This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft File: YE1FsSrOCsIjA-08d5S4MGpqtbA.mft (raw, json) Hash identifier: 80la4cazFZcelhO/PtWh5TbiMLgk1+NGNUaBKjKED0s= Subject key identifier: 73:85:7E:BA:AF:6B:05:C9:AA:55:55:0B:41:B4:11:ED:81:CD:65:3A Authority key identifier: 60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0 Certificate issuer: /CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0 Certificate serial: 019B55995430590FBFA8C7B99DA8F31DA3F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft Manifest number: 1725 Signing time: Thu 25 Dec 2025 13:01:10 +0000 Manifest this update: Thu 25 Dec 2025 13:01:10 +0000 Manifest next update: Fri 26 Dec 2025 13:01:10 +0000 Files and hashes: 1: YE1FsSrOCsIjA-08d5S4MGpqtbA.crl (hash: 1syV6yGQu6Ql0xVqhFEi4FsOirXYxCMnKLlPTMWgNVs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 13:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:99:54:30:59:0f:bf:a8:c7:b9:9d:a8:f3:1d:a3:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0 Validity Not Before: Dec 25 13:01:10 2025 GMT Not After : Dec 26 13:01:10 2025 GMT Subject: CN=73857ebaaf6b05c9aa55550b41b411ed81cd653a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c7:10:07:fa:46:f2:c5:18:da:28:a2:32:6e: 74:f2:96:df:09:24:65:3b:b5:d3:4e:08:87:c9:83: cd:1e:9e:9d:e2:ff:58:d0:90:cd:b2:ae:7e:80:55: 62:e1:30:0a:a8:ff:5b:bd:ab:89:fc:bc:9c:c9:8a: 45:7e:62:42:ed:b5:76:61:e6:a0:fc:f6:2d:4f:84: e5:03:7d:c8:c9:9a:0f:54:bf:e8:5c:f8:58:4f:17: 64:55:cd:18:c5:19:8b:bd:e9:af:28:80:15:ec:ac: 6a:b6:83:62:fa:a0:36:05:ec:6b:bb:5d:fb:62:6a: 99:7b:fb:7b:8b:68:37:a4:de:2a:dd:69:fb:a9:f2: f9:c5:6c:24:0f:5b:8e:04:f9:ce:a5:5b:f9:ae:5b: bd:d1:0b:52:4e:cc:24:76:3c:2b:bb:3c:7e:83:4e: 64:2a:81:80:e0:7e:70:86:65:1f:e7:b2:41:4a:ca: c7:09:3f:18:2e:34:cc:b8:0b:54:51:6d:33:ed:29: a9:a6:75:b8:be:0c:4a:ef:44:e9:0c:46:fc:d9:66: d9:e4:32:2e:8b:19:a9:35:82:55:84:cb:ab:82:fe: d5:12:d2:11:5e:06:03:c5:1f:a6:be:5d:29:82:ba: af:e8:de:fc:9d:aa:40:4f:f5:ec:5a:67:bc:50:0c: 28:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:85:7E:BA:AF:6B:05:C9:AA:55:55:0B:41:B4:11:ED:81:CD:65:3A X509v3 Authority Key Identifier: keyid:60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:61:c1:a6:3a:2f:be:0a:79:73:04:19:22:be:45:8a:fa:1d: b2:05:b0:34:3f:d4:a5:88:23:46:b1:e4:9b:0d:c0:50:41:8f: b2:7e:e8:b6:2d:70:8d:fc:f2:33:c0:9e:64:63:56:4f:af:27: 48:b1:64:c0:1e:1a:69:13:14:30:f2:c5:86:d7:e8:c8:4c:68: 8e:3a:05:cd:67:d7:93:36:a4:60:1a:3d:68:56:19:10:08:82: e4:e8:3f:b8:bb:84:f8:d2:0e:ab:35:26:a7:5e:95:38:85:ce: de:95:fb:89:05:60:a4:f9:f9:d9:d9:10:97:5e:4e:e3:50:39: da:e3:0f:d0:0b:57:fc:68:f4:c7:1f:47:34:b4:fd:a5:6d:63: be:6a:f3:7d:f0:59:c7:9c:55:51:01:be:93:ba:28:6d:39:69: 06:8b:09:a0:b0:11:35:60:e4:3c:7c:88:48:b7:76:fc:ad:86: 47:c5:dd:42:ff:d0:55:6c:9a:da:0d:23:03:d4:25:1d:72:43: 20:53:2b:8b:03:34:3d:fe:c3:1f:1c:4c:aa:1a:cb:33:e7:99: 8e:7b:45:32:f5:e6:da:73:d2:59:a6:2a:c9:0d:c8:b4:32:5e: 3e:24:39:fd:a4:80:ee:ea:d0:8c:39:49:0f:12:53:0b:93:71: eb:fd:c1:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVmVQwWQ+/qMe5najzHaPyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNGQ0NWIxMmFjZTBhYzIyMzAzZWQzYzc3OTRiODMwNmE2 YWI1YjAwHhcNMjUxMjI1MTMwMTEwWhcNMjUxMjI2MTMwMTEwWjAzMTEwLwYDVQQD Eyg3Mzg1N2ViYWFmNmIwNWM5YWE1NTU1MGI0MWI0MTFlZDgxY2Q2NTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmscQB/pG8sUY2iiiMm508pbfCSRl O7XTTgiHyYPNHp6d4v9Y0JDNsq5+gFVi4TAKqP9bvauJ/LycyYpFfmJC7bV2Yeag /PYtT4TlA33IyZoPVL/oXPhYTxdkVc0YxRmLvemvKIAV7KxqtoNi+qA2Bexru137 YmqZe/t7i2g3pN4q3Wn7qfL5xWwkD1uOBPnOpVv5rlu90QtSTswkdjwruzx+g05k KoGA4H5whmUf57JBSsrHCT8YLjTMuAtUUW0z7SmppnW4vgxK70TpDEb82WbZ5DIu ixmpNYJVhMurgv7VEtIRXgYDxR+mvl0pgrqv6N78napAT/XsWme8UAwofQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHOFfrqvawXJqlVVC0G0Ee2BzWU6MB8GA1UdIwQY MBaAFGBNRbEqzgrCIwPtPHeUuDBqarWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWIt Mzc1N2Y5MzA4YWNjLzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWItMzc1N2Y5MzA4YWNj LzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGHBpjov vgp5cwQZIr5FivodsgWwND/UpYgjRrHkmw3AUEGPsn7oti1wjfzyM8CeZGNWT68n SLFkwB4aaRMUMPLFhtfoyExojjoFzWfXkzakYBo9aFYZEAiC5Og/uLuE+NIOqzUm p16VOIXO3pX7iQVgpPn52dkQl15O41A52uMP0AtX/Gj0xx9HNLT9pW1jvmrzffBZ x5xVUQG+k7oobTlpBosJoLARNWDkPHyISLd2/K2GR8XdQv/QVWya2g0jA9QlHXJD IFMriwM0Pf7DHxxMqhrLM+eZjntFMvXm2nPSWaYqyQ3ItDJePiQ5/aSA7urQjDlJ DxJTC5Nx6/3Bag== -----END CERTIFICATE-----Generated at Thu Dec 25 22:13:09 2025 by rpki-client