This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft File: YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json) Hash identifier: X8MrB/GZ6dyAMj9Spr4OKDuBrFA+4NskPgEanGf+D9Q= Subject key identifier: 4B:38:3E:02:FE:87:0A:83:BC:D0:7B:99:92:57:AD:48:5A:EB:26:04 Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F Certificate issuer: /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f Certificate serial: 019B71EBC1ABDD4A62916C34215F40B865ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft Manifest number: 093D Signing time: Wed 31 Dec 2025 01:00:34 +0000 Manifest this update: Wed 31 Dec 2025 01:00:34 +0000 Manifest next update: Thu 01 Jan 2026 01:00:34 +0000 Files and hashes: 1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: vsnCCi1n3Hfe+U1LeTXJMebnSNAosujat7LS90KmfwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:eb:c1:ab:dd:4a:62:91:6c:34:21:5f:40:b8:65:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f Validity Not Before: Dec 31 01:00:34 2025 GMT Not After : Jan 1 01:00:34 2026 GMT Subject: CN=4b383e02fe870a83bcd07b999257ad485aeb2604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:57:e8:88:34:b6:0d:66:15:9b:63:2e:46:b9: 2d:6c:9d:77:d2:09:43:16:bb:24:37:cc:b8:d3:00: e6:24:ad:bc:c6:e2:6b:50:f2:2f:1f:53:6c:73:73: 1a:1e:44:a1:16:5c:9d:eb:05:27:72:81:62:96:cb: b1:07:75:a4:4c:9a:51:d3:2e:73:d5:8d:1c:62:19: 51:ec:f2:43:69:2e:ae:ba:e4:df:5e:e8:23:7b:90: b5:3e:fc:14:0f:b3:90:5d:96:34:0d:85:91:80:61: 6f:de:fa:b5:5a:b6:a0:3a:2e:6d:31:a4:9a:8e:fb: e1:72:70:5e:3c:9c:55:cd:55:8c:bd:14:51:1b:eb: db:af:b5:15:46:1d:40:fd:e1:ba:89:c7:af:fc:1c: e4:14:e6:40:a5:70:5a:9e:d0:6a:b6:1c:bd:72:a6: f5:a6:bd:f2:65:a3:22:43:33:61:cc:2f:ff:8f:84: c3:54:b0:af:b2:29:a3:fb:ab:21:02:e8:e6:c6:72: 72:f2:9d:8c:18:28:d8:6e:7e:62:97:38:08:96:ea: 58:4c:2e:41:56:b7:57:04:35:a8:d0:0c:ad:17:ae: b7:b6:a1:94:41:1e:ac:56:86:7e:58:a4:90:d6:05: ec:e9:58:d0:a4:dc:0b:b2:4c:c6:79:b6:32:d4:94: 3d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:38:3E:02:FE:87:0A:83:BC:D0:7B:99:92:57:AD:48:5A:EB:26:04 X509v3 Authority Key Identifier: keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:bb:61:b0:e5:db:e3:5d:db:a1:62:c9:ab:1c:2e:0e:4e:9c: 82:85:9c:b8:13:53:2c:e9:19:1b:57:4c:1c:0b:4e:d2:cf:9f: d1:10:22:cb:be:a1:e5:bf:12:49:95:32:9c:48:70:ff:03:84: 06:15:34:b2:8c:fe:92:f3:55:f1:5c:32:c2:2f:41:c2:b5:1f: 3c:9a:0b:20:90:5f:40:f7:57:6a:56:79:03:2d:7d:08:3b:05: 6a:41:47:4f:24:3e:77:a9:26:89:7a:10:2e:f2:f7:9a:3c:ff: 2a:21:f4:b4:8a:80:97:e3:65:bf:5d:16:a8:d6:f6:6c:7a:bf: 3c:21:f1:31:4f:cd:55:1b:51:f8:62:1e:3a:42:3c:76:d5:29: 9a:24:58:1c:58:52:28:38:27:18:f5:10:88:08:3b:31:5e:d4: 41:be:ef:f3:65:fc:27:40:28:3a:64:9f:ff:8c:77:92:ee:f0: 7d:9d:c2:65:97:ea:ee:8d:67:c5:91:35:db:d7:09:31:b4:5b: 37:98:f2:ce:0c:51:93:f0:91:b6:bf:6d:77:d5:fd:97:42:5c: 24:1b:d5:88:e7:1b:f9:44:a9:57:36:39:d0:36:2b:17:45:b7: 17:08:3d:9f:93:72:d5:36:e5:ca:c3:e5:7f:60:71:5f:93:e6: fb:0b:16:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtx68Gr3UpikWw0IV9AuGXtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1 YTI5MmYwHhcNMjUxMjMxMDEwMDM0WhcNMjYwMTAxMDEwMDM0WjAzMTEwLwYDVQQD Eyg0YjM4M2UwMmZlODcwYTgzYmNkMDdiOTk5MjU3YWQ0ODVhZWIyNjA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlfoiDS2DWYVm2MuRrktbJ130glD FrskN8y40wDmJK28xuJrUPIvH1Nsc3MaHkShFlyd6wUncoFilsuxB3WkTJpR0y5z 1Y0cYhlR7PJDaS6uuuTfXugje5C1PvwUD7OQXZY0DYWRgGFv3vq1WragOi5tMaSa jvvhcnBePJxVzVWMvRRRG+vbr7UVRh1A/eG6icev/BzkFOZApXBantBqthy9cqb1 pr3yZaMiQzNhzC//j4TDVLCvsimj+6shAujmxnJy8p2MGCjYbn5ilzgIlupYTC5B VrdXBDWo0AytF663tqGUQR6sVoZ+WKSQ1gXs6VjQpNwLskzGebYy1JQ9MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEs4PgL+hwqDvNB7mZJXrUha6yYEMB8GA1UdIwQY MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLthsOXb 413boWLJqxwuDk6cgoWcuBNTLOkZG1dMHAtO0s+f0RAiy76h5b8SSZUynEhw/wOE BhU0soz+kvNV8Vwywi9BwrUfPJoLIJBfQPdXalZ5Ay19CDsFakFHTyQ+d6kmiXoQ LvL3mjz/KiH0tIqAl+Nlv10WqNb2bHq/PCHxMU/NVRtR+GIeOkI8dtUpmiRYHFhS KDgnGPUQiAg7MV7UQb7v82X8J0AoOmSf/4x3ku7wfZ3CZZfq7o1nxZE129cJMbRb N5jyzgxRk/CRtr9td9X9l0JcJBvViOcb+USpVzY50DYrF0W3Fwg9n5Ny1TblysPl f2BxX5Pm+wsWvg== -----END CERTIFICATE-----Generated at Wed Dec 31 05:55:38 2025 by rpki-client