This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft File: yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json) Hash identifier: 6nASEx37pZhWREAAXGeILyevPnLDR8mowKoWCC5xFKw= Subject key identifier: 74:8C:A3:F2:26:C9:78:8D:A9:F3:7F:57:22:32:3D:60:28:05:AC:9A Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE Certificate issuer: /CN=c8483816b43be4a76f6060832bec4992fa5a98ce Certificate serial: 019B34FB81B7869A9B275513568999FE0BE4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft Manifest number: 07A8 Signing time: Fri 19 Dec 2025 05:00:56 +0000 Manifest this update: Fri 19 Dec 2025 05:00:56 +0000 Manifest next update: Sat 20 Dec 2025 05:00:56 +0000 Files and hashes: 1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: wRh+TnI/0WZJhugerfHscUcsqnOyAx2UO38IkZFFpZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:81:b7:86:9a:9b:27:55:13:56:89:99:fe:0b:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce Validity Not Before: Dec 19 05:00:56 2025 GMT Not After : Dec 20 05:00:56 2025 GMT Subject: CN=748ca3f226c9788da9f37f5722323d602805ac9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b0:2f:b6:b1:8c:2b:26:d1:e2:e8:4a:d9:63: 97:3e:0c:c8:a8:f8:2c:63:5e:b6:58:44:3e:7d:ee: d9:8a:d9:ac:99:a9:9b:eb:3e:35:c5:d9:dd:08:66: 92:ce:86:fb:8a:1a:37:85:8c:bd:44:e7:68:37:68: 19:59:40:35:22:b6:c9:49:a0:dc:94:e8:41:56:e2: 73:f8:d8:9d:05:9f:a4:dc:e6:0d:db:ed:19:d4:54: de:d3:1b:6c:81:40:7b:7a:e3:cf:61:5f:3f:19:8c: 80:ba:fe:5b:4d:9b:3c:10:c9:c5:80:13:10:b2:a9: db:3e:c6:f3:05:5b:9d:a9:f3:ad:4f:8d:22:da:d1: ad:4f:6f:9c:8a:bf:b2:b9:31:63:5c:95:09:cd:f2: d6:46:1f:4a:d7:1b:97:b7:53:82:a1:be:c2:a3:af: 80:09:63:96:c0:27:4a:af:4c:5e:42:37:d3:a2:98: 35:dd:b0:0e:6b:41:71:40:97:47:e2:92:e9:d2:76: ec:84:c7:68:78:26:89:e4:5d:23:05:4e:c1:56:6f: 46:3b:79:4b:70:98:38:cc:cc:6c:5d:31:b2:b7:d3: a2:77:86:45:28:de:8d:ff:68:99:49:cd:a3:f7:eb: 8d:d7:47:16:4b:1d:bc:ea:e0:1f:d2:88:9e:cc:c6: 79:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8C:A3:F2:26:C9:78:8D:A9:F3:7F:57:22:32:3D:60:28:05:AC:9A X509v3 Authority Key Identifier: keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:0c:e7:c0:2b:89:9d:7c:7e:db:b5:d2:3e:ed:f3:a6:a7:df: f3:2f:e1:1e:f2:7d:81:97:fc:30:93:c9:61:60:97:32:53:20: 46:9b:4d:23:75:d8:3d:3d:41:5a:fc:7a:8e:60:10:71:16:a2: 0b:1a:0f:5f:8a:93:21:9a:d5:97:79:a7:45:34:84:a6:52:d5: e8:61:8b:34:88:85:3a:db:89:11:52:0a:7c:5f:0b:dd:d4:03: 54:6d:43:35:7b:57:05:2b:df:69:7c:d3:34:e3:1c:6d:a5:e6: d0:9d:5d:88:37:f3:86:99:04:d3:ca:f7:f6:ab:b1:05:58:1a: 25:39:86:07:22:dc:6e:1f:06:e6:70:2c:a5:1c:56:6d:b3:7f: 99:dd:b6:b3:c6:d9:f7:b7:2d:76:84:35:d4:27:8a:3a:38:86: 62:aa:04:94:c6:c0:af:a8:02:3c:48:61:1b:07:5e:5d:71:57: 8a:0a:45:5f:75:66:d0:41:3a:91:57:a6:97:4e:15:56:cf:c2: c6:af:8d:5b:f1:ce:23:36:d9:59:ed:cb:96:bb:42:5b:20:32: 71:32:91:d1:42:84:dd:4c:79:4c:af:71:22:b2:a3:12:68:94: ad:24:bf:b7:98:ed:61:2f:c8:0f:d4:cb:9d:3d:df:fd:63:25: 1c:63:50:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+4G3hpqbJ1UTVomZ/gvkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1 YTk4Y2UwHhcNMjUxMjE5MDUwMDU2WhcNMjUxMjIwMDUwMDU2WjAzMTEwLwYDVQQD Eyg3NDhjYTNmMjI2Yzk3ODhkYTlmMzdmNTcyMjMyM2Q2MDI4MDVhYzlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbAvtrGMKybR4uhK2WOXPgzIqPgs Y162WEQ+fe7Zitmsmamb6z41xdndCGaSzob7iho3hYy9ROdoN2gZWUA1IrbJSaDc lOhBVuJz+NidBZ+k3OYN2+0Z1FTe0xtsgUB7euPPYV8/GYyAuv5bTZs8EMnFgBMQ sqnbPsbzBVudqfOtT40i2tGtT2+cir+yuTFjXJUJzfLWRh9K1xuXt1OCob7Co6+A CWOWwCdKr0xeQjfTopg13bAOa0FxQJdH4pLp0nbshMdoeCaJ5F0jBU7BVm9GO3lL cJg4zMxsXTGyt9Oid4ZFKN6N/2iZSc2j9+uN10cWSx286uAf0oiezMZ5pQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSMo/ImyXiNqfN/VyIyPWAoBayaMB8GA1UdIwQY MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAznwCuJ nXx+27XSPu3zpqff8y/hHvJ9gZf8MJPJYWCXMlMgRptNI3XYPT1BWvx6jmAQcRai CxoPX4qTIZrVl3mnRTSEplLV6GGLNIiFOtuJEVIKfF8L3dQDVG1DNXtXBSvfaXzT NOMcbaXm0J1diDfzhpkE08r39quxBVgaJTmGByLcbh8G5nAspRxWbbN/md22s8bZ 97ctdoQ11CeKOjiGYqoElMbAr6gCPEhhGwdeXXFXigpFX3Vm0EE6kVeml04VVs/C xq+NW/HOIzbZWe3LlrtCWyAycTKR0UKE3Ux5TK9xIrKjEmiUrSS/t5jtYS/ID9TL nT3f/WMlHGNQcQ== -----END CERTIFICATE-----Generated at Fri Dec 19 09:44:58 2025 by rpki-client