This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft File: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json) Hash identifier: 60AWIZz/CgnpN2g9kf6FCd98jDgMO/T3i04tzsyGwEE= Subject key identifier: FF:A4:89:6F:D2:F3:BE:6E:8F:BC:A8:F9:C4:89:38:D5:82:CB:80:42 Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 Certificate issuer: /CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Certificate serial: 019B31C3DA732C2CC86D47785F1CD2FDFE3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 14:01:17 +0000 Manifest this update: Thu 18 Dec 2025 14:01:17 +0000 Manifest next update: Fri 19 Dec 2025 14:01:17 +0000 Files and hashes: 1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: b5TMF9irzsv2buJ+9Ix5gnOw9DjAxDGfLQ1JBweNjFI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 14:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:da:73:2c:2c:c8:6d:47:78:5f:1c:d2:fd:fe:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530 Validity Not Before: Dec 18 14:01:17 2025 GMT Not After : Dec 19 14:01:17 2025 GMT Subject: CN=ffa4896fd2f3be6e8fbca8f9c48938d582cb8042 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c5:73:fe:60:39:75:06:8a:4b:ad:9c:b3:b9: 95:86:d2:df:12:02:f2:35:4e:45:76:54:25:db:ad: 7d:95:f8:f9:d7:2d:b1:73:1c:f2:de:bc:59:81:bc: a9:ac:5f:9f:cd:12:f8:a5:09:bd:19:7d:12:75:98: 31:3f:8f:f2:97:3b:a3:e4:ba:2b:14:3f:b8:8a:f5: 1e:be:ae:a4:54:97:c7:20:d7:49:6c:2e:85:b3:3e: 48:13:4f:0b:6c:ca:51:2e:7b:a1:9c:93:22:b2:1a: 30:63:bc:43:ca:81:0e:0c:53:58:8a:5c:79:5e:6c: c2:b9:74:55:5a:f7:ca:d4:b2:63:28:e7:01:49:3a: bb:02:ab:e2:50:ac:23:5d:f5:e8:a2:e9:08:93:57: db:22:9e:b8:ac:c8:36:d7:48:d7:68:c7:be:b5:6a: c9:96:4f:52:ba:c9:78:19:33:28:49:b4:6d:a5:ff: 05:00:11:12:de:4d:29:d5:e2:75:58:73:28:e0:6f: 04:e4:cf:c7:b2:74:1d:40:05:3f:a9:e6:2d:75:3f: ea:1f:b0:30:36:5a:52:71:25:b8:da:a8:3b:e3:a1: 31:61:e8:74:63:7a:88:45:c1:ff:92:c7:90:f4:d7: fc:25:40:e1:3b:09:3d:d9:10:de:c9:f0:de:64:ec: 48:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:A4:89:6F:D2:F3:BE:6E:8F:BC:A8:F9:C4:89:38:D5:82:CB:80:42 X509v3 Authority Key Identifier: keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:30:7d:32:14:e2:9b:31:7f:62:7a:d7:61:f6:51:6d:66:ad: 2c:c3:af:4d:42:07:1c:aa:72:89:8f:f9:3d:2f:a9:92:50:6e: 15:ef:c7:ef:ba:7b:ae:d2:ea:b9:e7:df:48:58:2a:91:f3:65: 1f:24:13:6d:a1:10:9a:a0:f7:d9:ec:6f:fa:fb:0a:5c:25:71: 62:4a:0c:6e:e2:93:11:1f:9d:fc:a8:68:06:dc:d0:e1:80:a0: 94:32:a1:30:eb:d0:dc:4c:41:61:11:d0:ac:4f:09:15:29:63: ee:c9:ae:da:3e:3e:b9:70:ab:8d:61:af:4b:98:3c:6d:7a:18: 07:64:c0:6f:40:5f:fe:3d:d8:4b:e5:cb:d1:bf:72:2b:bc:35: 5a:00:fa:5e:7c:8d:ef:55:82:e5:5b:03:0a:4d:12:0a:fc:1f: 95:87:b0:f2:d4:94:6d:ac:fc:6e:12:e9:ff:d6:39:1f:8d:88: 20:b0:ee:ea:85:de:49:4f:d4:a7:16:0f:15:c9:32:dc:11:16: cc:a3:c4:20:c8:93:cd:bf:c7:11:58:14:fe:ad:56:9a:3a:38: f9:fc:c7:f5:23:df:c1:b7:3a:72:2d:f3:22:da:d5:43:0a:50: 7e:2c:0f:d0:6a:fb:98:64:b2:1e:1e:ed:79:43:39:6d:13:f9: 4c:9d:c7:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw9pzLCzIbUd4XxzS/f47MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw YWM1MzAwHhcNMjUxMjE4MTQwMTE3WhcNMjUxMjE5MTQwMTE3WjAzMTEwLwYDVQQD EyhmZmE0ODk2ZmQyZjNiZTZlOGZiY2E4ZjljNDg5MzhkNTgyY2I4MDQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8Vz/mA5dQaKS62cs7mVhtLfEgLy NU5FdlQl2619lfj51y2xcxzy3rxZgbyprF+fzRL4pQm9GX0SdZgxP4/ylzuj5Lor FD+4ivUevq6kVJfHINdJbC6Fsz5IE08LbMpRLnuhnJMishowY7xDyoEODFNYilx5 XmzCuXRVWvfK1LJjKOcBSTq7AqviUKwjXfXooukIk1fbIp64rMg210jXaMe+tWrJ lk9Susl4GTMoSbRtpf8FABES3k0p1eJ1WHMo4G8E5M/HsnQdQAU/qeYtdT/qH7Aw NlpScSW42qg746ExYeh0Y3qIRcH/kseQ9Nf8JUDhOwk92RDeyfDeZOxIBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP+kiW/S875uj7yo+cSJONWCy4BCMB8GA1UdIwQY MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2 LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeTB9MhTi mzF/YnrXYfZRbWatLMOvTUIHHKpyiY/5PS+pklBuFe/H77p7rtLqueffSFgqkfNl HyQTbaEQmqD32exv+vsKXCVxYkoMbuKTER+d/KhoBtzQ4YCglDKhMOvQ3ExBYRHQ rE8JFSlj7smu2j4+uXCrjWGvS5g8bXoYB2TAb0Bf/j3YS+XL0b9yK7w1WgD6XnyN 71WC5VsDCk0SCvwflYew8tSUbaz8bhLp/9Y5H42IILDu6oXeSU/UpxYPFcky3BEW zKPEIMiTzb/HEVgU/q1Wmjo4+fzH9SPfwbc6ci3zItrVQwpQfiwP0Gr7mGSyHh7t eUM5bRP5TJ3HpQ== -----END CERTIFICATE-----Generated at Fri Dec 19 00:15:49 2025 by rpki-client