This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft File: yjzk270E4HrOGTf4ChWvc5m4Aw4.mft (raw, json) Hash identifier: Zayl6sEv0wslpIbKdaDbXY0KuUr6CntbL178Tp5c9FE= Subject key identifier: 9E:25:7D:A4:2B:5F:0C:2E:95:05:DB:A9:0E:60:84:D6:00:78:FE:C2 Authority key identifier: CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E Certificate issuer: /CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e Certificate serial: 019B4EF1F381B4394BE8A055BC3EC1CB7738 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft Manifest number: 0728 Signing time: Wed 24 Dec 2025 06:00:37 +0000 Manifest this update: Wed 24 Dec 2025 06:00:37 +0000 Manifest next update: Thu 25 Dec 2025 06:00:37 +0000 Files and hashes: 1: yjzk270E4HrOGTf4ChWvc5m4Aw4.crl (hash: TtnHBO4liiGR81EUW5Czgm0litCO3CK2zHIRQiWDPw0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 06:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:f1:f3:81:b4:39:4b:e8:a0:55:bc:3e:c1:cb:77:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e Validity Not Before: Dec 24 06:00:37 2025 GMT Not After : Dec 25 06:00:37 2025 GMT Subject: CN=9e257da42b5f0c2e9505dba90e6084d60078fec2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:71:ba:89:77:d3:d1:63:e5:1f:68:2e:52:90: 3d:e4:03:5f:2e:54:cf:d9:3b:81:24:e3:21:24:25: 84:ef:70:36:a2:94:7c:13:a5:7a:6a:81:df:45:67: 7d:d6:02:3a:96:fe:f3:21:f7:0b:57:fb:1a:99:89: ca:25:63:ae:1a:d2:b8:5a:eb:19:dc:ff:f3:ba:2b: ea:51:52:40:df:80:84:02:5a:78:ed:04:3a:b9:46: 65:7e:a4:46:bb:9e:db:38:b9:97:d9:34:33:e5:e0: 80:b1:de:e4:8d:d8:e4:7f:d0:dd:bc:da:ee:3a:7e: 28:a6:94:ab:79:98:3d:3c:70:75:88:fa:ed:27:3e: df:07:14:bf:4a:63:ca:2b:0c:c6:f3:8b:96:3e:72: 0c:7d:32:a2:8c:17:45:ff:ca:91:c6:7d:c9:cf:c8: 8f:62:a7:18:4b:f5:3c:45:a9:61:11:12:bf:e8:ba: 95:51:42:1e:e8:f3:63:27:ed:3c:d0:65:2d:1a:da: f8:18:58:cf:06:ba:6d:82:56:fb:f7:c1:e7:ff:75: 29:b6:76:44:44:6c:d0:9d:84:ac:57:80:52:50:cc: 61:c7:e7:c5:ea:d7:93:ca:6e:ef:e2:41:2a:f9:a9: cd:8a:8c:c9:77:40:36:81:4c:76:63:43:55:71:c3: 93:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:25:7D:A4:2B:5F:0C:2E:95:05:DB:A9:0E:60:84:D6:00:78:FE:C2 X509v3 Authority Key Identifier: keyid:CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:be:14:13:b4:bc:da:a1:e2:40:8d:52:5c:0a:d0:92:ec:82: c6:16:f5:42:3a:e1:a6:33:95:df:34:ef:e2:5b:0a:22:9f:cb: e6:a2:af:a6:9c:7b:37:da:f2:d4:d5:13:ba:2b:96:3b:aa:9d: 05:af:a6:2f:0b:fe:6f:ab:e6:6e:fb:62:ea:d5:0f:f3:6b:c0: 74:2c:56:07:2b:ec:ed:d4:20:d4:81:36:f9:97:aa:72:6d:09: ff:83:2c:0c:79:87:54:17:e7:30:77:30:92:1d:61:bf:23:1a: 4b:43:48:5a:fa:52:9c:37:ed:a6:d9:31:71:70:f3:ba:a9:25: f2:8f:f3:79:f7:a1:cf:36:30:32:7a:d3:bd:d3:7b:8f:c0:8e: ab:ff:df:1b:c2:35:69:c7:90:38:0a:c4:22:d6:76:d3:97:cc: a0:a8:f2:b1:6e:48:2f:88:9c:e5:60:11:24:84:30:5e:19:63: f5:c2:48:02:3b:ea:96:df:5f:d8:d5:8c:af:2a:73:fe:34:de: 9c:42:71:ef:d3:c7:20:8b:aa:cb:22:48:a2:13:e1:c8:f8:99: f5:82:f2:a1:20:6d:96:69:0e:6d:32:2f:32:dc:16:02:83:62: 30:af:7d:5f:ce:01:be:81:cb:86:b7:ec:2f:5e:bf:0b:76:c5: 68:7c:27:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtO8fOBtDlL6KBVvD7By3c4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhM2NlNGRiYmQwNGUwN2FjZTE5MzdmODBhMTVhZjczOTli ODAzMGUwHhcNMjUxMjI0MDYwMDM3WhcNMjUxMjI1MDYwMDM3WjAzMTEwLwYDVQQD Eyg5ZTI1N2RhNDJiNWYwYzJlOTUwNWRiYTkwZTYwODRkNjAwNzhmZWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonG6iXfT0WPlH2guUpA95ANfLlTP 2TuBJOMhJCWE73A2opR8E6V6aoHfRWd91gI6lv7zIfcLV/samYnKJWOuGtK4WusZ 3P/zuivqUVJA34CEAlp47QQ6uUZlfqRGu57bOLmX2TQz5eCAsd7kjdjkf9DdvNru On4oppSreZg9PHB1iPrtJz7fBxS/SmPKKwzG84uWPnIMfTKijBdF/8qRxn3Jz8iP YqcYS/U8RalhERK/6LqVUUIe6PNjJ+080GUtGtr4GFjPBrptglb798Hn/3UptnZE RGzQnYSsV4BSUMxhx+fF6teTym7v4kEq+anNiozJd0A2gUx2Y0NVccOTXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ4lfaQrXwwulQXbqQ5ghNYAeP7CMB8GA1UdIwQY MBaAFMo85Nu9BOB6zhk3+AoVr3OZuAMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQt NjE3Y2QzZGYzOTViLzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQtNjE3Y2QzZGYzOTVi LzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOL4UE7S8 2qHiQI1SXArQkuyCxhb1QjrhpjOV3zTv4lsKIp/L5qKvppx7N9ry1NUTuiuWO6qd Ba+mLwv+b6vmbvti6tUP82vAdCxWByvs7dQg1IE2+Zeqcm0J/4MsDHmHVBfnMHcw kh1hvyMaS0NIWvpSnDftptkxcXDzuqkl8o/zefehzzYwMnrTvdN7j8COq//fG8I1 aceQOArEItZ205fMoKjysW5IL4ic5WARJIQwXhlj9cJIAjvqlt9f2NWMrypz/jTe nEJx79PHIIuqyyJIohPhyPiZ9YLyoSBtlmkObTIvMtwWAoNiMK99X84BvoHLhrfs L16/C3bFaHwnLw== -----END CERTIFICATE-----Generated at Wed Dec 24 10:36:44 2025 by rpki-client