This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft File: YzMz1xUm9TOxwc8L6fwyG2IzltM.mft (raw, json) Hash identifier: yNsws9A4490ZGXLUM/J1ql6Hs6E10ivjrg3Kvfbkx8c= Subject key identifier: CA:22:A9:AD:D4:E0:1E:04:2E:DB:57:FF:59:E1:66:CC:D7:67:32:33 Authority key identifier: 63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 Certificate issuer: /CN=633333d71526f533b1c1cf0be9fc321b623396d3 Certificate serial: 019B65B13AE49E965837AF4F3B31CAB212FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft Manifest number: 0832 Signing time: Sun 28 Dec 2025 16:01:12 +0000 Manifest this update: Sun 28 Dec 2025 16:01:12 +0000 Manifest next update: Mon 29 Dec 2025 16:01:12 +0000 Files and hashes: 1: YzMz1xUm9TOxwc8L6fwyG2IzltM.crl (hash: A9ZUk7bul8N4b8Yan3ohCRR0sKLTxS+RZYH9gyoF/EA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 16:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:b1:3a:e4:9e:96:58:37:af:4f:3b:31:ca:b2:12:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=633333d71526f533b1c1cf0be9fc321b623396d3 Validity Not Before: Dec 28 16:01:12 2025 GMT Not After : Dec 29 16:01:12 2025 GMT Subject: CN=ca22a9add4e01e042edb57ff59e166ccd7673233 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b7:a6:f5:3a:13:b1:69:7b:55:bb:9a:37:e1: c9:65:7a:ce:29:5a:76:67:9d:3d:7c:9b:b2:21:6b: 79:14:60:e6:0e:b1:95:92:b0:26:bd:1f:60:35:1a: c7:c0:b7:70:e3:f5:65:4e:be:8c:ab:17:e2:09:77: a0:e2:bf:f6:97:01:11:0c:62:0f:76:16:10:51:7f: 85:db:98:5c:5c:47:22:ca:1f:3b:50:cf:fb:ac:d2: c8:c4:e6:04:af:1f:82:bf:b6:ce:4b:1a:2d:cf:8d: 90:75:11:1c:cb:e2:e2:3f:19:92:62:28:59:f5:64: c2:d2:00:19:16:8d:64:bf:a5:39:91:d5:8c:c4:1b: b1:d7:1e:63:0b:32:53:a2:d9:e3:b3:12:0a:be:23: d3:8f:65:9a:fb:ce:e3:20:39:36:ea:ef:47:ab:81: 1e:a4:11:8c:e7:ba:e8:ae:e1:89:ba:0c:b7:38:8c: 51:65:fa:b3:08:4c:b8:9c:fb:ae:9e:bc:1b:5e:59: 2c:3b:3b:a1:6b:58:c0:fb:78:11:fa:8e:2b:7c:77: 7f:11:44:b4:1d:2f:0c:f0:69:23:54:44:9e:49:c7: d6:05:52:de:ea:80:7c:20:e3:6b:f2:54:c3:d9:74: 94:65:ac:0a:c0:12:41:1e:ad:6f:6b:5f:24:76:da: 27:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:22:A9:AD:D4:E0:1E:04:2E:DB:57:FF:59:E1:66:CC:D7:67:32:33 X509v3 Authority Key Identifier: keyid:63:33:33:D7:15:26:F5:33:B1:C1:CF:0B:E9:FC:32:1B:62:33:96:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzMz1xUm9TOxwc8L6fwyG2IzltM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f50950-0039-4e74-be41-9cfc4838d3ec/1/YzMz1xUm9TOxwc8L6fwyG2IzltM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:66:71:77:d1:31:07:34:cd:d0:33:6f:31:11:47:b5:a9:aa: