This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft File: YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json) Hash identifier: 0ZnbvEdb5DNnDT7qehM05jcXY2P+VtWp4G7YHC/55bk= Subject key identifier: 09:7B:77:5C:5D:2A:73:56:E7:53:82:70:8E:E9:13:A3:67:3A:27:04 Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE Certificate issuer: /CN=603444e19962a191efd2f216a128e2f4cfe2a3de Certificate serial: 019B4DE07F99DA32731716AA1207445925AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft Manifest number: 07AB Signing time: Wed 24 Dec 2025 01:01:56 +0000 Manifest this update: Wed 24 Dec 2025 01:01:56 +0000 Manifest next update: Thu 25 Dec 2025 01:01:56 +0000 Files and hashes: 1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: wln/jXCp0gL+NibEd1VmzFwez//ukBwvIROacrbjmFw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 01:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:e0:7f:99:da:32:73:17:16:aa:12:07:44:59:25:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de Validity Not Before: Dec 24 01:01:56 2025 GMT Not After : Dec 25 01:01:56 2025 GMT Subject: CN=097b775c5d2a7356e75382708ee913a3673a2704 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:3a:35:bd:1b:28:21:40:35:1d:98:f8:13:73: 82:19:75:4b:e8:ee:f3:c2:6a:c5:04:c0:7f:ce:b1: 74:10:61:38:02:7c:50:c8:41:0a:b0:92:2c:7b:a4: 6e:0e:e7:7e:25:36:ab:97:33:59:5b:a8:9f:8b:68: 6d:12:64:f4:b9:99:5b:9a:59:74:c9:70:a3:51:7d: af:44:c4:10:ec:2a:50:c0:c5:09:ff:dd:ff:39:76: ac:36:d0:8e:96:01:dc:ac:a6:3e:df:f7:91:df:6b: ca:38:a3:10:43:ee:b7:00:4b:d1:24:44:b1:da:06: bb:c9:ce:67:2c:99:9e:cf:4f:55:86:57:4c:82:ed: bf:6e:6e:8e:50:9a:40:29:4b:50:3f:d8:2c:d6:b0: 91:25:e5:8f:63:11:df:84:89:52:55:be:60:d3:51: ae:b5:0b:30:27:26:be:3c:41:94:08:75:98:50:06: b7:d4:60:9d:6f:ac:32:10:71:7f:4c:41:7e:6c:a8: 7f:9e:0b:30:71:d1:04:f2:6d:bd:50:71:e3:c0:62: 92:ef:63:08:f4:cd:88:67:55:c8:11:84:ef:71:dc: b8:30:79:d4:3e:20:cd:ae:c6:0a:03:7f:fa:4f:24: 78:b0:94:8a:50:d8:b5:d8:a8:96:a8:91:2e:79:83: 20:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:7B:77:5C:5D:2A:73:56:E7:53:82:70:8E:E9:13:A3:67:3A:27:04 X509v3 Authority Key Identifier: keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:ad:92:6b:45:61:1b:a6:f6:12:be:c7:73:da:67:5e:91:84: a0:65:6f:2d:81:04:e2:17:3e:be:f0:54:37:ce:83:83:f0:a9: 56:73:61:85:5e:c3:75:9f:de:6d:33:99:e5:db:9e:ab:b8:55: 42:59:b3:12:a2:af:42:41:ce:a2:d8:79:1b:4a:5c:5c:40:e5: e5:88:b3:bf:0f:c9:4b:ac:de:93:55:1e:d0:91:42:c6:5e:2d: 4d:70:c3:ce:c3:75:36:2a:de:43:23:15:63:a9:d8:21:c5:ee: 26:65:af:0a:84:ca:e0:ec:15:b7:a6:20:bb:51:62:df:6d:95: 63:52:2e:8d:85:e5:68:bd:48:2f:0c:43:52:e9:2f:71:3a:1b: 5b:96:a3:e4:c0:04:6b:cf:ac:58:15:a4:1e:d5:2f:af:b7:d6: 74:a8:a3:10:e5:4e:b1:97:4d:a3:de:a5:be:a4:b0:aa:4e:95: e3:73:83:22:a1:8f:06:28:b1:88:8a:06:0a:cc:52:40:4d:ee: d5:84:15:99:00:49:02:51:09:2f:1e:a9:4f:8a:c0:e5:d6:3f: 11:cf:33:b6:a4:6d:f2:fd:40:cd:a5:01:24:ee:3b:b8:da:74: 41:8e:0f:08:54:2b:53:10:de:36:bc:bc:18:e1:59:3b:6a:89: e6:28:3f:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN4H+Z2jJzFxaqEgdEWSWtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl MmEzZGUwHhcNMjUxMjI0MDEwMTU2WhcNMjUxMjI1MDEwMTU2WjAzMTEwLwYDVQQD EygwOTdiNzc1YzVkMmE3MzU2ZTc1MzgyNzA4ZWU5MTNhMzY3M2EyNzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Do1vRsoIUA1HZj4E3OCGXVL6O7z wmrFBMB/zrF0EGE4AnxQyEEKsJIse6RuDud+JTarlzNZW6ifi2htEmT0uZlbmll0 yXCjUX2vRMQQ7CpQwMUJ/93/OXasNtCOlgHcrKY+3/eR32vKOKMQQ+63AEvRJESx 2ga7yc5nLJmez09VhldMgu2/bm6OUJpAKUtQP9gs1rCRJeWPYxHfhIlSVb5g01Gu tQswJya+PEGUCHWYUAa31GCdb6wyEHF/TEF+bKh/ngswcdEE8m29UHHjwGKS72MI 9M2IZ1XIEYTvcdy4MHnUPiDNrsYKA3/6TyR4sJSKUNi12KiWqJEueYMgIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAl7d1xdKnNW51OCcI7pE6NnOicEMB8GA1UdIwQY MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0 LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACa2Sa0Vh G6b2Er7Hc9pnXpGEoGVvLYEE4hc+vvBUN86Dg/CpVnNhhV7DdZ/ebTOZ5dueq7hV QlmzEqKvQkHOoth5G0pcXEDl5Yizvw/JS6zek1Ue0JFCxl4tTXDDzsN1NireQyMV Y6nYIcXuJmWvCoTK4OwVt6Ygu1Fi322VY1IujYXlaL1ILwxDUukvcTobW5aj5MAE a8+sWBWkHtUvr7fWdKijEOVOsZdNo96lvqSwqk6V43ODIqGPBiixiIoGCsxSQE3u 1YQVmQBJAlEJLx6pT4rA5dY/Ec8ztqRt8v1AzaUBJO47uNp0QY4PCFQrUxDeNry8 GOFZO2qJ5ig/2A== -----END CERTIFICATE-----Generated at Wed Dec 24 10:31:11 2025 by rpki-client