This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft File: YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json) Hash identifier: zFvBjqy+sPmExmxERmlbkZJ7+erieqtk+52KoywYP/Y= Subject key identifier: 34:ED:3C:34:77:BB:64:C2:85:52:74:FD:56:D1:BD:38:C1:78:E4:0A Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 Certificate issuer: /CN=633333d71526f533b1c1cf0be9fc321b623396d3 Certificate serial: 019B7146D117C05E698C8086F0EA2BF98418 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft Manifest number: 0838 Signing time: Tue 30 Dec 2025 22:00:24 +0000 Manifest this update: Tue 30 Dec 2025 22:00:24 +0000 Manifest next update: Wed 31 Dec 2025 22:00:24 +0000 Files and hashes: 1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: hamP+GGa0L4ccjmZCO3Ag9GR8qnOd1uuen/aCy0zsQM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 22:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:46:d1:17:c0:5e:69:8c:80:86:f0:ea:2b:f9:84:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3 Validity Not Before: Dec 30 22:00:24 2025 GMT Not After : Dec 31 22:00:24 2025 GMT Subject: CN=34ed3c3477bb64c2855274fd56d1bd38c178e40a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c7:99:24:20:c2:58:ea:9f:04:06:28:12:35: fe:df:98:57:e5:ec:eb:fd:47:9d:60:4b:55:3a:c2: 87:b4:e6:e4:25:af:ee:45:59:55:f7:ce:21:2e:9e: 11:71:63:23:4e:2d:89:ce:cc:f8:82:ba:05:0a:01: 01:82:c8:9d:96:0c:bd:2c:6b:28:d8:61:d9:28:8d: 99:1b:36:f7:a9:20:5d:b2:62:97:7a:83:dd:5f:48: 0f:6c:70:95:2b:83:ea:fa:8f:08:74:cf:84:17:d2: e9:ef:d1:a2:d1:8d:21:02:f3:62:7a:71:03:01:4a: 84:fa:c1:46:dd:8b:96:b8:63:24:fa:2b:87:f5:14: e5:06:bf:63:3a:dc:5a:60:bf:64:3d:7e:c5:f2:90: 8a:99:b5:b7:48:0d:7e:66:e6:0e:bd:43:ef:7d:c1: c1:98:b0:c5:57:c1:c3:b8:ec:d1:56:79:d0:b3:55: 47:95:52:12:bf:ff:a4:aa:ac:d6:20:c5:8b:ed:d0: 03:00:94:82:6a:77:c1:35:e7:06:c1:d1:e8:0a:b7: b9:dd:ad:cb:87:22:d0:13:82:9f:cb:9e:d8:88:de: e4:a7:d6:f7:99:b2:5e:88:ea:55:15:bc:d6:4a:12: 90:b5:30:ff:23:17:83:b5:6f:7d:e6:fc:cd:b6:21: 20:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:ED:3C:34:77:BB:64:C2:85:52:74:FD:56:D1:BD:38:C1:78:E4:0A X509v3 Authority Key Identifier: keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:08:41:67:b1:94:01:80:00:28:c8:1b:54:c7:70:ab:ad:b3: 68:8f:7f:f0:8d:65:44:a9:8f:03:ed:51:77:01:a2:45:20:09: 32:42:df:1b:b4:b0:5d:c1:73:62:08:37:81:1e:60:2a:d4:39: 38:ed:74:9e:5c:e7:d8:1e:d9:57:0b:06:e4:2d:db:ee:d3:d2: 51:28:fc:12:b7:e5:a6:8a:64:8e:f6:1a:f3:b6:af:d2:f6:d2: 11:6f:55:09:fa:8e:5d:55:81:52:99:c0:d3:4c:f9:fe:38:be: 5a:e4:89:6c:ea:2e:34:a9:0c:6a:78:75:19:34:7a:6e:af:dd: 92:9f:ee:e5:14:59:fd:15:24:7b:7a:65:28:37:f0:46:72:88: 9b:76:5d:1c:9f:3d:6a:59:dc:fa:89:ba:a7:17:71:e7:f7:68: 76:fc:5e:61:b0:3c:0e:3e:01:00:70:05:fa:04:59:5e:cb:6e: 0b:a6:96:fc:94:29:60:31:d2:f5:35:84:6b:21:ca:69:52:ad: 3e:cb:22:51:6e:f5:2c:d9:52:9a:53:64:b7:22:72:f3:58:76: 68:a1:42:06:8b:bb:2d:13:03:f7:b7:84:54:5c:1e:44:1a:2e: ad:ae:81:98:be:fc:ef:33:f1:d4:43:5a:4c:c4:78:cc:14:a2: 11:14:b9:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxRtEXwF5pjICG8Oor+YQYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz Mzk2ZDMwHhcNMjUxMjMwMjIwMDI0WhcNMjUxMjMxMjIwMDI0WjAzMTEwLwYDVQQD EygzNGVkM2MzNDc3YmI2NGMyODU1Mjc0ZmQ1NmQxYmQzOGMxNzhlNDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArceZJCDCWOqfBAYoEjX+35hX5ezr /UedYEtVOsKHtObkJa/uRVlV984hLp4RcWMjTi2Jzsz4groFCgEBgsidlgy9LGso 2GHZKI2ZGzb3qSBdsmKXeoPdX0gPbHCVK4Pq+o8IdM+EF9Lp79Gi0Y0hAvNienED AUqE+sFG3YuWuGMk+iuH9RTlBr9jOtxaYL9kPX7F8pCKmbW3SA1+ZuYOvUPvfcHB mLDFV8HDuOzRVnnQs1VHlVISv/+kqqzWIMWL7dADAJSCanfBNecGwdHoCre53a3L hyLQE4Kfy57YiN7kp9b3mbJeiOpVFbzWShKQtTD/IxeDtW995vzNtiEg5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDTtPDR3u2TChVJ0/VbRvTjBeOQKMB8GA1UdIwQY MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwhBZ7GU AYAAKMgbVMdwq62zaI9/8I1lRKmPA+1RdwGiRSAJMkLfG7SwXcFzYgg3gR5gKtQ5 OO10nlzn2B7ZVwsG5C3b7tPSUSj8ErflpopkjvYa87av0vbSEW9VCfqOXVWBUpnA 00z5/ji+WuSJbOouNKkManh1GTR6bq/dkp/u5RRZ/RUke3plKDfwRnKIm3ZdHJ89 alnc+om6pxdx5/dodvxeYbA8Dj4BAHAF+gRZXstuC6aW/JQpYDHS9TWEayHKaVKt PssiUW71LNlSmlNktyJy81h2aKFCBou7LRMD97eEVFweRBoura6BmL787zPx1ENa TMR4zBSiERS54Q== -----END CERTIFICATE-----Generated at Wed Dec 31 08:00:58 2025 by rpki-client