This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft File: YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json) Hash identifier: MRebKrVCy/gMKaJI+lOCKWDxyTLj+KtT76g4Vak8U9I= Subject key identifier: 29:84:99:D0:66:31:A2:B1:F1:F7:2D:A0:8A:8D:1A:11:A1:CF:54:E8 Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B Certificate issuer: /CN=60d252a2e31538cda5857bad0983c8bdf558b17b Certificate serial: 019B3C7E67D148B768D33C0156FFC3AC1891 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft Manifest number: 0AC9 Signing time: Sat 20 Dec 2025 16:01:15 +0000 Manifest this update: Sat 20 Dec 2025 16:01:15 +0000 Manifest next update: Sun 21 Dec 2025 16:01:15 +0000 Files and hashes: 1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: sRyb8ZJe0rBwUJC8goy86TVi6WMsXI5cvZpCsS709II=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:67:d1:48:b7:68:d3:3c:01:56:ff:c3:ac:18:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b Validity Not Before: Dec 20 16:01:15 2025 GMT Not After : Dec 21 16:01:15 2025 GMT Subject: CN=298499d06631a2b1f1f72da08a8d1a11a1cf54e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b5:7a:5a:95:6c:2f:bb:b6:be:5f:4f:07:43: a4:0f:f0:1c:70:cd:4b:12:5a:e0:d7:44:83:0e:13: c7:7c:5e:0f:46:f4:3b:49:fe:e3:5e:8b:f0:3e:64: a7:74:51:d5:01:78:dc:78:ea:65:30:14:70:61:66: 3d:95:a8:26:f6:56:9b:25:18:27:37:82:82:01:d1: 30:10:93:48:e7:c5:dc:e1:f3:f2:ab:28:aa:6c:53: fd:8a:72:eb:87:c0:96:77:f1:e7:45:9f:b0:63:0a: 18:46:08:8b:29:00:18:28:84:62:94:42:0c:16:9c: d7:96:38:93:c1:7e:2d:5d:15:d6:61:a7:ea:43:7b: 78:e0:a9:4c:54:a2:e9:e0:3a:79:06:8b:e5:6b:a5: df:46:f6:76:e9:87:5d:4f:5c:5f:0f:ee:ac:a9:2b: b8:44:89:72:f3:0c:33:e4:08:34:7a:bb:37:af:a3: a6:89:c7:4e:07:10:a6:0a:28:d3:84:ea:7c:9f:c0: 12:20:92:e9:f7:67:3c:c2:b1:fd:c8:31:10:e2:5d: e3:dd:ac:a3:7f:52:70:59:af:b0:a5:11:a4:bf:c6: 40:eb:9c:48:9b:a7:dc:f6:44:c2:12:4c:5a:6c:75: 2f:d4:0a:36:77:b7:92:fb:90:f5:0e:67:43:74:b2: bb:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:84:99:D0:66:31:A2:B1:F1:F7:2D:A0:8A:8D:1A:11:A1:CF:54:E8 X509v3 Authority Key Identifier: keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:c7:29:a5:36:f9:b9:3d:e8:ad:80:99:bb:e9:ed:b8:f1:2d: 1f:47:00:03:cb:c8:cf:dc:85:b3:f9:d6:d3:1f:73:d8:ef:a9: 72:ed:80:7a:cb:53:d6:0a:9c:f1:c0:39:61:12:58:a4:69:d2: ce:6c:f7:d0:7a:14:a9:4f:3d:65:a7:0c:73:5b:fc:f8:40:ef: 56:1c:a9:0d:ed:71:f2:60:2d:cc:f9:87:71:01:84:8c:a5:8c: 6e:2f:1d:31:56:36:e6:82:f1:6e:3a:e6:6d:d3:5f:15:62:51: da:9a:8c:e3:10:24:b6:e8:10:ca:fd:ef:2d:da:b1:2b:82:c2: 6e:4b:58:de:41:7a:b9:ff:02:8b:13:4a:2c:f9:c3:a6:dc:89: f3:9a:d6:b3:f4:ca:87:0a:e5:be:10:89:02:ef:32:5f:88:ea: 2f:4a:a5:5f:c2:1f:51:a2:fc:c5:33:aa:fa:04:86:62:aa:15: 88:7b:07:f5:70:f7:1c:04:48:c9:30:72:c1:59:ce:13:0c:eb: 1f:df:65:43:f1:18:f5:4c:43:47:39:ee:62:f4:10:60:c0:f3: 6d:e7:7e:c0:07:3b:9f:7d:f1:58:52:32:43:b6:f0:f6:f7:20: ed:08:05:77:36:17:3d:60:d4:cd:88:d5:16:c6:5b:db:0b:04: 3f:6d:37:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fmfRSLdo0zwBVv/DrBiRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1 OGIxN2IwHhcNMjUxMjIwMTYwMTE1WhcNMjUxMjIxMTYwMTE1WjAzMTEwLwYDVQQD EygyOTg0OTlkMDY2MzFhMmIxZjFmNzJkYTA4YThkMWExMWExY2Y1NGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbV6WpVsL7u2vl9PB0OkD/AccM1L Elrg10SDDhPHfF4PRvQ7Sf7jXovwPmSndFHVAXjceOplMBRwYWY9lagm9labJRgn N4KCAdEwEJNI58Xc4fPyqyiqbFP9inLrh8CWd/HnRZ+wYwoYRgiLKQAYKIRilEIM FpzXljiTwX4tXRXWYafqQ3t44KlMVKLp4Dp5Bovla6XfRvZ26YddT1xfD+6sqSu4 RIly8wwz5Ag0ers3r6OmicdOBxCmCijThOp8n8ASIJLp92c8wrH9yDEQ4l3j3ayj f1JwWa+wpRGkv8ZA65xIm6fc9kTCEkxabHUv1Ao2d7eS+5D1DmdDdLK7iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCmEmdBmMaKx8fctoIqNGhGhz1ToMB8GA1UdIwQY MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8cppTb5 uT3orYCZu+ntuPEtH0cAA8vIz9yFs/nW0x9z2O+pcu2AestT1gqc8cA5YRJYpGnS zmz30HoUqU89ZacMc1v8+EDvVhypDe1x8mAtzPmHcQGEjKWMbi8dMVY25oLxbjrm bdNfFWJR2pqM4xAktugQyv3vLdqxK4LCbktY3kF6uf8CixNKLPnDptyJ85rWs/TK hwrlvhCJAu8yX4jqL0qlX8IfUaL8xTOq+gSGYqoViHsH9XD3HARIyTBywVnOEwzr H99lQ/EY9UxDRznuYvQQYMDzbed+wAc7n33xWFIyQ7bw9vcg7QgFdzYXPWDUzYjV FsZb2wsEP203+A== -----END CERTIFICATE-----Generated at Sun Dec 21 01:35:19 2025 by rpki-client