This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft File: yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json) Hash identifier: QVrZg4DzEZ0ZF2VDvTRcxwAoohG+WG1RaITnBRBGN1k= Subject key identifier: 3C:6F:21:67:12:45:AE:26:7E:F2:45:57:4D:7A:78:46:FE:D3:FD:F0 Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0 Certificate issuer: /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0 Certificate serial: 019B3D22F33B96C60382AD240F6D3C0FFE47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 19:00:59 +0000 Manifest this update: Sat 20 Dec 2025 19:00:59 +0000 Manifest next update: Sun 21 Dec 2025 19:00:59 +0000 Files and hashes: 1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: WOHCYukd8HdHpQOSzRDiodoCu/uYimdb5r0yu6hf2Uw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:f3:3b:96:c6:03:82:ad:24:0f:6d:3c:0f:fe:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0 Validity Not Before: Dec 20 19:00:59 2025 GMT Not After : Dec 21 19:00:59 2025 GMT Subject: CN=3c6f21671245ae267ef245574d7a7846fed3fdf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:80:88:a9:53:a2:5a:72:00:8c:28:7b:92:ec: e1:d1:50:7a:05:98:66:fa:6c:b0:ef:a6:d3:d7:64: 95:9e:94:ba:db:0d:d8:da:11:4e:ba:e3:1b:15:e1: 69:51:13:cf:c5:f0:28:dc:2d:3b:74:96:b2:be:a9: b0:af:7a:09:0c:97:36:9e:5e:74:03:fc:a5:9f:01: bd:84:d9:47:6b:04:af:83:3a:84:ba:6b:75:f8:eb: 90:d2:bf:c6:cb:dd:6b:ba:c1:e8:66:6a:34:88:67: 12:a0:ed:69:77:83:3b:6e:93:95:e6:d6:88:1f:09: ea:f7:a8:62:ed:17:3e:ef:6b:88:9e:e1:ff:84:95: 0d:3a:4f:ff:35:04:74:fe:7a:89:f6:a1:4b:7c:7b: 19:41:81:53:72:b1:1b:35:32:ae:5b:7e:30:d3:e9: 43:da:79:2c:f2:ee:4f:13:90:cb:e8:90:21:f2:72: 52:92:bb:f4:51:f0:3d:7e:77:7d:72:a9:de:ae:12: b4:8a:4e:1f:6d:78:36:79:ac:37:9e:ad:d8:50:cd: fb:7f:35:d9:c6:b5:12:e7:c1:a8:04:67:ed:37:33: 7e:a2:fa:32:e1:c1:c7:fb:14:e6:2b:23:ad:a7:40: e8:b7:e5:04:ba:a8:a0:32:70:d1:32:da:2f:7a:0e: 10:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:6F:21:67:12:45:AE:26:7E:F2:45:57:4D:7A:78:46:FE:D3:FD:F0 X509v3 Authority Key Identifier: keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:e5:5b:f7:ff:a7:03:2d:c3:59:71:e6:e2:e9:98:da:7f:cd: 38:11:47:c3:fa:52:df:72:53:a0:96:2e:3a:00:3f:4e:f6:4a: 02:bd:56:d5:07:c6:cc:e5:c5:ed:e6:a2:e2:2e:b6:d9:7a:ff: 52:98:d7:4a:28:37:15:41:c2:5b:7a:61:17:6c:22:f0:f5:a9: 6c:ef:77:1e:a8:4b:d7:1b:fd:aa:94:6f:33:73:e5:9a:13:7e: 62:aa:e4:8c:f1:e8:16:0b:17:50:27:3b:bc:e0:07:e8:83:42: 9f:7f:23:c5:fa:56:72:af:c3:82:a9:4b:bd:f2:e1:2a:9c:4d: 27:64:e7:fb:87:82:f2:86:26:b6:3b:90:6e:2f:ca:ce:14:b7: b7:86:ec:a9:87:bc:8d:38:10:00:fe:39:8f:ff:0c:0d:1f:24: b8:b8:4c:bc:7e:5b:46:20:c3:3d:b7:a7:aa:e6:d0:a6:3e:5e: 98:2e:73:a2:d8:be:2d:91:9a:39:85:78:9a:d0:4a:7e:7d:9a: b2:50:78:4d:92:ce:5f:6e:27:75:3e:4a:c2:32:67:b1:b0:8d: 32:32:b8:84:88:69:ea:d0:79:0c:97:1a:8e:61:1e:87:23:02: 07:f3:ad:c0:80:08:de:9b:74:6d:4e:56:da:49:f3:2c:05:3e: 03:88:46:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9IvM7lsYDgq0kD208D/5HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy ZDVkYzAwHhcNMjUxMjIwMTkwMDU5WhcNMjUxMjIxMTkwMDU5WjAzMTEwLwYDVQQD EygzYzZmMjE2NzEyNDVhZTI2N2VmMjQ1NTc0ZDdhNzg0NmZlZDNmZGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YCIqVOiWnIAjCh7kuzh0VB6BZhm +myw76bT12SVnpS62w3Y2hFOuuMbFeFpURPPxfAo3C07dJayvqmwr3oJDJc2nl50 A/ylnwG9hNlHawSvgzqEumt1+OuQ0r/Gy91rusHoZmo0iGcSoO1pd4M7bpOV5taI Hwnq96hi7Rc+72uInuH/hJUNOk//NQR0/nqJ9qFLfHsZQYFTcrEbNTKuW34w0+lD 2nks8u5PE5DL6JAh8nJSkrv0UfA9fnd9cqnerhK0ik4fbXg2eaw3nq3YUM37fzXZ xrUS58GoBGftNzN+ovoy4cHH+xTmKyOtp0Dot+UEuqigMnDRMtoveg4Q6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDxvIWcSRa4mfvJFV016eEb+0/3wMB8GA1UdIwQY MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEOVb9/+n Ay3DWXHm4umY2n/NOBFHw/pS33JToJYuOgA/TvZKAr1W1QfGzOXF7eai4i622Xr/ UpjXSig3FUHCW3phF2wi8PWpbO93HqhL1xv9qpRvM3PlmhN+YqrkjPHoFgsXUCc7 vOAH6INCn38jxfpWcq/DgqlLvfLhKpxNJ2Tn+4eC8oYmtjuQbi/KzhS3t4bsqYe8 jTgQAP45j/8MDR8kuLhMvH5bRiDDPbenqubQpj5emC5zoti+LZGaOYV4mtBKfn2a slB4TZLOX24ndT5KwjJnsbCNMjK4hIhp6tB5DJcajmEehyMCB/OtwIAI3pt0bU5W 2knzLAU+A4hG+A== -----END CERTIFICATE-----Generated at Sun Dec 21 02:20:07 2025 by rpki-client