This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft File: yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft (raw, json) Hash identifier: 3p7/RWdwHFIJVPocXF+fSxMGDl0WQG6fn3++ZhuG5Fk= Subject key identifier: EC:D9:BA:C0:AB:49:AA:5D:96:1A:C8:54:49:2F:37:95:0A:64:03:F4 Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64 Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264 Certificate serial: 019B75C85BE761E750FA51FAB7AF7C0EE59E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft Manifest number: 15EC Signing time: Wed 31 Dec 2025 19:00:23 +0000 Manifest this update: Wed 31 Dec 2025 19:00:23 +0000 Manifest next update: Thu 01 Jan 2026 19:00:23 +0000 Files and hashes: 1: Iq8sBOoYl2FdEDuOs7ZjqubA0mo.roa (hash: cKH71Gw8ENbKfDC7hsHD0Ixm5ykhTLruun3w+xwHV3U=) 2: yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl (hash: uYhBe+2SG0iyXEMUUKKRxjEzzDxht+QsEqT28KjxBZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:c8:5b:e7:61:e7:50:fa:51:fa:b7:af:7c:0e:e5:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264 Validity Not Before: Dec 31 19:00:23 2025 GMT Not After : Jan 1 19:00:23 2026 GMT Subject: CN=ecd9bac0ab49aa5d961ac854492f37950a6403f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1c:0a:ff:ee:e8:3c:63:ac:cd:40:c3:bf:1c: d2:64:2b:90:2f:18:49:62:48:41:7a:46:ac:15:a7: 92:7c:7b:ef:96:09:22:80:36:d9:09:29:31:72:20: 49:d3:a3:ac:88:40:d6:65:f0:f8:36:01:4b:df:28: 57:75:22:b7:6f:fa:96:4c:67:45:ae:63:c9:46:87: a1:a3:86:18:12:8f:e1:b0:5f:90:f9:d2:5a:c3:33: 77:34:bd:df:94:66:62:4a:f0:a1:fd:33:2c:5e:5a: fc:e7:2c:75:36:5c:70:2a:3e:b6:e2:ee:9a:44:a6: 87:38:d7:fd:5a:ce:43:82:b5:b5:76:da:04:4b:96: f4:e1:fd:8e:96:ff:70:3f:5d:b1:51:43:89:0a:26: 7f:cc:e3:1a:70:61:ff:57:4e:ec:c4:56:5c:ad:bf: 2f:c9:93:39:7f:d0:7b:0b:e9:42:4b:b8:46:99:2c: d4:51:3a:cc:a3:9c:25:1f:17:e6:0d:0e:9c:10:bc: c6:ff:64:fb:56:42:e5:20:fe:2c:fe:bd:1b:55:65: 1d:e4:9e:a7:01:13:fe:02:bf:dc:1c:86:4c:2f:39: b2:42:e8:ac:82:2d:50:ab:ab:dd:1b:af:a2:03:b1: 38:00:2a:88:f3:7c:11:cd:a0:41:59:dc:61:e1:b8: 9e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:D9:BA:C0:AB:49:AA:5D:96:1A:C8:54:49:2F:37:95:0A:64:03:F4 X509v3 Authority Key Identifier: keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:19:52:0a:b6:ea:fe:c1:2a:04:92:63:60:3d:1c:6a:3f:fb: a5:4c:24:7a:df:45:2d:82:6d:39:10:4a:ca:b7:9e:bc:38:ae: 18:5c:2b:72:13:4a:15:ca:c6:8e:8e:9e:19:59:39:f8:6a:f5: e9:e7:b2:88:ed:ab:53:4b:fb:f4:32:66:77:ea:2a:a8:df:7b: e5:0b:f3:41:96:42:32:31:c4:4a:f9:76:8d:b7:9c:89:93:85: 70:ab:91:54:83:eb:fb:4f:76:2a:8b:57:8a:8b:57:d9:81:ef: 6a:61:99:ff:e4:aa:99:06:37:a6:58:19:2b:0a:91:ea:91:0b: e5:e9:b9:35:6e:b4:aa:97:9c:56:6e:e3:5a:98:98:9d:c6:fa: b7:ae:bf:63:7a:6e:f9:fc:2d:1f:23:92:90:b0:b4:d9:69:25: 8c:01:6f:b9:3b:1d:73:18:93:8e:77:51:34:fd:40:e5:e5:19: 23:04:63:43:be:c1:df:69:c2:3a:b0:c5:d0:8c:60:70:0e:35: a0:b5:41:b3:d1:a6:e2:66:08:97:a0:65:90:62:69:68:fc:81: b5:23:db:7f:95:e2:38:cd:9f:8a:ce:5a:ba:c7:a2:0b:c5:0c: 20:d7:12:64:da:3e:1d:ad:0d:a9:23:07:97:b3:aa:a9:c5:00: 95:d4:05:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1yFvnYedQ+lH6t698DuWeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiMzYxODBhYjQ1NDJkNmVlZTY2ZDlmOTkwMzBkZjcxMjM2 Y2UyNjQwHhcNMjUxMjMxMTkwMDIzWhcNMjYwMTAxMTkwMDIzWjAzMTEwLwYDVQQD EyhlY2Q5YmFjMGFiNDlhYTVkOTYxYWM4NTQ0OTJmMzc5NTBhNjQwM2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRwK/+7oPGOszUDDvxzSZCuQLxhJ YkhBekasFaeSfHvvlgkigDbZCSkxciBJ06OsiEDWZfD4NgFL3yhXdSK3b/qWTGdF rmPJRoeho4YYEo/hsF+Q+dJawzN3NL3flGZiSvCh/TMsXlr85yx1NlxwKj624u6a RKaHONf9Ws5DgrW1dtoES5b04f2Olv9wP12xUUOJCiZ/zOMacGH/V07sxFZcrb8v yZM5f9B7C+lCS7hGmSzUUTrMo5wlHxfmDQ6cELzG/2T7VkLlIP4s/r0bVWUd5J6n ARP+Ar/cHIZMLzmyQuisgi1Qq6vdG6+iA7E4ACqI83wRzaBBWdxh4biegwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOzZusCrSapdlhrIVEkvN5UKZAP0MB8GA1UdIwQY MBaAFMs2GAq0VC1u7mbZ+ZAw33EjbOJkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWIt NjY3ZGIxZGMxYjg2LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWItNjY3ZGIxZGMxYjg2 LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBlSCrbq /sEqBJJjYD0caj/7pUwket9FLYJtORBKyreevDiuGFwrchNKFcrGjo6eGVk5+Gr1 6eeyiO2rU0v79DJmd+oqqN975QvzQZZCMjHESvl2jbeciZOFcKuRVIPr+092KotX iotX2YHvamGZ/+SqmQY3plgZKwqR6pEL5em5NW60qpecVm7jWpiYncb6t66/Y3pu +fwtHyOSkLC02WkljAFvuTsdcxiTjndRNP1A5eUZIwRjQ77B32nCOrDF0IxgcA41 oLVBs9Gm4mYIl6BlkGJpaPyBtSPbf5XiOM2fis5auseiC8UMINcSZNo+Ha0NqSMH l7OqqcUAldQFkg== -----END CERTIFICATE-----Generated at Thu Jan 1 00:28:07 2026 by rpki-client