ZDsQqqfuNRE=) 2: YMZLBPqPX-5oZvXHn499zqUBJRU.crl (hash: uLXbZjqPbAcBZI+aRH/+iFvj2kw/rHmuu/htfZbKNOk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:b1:2f:9a:6e:92:da:63:88:34:51:dd:2c:d3:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515 Validity Not Before: Dec 20 11:01:12 2025 GMT Not After : Dec 21 11:01:12 2025 GMT Subject: CN=6561442b2f3912e3e8d5f010f8f88ecb1bde957a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:db:bc:7c:76:7c:f4:84:b6:0f:b7:46:52:82: 1a:6c:0a:d8:65:51:6d:d4:8d:64:e8:95:9a:dc:da: e6:48:93:17:10:0c:6f:9b:90:fd:71:78:20:1e:25: 9e:5b:60:1d:73:94:2d:ed:fd:b5:3d:38:8f:58:8c: 27:20:96:66:78:6c:69:2c:0a:dc:78:05:b6:83:dc: bf:ef:ff:f5:c9:9b:b5:5c:fc:78:12:df:85:83:b9: 44:83:0f:8d:6e:07:a1:8b:c2:81:ff:04:32:43:bd: a9:76:e4:bb:9f:8d:ca:e2:9a:4e:15:e1:e5:49:1b: 6e:17:e4:21:8f:7c:1b:d1:0b:b4:b2:1f:e0:7b:d7: db:bb:07:c5:78:65:fc:9d:2c:99:e7:44:5c:51:ed: d2:52:e6:13:52:11:bd:56:45:f9:3e:5a:5e:d7:79: 85:de:94:23:bb:d5:91:65:53:a5:44:0f:2c:96:f8: d8:ae:8a:1b:82:3c:5a:a1:b3:d0:20:1d:64:d4:3f: dd:39:0a:5d:40:b2:4c:0c:70:f9:66:7d:3a:7d:9e: aa:d1:9c:05:99:a2:4f:54:1d:bd:5d:80:aa:6b:11: 91:ca:df:01:1f:17:15:c1:b1:83:e1:c4:f6:8c:90: b1:5a:f9:0a:a7:e7:3d:3d:a6:50:43:ff:1e:a5:65: 13:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:61:44:2B:2F:39:12:E3:E8:D5:F0:10:F8:F8:8E:CB:1B:DE:95:7A X509v3 Authority Key Identifier: keyid:60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:56:8f:ca:c2:dc:2d:fa:0d:fe:49:71:b7:90:4e:58:01:5b: cf:15:ae:53:5c:7a:d1:4d:9f:f1:71:a0:26:b7:1c:51:de:1f: 6e:27:e9:04:c8:67:26:0d:d0:59:aa:49:78:61:7f:9e:24:58: 7e:e8:88:81:18:b4:ce:66:13:0e:12:af:d9:1b:ee:46:c5:9a: 34:f6:4d:f7:e3:74:7f:a4:44:d4:bf:0c:13:02:aa:5b:6b:6e: 67:5d:2d:48:a8:fa:ce:52:8f:47:f8:93:30:00:ad:d6:6f:4a: ae:69:56:1f:fd:cd:fc:9a:8d:69:b4:90:ac:16:df:44:c3:02: da:a8:89:15:e8:16:b2:bb:0c:af:01:80:d1:28:17:05:25:d2: 57:89:b4:7e:a8:9f:5c:cf:55:b5:d8:2e:54:7a:f7:53:92:4c: a0:44:fe:94:fa:e6:36:39:ac:3e:f9:a7:5d:00:75:ec:6d:75: 29:c4:56:37:dd:9e:0e:bd:3f:c2:50:14:03:c5:13:d6:3c:63: 2a:56:a9:9b:84:54:d8:d1:ab:5c:30:d0:21:9b:af:14:94:68: 38:99:99:1a:08:64:cf:cb:16:33:be:55:b3:bf:1f:b9:b6:8f: 6e:5c:eb:5d:c3:f1:32:51:c6:d4:3f:3e:d5:cc:60:33:1c:8c: 01:2e:34:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a7Evmm6S2mOINFHdLNOFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYzY0YjA0ZmE4ZjVmZWU2ODY2ZjVjNzlmOGY3ZGNlYTUw MTI1MTUwHhcNMjUxMjIwMTEwMTEyWhcNMjUxMjIxMTEwMTEyWjAzMTEwLwYDVQQD Eyg2NTYxNDQyYjJmMzkxMmUzZThkNWYwMTBmOGY4OGVjYjFiZGU5NTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutu8fHZ89IS2D7dGUoIabArYZVFt 1I1k6JWa3NrmSJMXEAxvm5D9cXggHiWeW2Adc5Qt7f21PTiPWIwnIJZmeGxpLArc eAW2g9y/7//1yZu1XPx4Et+Fg7lEgw+Nbgehi8KB/wQyQ72pduS7n43K4ppOFeHl SRtuF+Qhj3wb0Qu0sh/ge9fbuwfFeGX8nSyZ50RcUe3SUuYTUhG9VkX5Plpe13mF 3pQju9WRZVOlRA8slvjYroobgjxaobPQIB1k1D/dOQpdQLJMDHD5Zn06fZ6q0ZwF maJPVB29XYCqaxGRyt8BHxcVwbGD4cT2jJCxWvkKp+c9PaZQQ/8epWUTiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGVhRCsvORLj6NXwEPj4jssb3pV6MB8GA1UdIwQY MBaAFGDGSwT6j1/uaGb1x5+Pfc6lASUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYt NjAxYTU4ZjYzMzkzLzEvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYtNjAxYTU4ZjYzMzkz LzEvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlFaPysLc LfoN/klxt5BOWAFbzxWuU1x60U2f8XGgJrccUd4fbifpBMhnJg3QWapJeGF/niRY fuiIgRi0zmYTDhKv2RvuRsWaNPZN9+N0f6RE1L8MEwKqW2tuZ10tSKj6zlKPR/iT MACt1m9KrmlWH/3N/JqNabSQrBbfRMMC2qiJFegWsrsMrwGA0SgXBSXSV4m0fqif XM9VtdguVHr3U5JMoET+lPrmNjmsPvmnXQB17G11KcRWN92eDr0/wlAUA8UT1jxj Klapm4RU2NGrXDDQIZuvFJRoOJmZGghkz8sWM75Vs78fubaPblzrXcPxMlHG1D8+ 1cxgMxyMAS40Rw== -----END CERTIFICATE-----Generated at Sat Dec 20 12:27:06 2025 by rpki-client