fe:95:0d:88:ee:0e:9c:86:39:27:34:e8:dc:1d:df:78:d0:8a: a9:74:6b:a3:66:c1:2f:e6:46:a1:33:40:49:1b:81:48:64:be: 7e:6c:59:e0:f7:2e:00:c5:e7:b9:e1:ea:eb:b3:c9:27:5f:dd: b9:d3:38:90:fd:2c:af:4b:59:0c:2c:1c:93:68:94:f2:2a:7e: 3c:eb:f1:8f:89:59:18:85:3c:06:df:74:d2:2a:03:8a:56:7d: 39:06:9c:20:09:3c:7b:85:e1:8c:86:63:fa:d8:84:b0:ab:a3: 5e:34:0a:c0:0a:dc:b7:91:ec:28:17:3d:d8:ab:f0:be:bd:74: 96:08:94:89:50:32:d8:3b:17:5c:0a:c3:82:41:25:c0:6a:18: 14:c1:ad:ba:30:53:20:8f:ee:d6:cb:a0:fe:0f:07:dd:48:94: d3:61:6e:b5:90:89:6d:47:40:be:2a:5f:87:65:fa:76:a8:48: 53:73:1f:8b:8a:47:c3:f5:83:9d:6c:b5:10:88:82:c5:6a:3b: 10:ef:55:fa:ed:33:4c:69:8c:99:79:bf:38:1e:30:5d:42:96: 8c:a3:1c:59:7a:15:90:11:5a:0e:9b:3f:bb:f2:bb:9b:29:44: 0c:77:6a:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtlsTrknpZYN69POzHKshL9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzMzMzM2Q3MTUyNmY1MzNiMWMxY2YwYmU5ZmMzMjFiNjIz Mzk2ZDMwHhcNMjUxMjI4MTYwMTEyWhcNMjUxMjI5MTYwMTEyWjAzMTEwLwYDVQQD EyhjYTIyYTlhZGQ0ZTAxZTA0MmVkYjU3ZmY1OWUxNjZjY2Q3NjczMjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27em9ToTsWl7VbuaN+HJZXrOKVp2 Z509fJuyIWt5FGDmDrGVkrAmvR9gNRrHwLdw4/VlTr6MqxfiCXeg4r/2lwERDGIP dhYQUX+F25hcXEciyh87UM/7rNLIxOYErx+Cv7bOSxotz42QdREcy+LiPxmSYihZ 9WTC0gAZFo1kv6U5kdWMxBux1x5jCzJTotnjsxIKviPTj2Wa+87jIDk26u9Hq4Ee pBGM57roruGJugy3OIxRZfqzCEy4nPuunrwbXlksOzuha1jA+3gR+o4rfHd/EUS0 HS8M8GkjVESeScfWBVLe6oB8IONr8lTD2XSUZawKwBJBHq1va18kdtonnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMoiqa3U4B4ELttX/1nhZszXZzIzMB8GA1UdIwQY MBaAFGMzM9cVJvUzscHPC+n8MhtiM5bTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEt OWNmYzQ4MzhkM2VjLzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9mNTA5NTAtMDAzOS00ZTc0LWJlNDEtOWNmYzQ4MzhkM2Vj LzEvWXpNejF4VW05VE94d2M4TDZmd3lHMkl6bHRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2Zxd9Ex BzTN0DNvMRFHtamq/pUNiO4OnIY5JzTo3B3feNCKqXRro2bBL+ZGoTNASRuBSGS+ fmxZ4PcuAMXnueHq67PJJ1/dudM4kP0sr0tZDCwck2iU8ip+POvxj4lZGIU8Bt90 0ioDilZ9OQacIAk8e4XhjIZj+tiEsKujXjQKwArct5HsKBc92Kvwvr10lgiUiVAy 2DsXXArDgkElwGoYFMGtujBTII/u1sug/g8H3UiU02FutZCJbUdAvipfh2X6dqhI U3Mfi4pHw/WDnWy1EIiCxWo7EO9V+u0zTGmMmXm/OB4wXUKWjKMcWXoVkBFaDps/ u/K7mylEDHdqrQ== -----END CERTIFICATE-----Generated at Sun Dec 28 22:12:25 2025 by rpki-client