This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft File: yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json) Hash identifier: MTSorakggToumd09DjnruBC6LmYjmkbK21EcjgFVGbY= Subject key identifier: BC:AA:A7:E1:1B:E1:D2:ED:96:B9:5A:1D:23:46:FF:71:86:C5:2F:42 Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F Certificate issuer: /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f Certificate serial: 019B4E4DCD13318A8D2074E138BCFBA5D062 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft Manifest number: 136D Signing time: Wed 24 Dec 2025 03:01:20 +0000 Manifest this update: Wed 24 Dec 2025 03:01:20 +0000 Manifest next update: Thu 25 Dec 2025 03:01:20 +0000 Files and hashes: 1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: m4soVT+1ZDQtMw7DsPH9Sdd6s2+kzBjfvK2bpuH1DeQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 03:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:cd:13:31:8a:8d:20:74:e1:38:bc:fb:a5:d0:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f Validity Not Before: Dec 24 03:01:20 2025 GMT Not After : Dec 25 03:01:20 2025 GMT Subject: CN=bcaaa7e11be1d2ed96b95a1d2346ff7186c52f42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:59:01:fb:c3:d5:3d:d1:6a:50:53:53:9d:e3: 8f:dd:5f:df:3d:90:0b:ea:f1:43:14:37:be:3b:44: 33:b8:a5:48:84:c6:c4:70:b4:ca:b3:c4:26:a5:2a: 6b:6c:2d:84:c3:bb:f7:e1:15:fb:fd:e5:f5:cc:a0: 15:c1:45:cc:6a:11:c9:19:0d:76:f3:ff:13:cf:95: 81:2f:dc:74:86:2a:4a:ee:43:81:3c:f3:6c:97:63: c8:6f:34:8a:ed:c4:45:29:e4:a1:10:4e:a6:ef:09: 02:78:39:dc:f2:ed:00:ef:09:83:a0:e9:8f:8e:08: 98:4d:6a:26:81:3c:08:d6:b6:52:0a:6f:14:38:4c: 44:e1:af:37:fd:b4:6e:37:c5:0f:17:77:d3:4a:9f: 3e:e0:e1:02:58:f1:68:8d:84:bd:2b:8d:23:e2:63: 7b:7a:f0:94:66:f5:9e:88:ca:18:76:fc:8a:68:09: c1:79:02:b4:b4:44:28:ed:a8:aa:ea:6f:cc:33:25: f4:62:8b:b4:e3:36:f5:be:ea:4e:2d:14:35:17:b4: b1:48:cd:49:7f:f7:a6:e6:f7:86:b9:2e:1f:b7:d0: c2:bf:66:c1:9f:c6:05:85:26:8a:f9:e7:e8:8e:7d: 48:aa:e6:39:10:23:6b:83:cf:95:8a:f7:90:aa:a8: b0:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:AA:A7:E1:1B:E1:D2:ED:96:B9:5A:1D:23:46:FF:71:86:C5:2F:42 X509v3 Authority Key Identifier: keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:7c:ac:24:00:f7:20:53:6b:1c:58:e5:98:f3:31:e6:42:e0: 53:50:49:26:80:da:fb:7b:f7:ec:28:37:59:39:61:69:63:d9: fb:ed:10:e7:e2:5f:e8:32:27:d8:5e:11:3a:70:c9:5d:06:b9: b0:21:c6:04:13:45:b9:af:73:e2:37:05:89:8a:08:ee:97:80: 89:3e:86:d3:bf:59:e4:da:20:f5:0d:c2:4e:54:34:c2:3b:1c: 43:ed:9a:a1:8d:63:0f:53:70:a7:e6:10:d1:12:6a:78:d3:bf: f5:77:01:a6:e4:a3:63:86:8f:29:f9:25:21:81:0d:9d:af:8b: 4b:1b:19:bd:80:c0:c9:4d:fd:eb:df:db:72:a3:27:39:d6:f6: 73:c7:63:b3:aa:df:9d:c3:a1:22:f6:00:22:5f:d3:88:6c:81: 07:75:fa:8f:e7:4b:c4:ec:58:dd:d0:88:8c:1d:f0:c8:84:a6: c9:0e:1b:f4:a5:ef:06:03:70:aa:dc:68:52:a9:d2:aa:0f:24: 49:5a:69:5a:31:a9:63:de:4c:a3:72:b9:d7:10:c3:6d:a7:8d: 1f:f3:94:b2:ad:20:f6:b6:55:b7:39:25:dc:1b:7b:06:f4:b0: e6:17:e1:81:bb:8e:b7:fe:d5:dc:97:18:87:cc:6a:38:e7:10: bd:ef:0d:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTc0TMYqNIHThOLz7pdBiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk MmNjMGYwHhcNMjUxMjI0MDMwMTIwWhcNMjUxMjI1MDMwMTIwWjAzMTEwLwYDVQQD EyhiY2FhYTdlMTFiZTFkMmVkOTZiOTVhMWQyMzQ2ZmY3MTg2YzUyZjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1kB+8PVPdFqUFNTneOP3V/fPZAL 6vFDFDe+O0QzuKVIhMbEcLTKs8QmpSprbC2Ew7v34RX7/eX1zKAVwUXMahHJGQ12 8/8Tz5WBL9x0hipK7kOBPPNsl2PIbzSK7cRFKeShEE6m7wkCeDnc8u0A7wmDoOmP jgiYTWomgTwI1rZSCm8UOExE4a83/bRuN8UPF3fTSp8+4OECWPFojYS9K40j4mN7 evCUZvWeiMoYdvyKaAnBeQK0tEQo7aiq6m/MMyX0You04zb1vupOLRQ1F7SxSM1J f/em5veGuS4ft9DCv2bBn8YFhSaK+efojn1IquY5ECNrg8+ViveQqqiwYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLyqp+Eb4dLtlrlaHSNG/3GGxS9CMB8GA1UdIwQY MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACnysJAD3 IFNrHFjlmPMx5kLgU1BJJoDa+3v37Cg3WTlhaWPZ++0Q5+Jf6DIn2F4ROnDJXQa5 sCHGBBNFua9z4jcFiYoI7peAiT6G079Z5Nog9Q3CTlQ0wjscQ+2aoY1jD1Nwp+YQ 0RJqeNO/9XcBpuSjY4aPKfklIYENna+LSxsZvYDAyU3969/bcqMnOdb2c8djs6rf ncOhIvYAIl/TiGyBB3X6j+dLxOxY3dCIjB3wyISmyQ4b9KXvBgNwqtxoUqnSqg8k SVppWjGpY95Mo3K51xDDbaeNH/OUsq0g9rZVtzkl3Bt7BvSw5hfhgbuOt/7V3JcY h8xqOOcQve8NVw== -----END CERTIFICATE-----Generated at Wed Dec 24 12:00:35 2025 by rpki-client