This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.mft File: YGhXxDyh3wTLaaSgqshim98ydWs.mft (raw, json) Hash identifier: reGXpBF/wxEV/Sgs3KrhdUSbGYaUiz3wOslUbADEZ2Y= Subject key identifier: 12:3E:79:4C:E2:CB:F8:DF:A7:A6:25:B0:79:F6:57:00:AE:84:5B:0B Authority key identifier: 60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B Certificate issuer: /CN=606857c43ca1df04cb69a4a0aac8629bdf32756b Certificate serial: 019B416DC750670528535189AC2CE874463B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.mft Manifest number: 1441 Signing time: Sun 21 Dec 2025 15:01:12 +0000 Manifest this update: Sun 21 Dec 2025 15:01:12 +0000 Manifest next update: Mon 22 Dec 2025 15:01:12 +0000 Files and hashes: 1: XuX7uT8cb5cVhdOXna_jZRuc6JE.roa (hash: 6nSukjm2iQoWm9SssGRSJpva0KahTxgtp11M/o63UVs=) 2: YGhXxDyh3wTLaaSgqshim98ydWs.crl (hash: kKw1Tjc//voDcdkk/nEMV0Bis685SJp3sO7bVmG3isA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.mft rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:c7:50:67:05:28:53:51:89:ac:2c:e8:74:46:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606857c43ca1df04cb69a4a0aac8629bdf32756b Validity Not Before: Dec 21 15:01:12 2025 GMT Not After : Dec 22 15:01:12 2025 GMT Subject: CN=123e794ce2cbf8dfa7a625b079f65700ae845b0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:37:12:4d:a4:00:7a:7e:a9:c3:49:3f:9e:8d: 1d:d6:a3:a3:d9:db:99:0c:36:d8:5d:43:7b:5e:1e: cc:c3:9d:2e:d8:c2:60:36:85:62:06:63:40:e2:5e: d4:f0:40:8f:33:32:6a:66:9a:04:ad:34:95:d1:d5: 87:77:49:0a:5c:ca:c0:fa:9f:7c:46:84:a4:1d:0b: d0:c9:fc:38:61:ee:45:4f:2f:31:7b:17:d6:83:21: 1f:db:e9:59:5e:48:b6:e8:95:0f:3c:4d:f9:56:a7: 53:57:84:05:27:1f:c6:eb:4b:6a:a9:6d:c1:61:06: 84:66:6d:ad:5c:0b:ff:b5:66:3e:11:be:ed:36:8c: 2f:8a:74:c8:5d:27:8d:5c:f5:80:b2:1d:fe:46:70: 3f:2a:53:8f:e9:9c:e8:02:4a:c5:82:ab:25:5c:0e: e6:47:15:c0:31:ff:9c:cd:d6:44:2f:23:e4:91:15: 0b:78:6a:1b:3c:25:ef:6d:d8:6f:22:25:8d:5f:31: c5:33:6c:6a:b7:10:93:72:db:53:a9:b5:1d:a2:f0: 4a:f7:f8:92:81:06:19:8d:c9:ee:3a:34:63:7e:15: ea:14:f5:69:b3:a0:2e:ed:6c:0f:37:95:be:78:f4: d4:2a:10:14:db:83:23:54:43:cf:84:fc:c5:b3:45: d7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:3E:79:4C:E2:CB:F8:DF:A7:A6:25:B0:79:F6:57:00:AE:84:5B:0B X509v3 Authority Key Identifier: keyid:60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:35:79:51:e0:5d:ce:cb:8c:72:94:94:c5:31:61:b1:2a:cb: 55:03:98:5f:62:a5:aa:93:a8:92:9d:c2:46:4d:eb:52:4d:85: 7c:db:a2:28:5a:04:ad:87:bf:57:c1:ae:db:8c:4b:06:a2:89: c2:c4:41:87:7f:1a:14:53:de:e1:77:f4:0d:71:2c:0d:1e:6f: 0b:c6:b7:8d:75:12:99:68:23:03:33:54:40:2e:38:2d:05:45: ad:22:59:e4:27:f1:5d:0c:25:88:9b:19:53:c0:d4:c0:0a:f1: cd:9d:66:e7:e6:aa:8c:e4:53:e5:a9:a1:80:f5:e1:a6:76:ec: 94:19:5d:6b:c4:ca:c7:4f:ac:27:65:21:8b:ab:aa:31:45:d7: a7:fe:09:34:bf:ad:02:32:1d:7b:c5:e3:5f:3e:1a:30:fa:24: dd:1d:3d:cd:11:cd:a5:52:04:b7:b5:93:6c:54:70:06:71:57: c5:0d:0c:9c:d6:c0:ac:11:a7:9c:53:af:f4:e2:a3:74:ff:c2: ee:12:4f:36:1a:f7:1e:a4:6e:a7:b4:64:10:b6:9b:f7:8c:80: 86:97:87:aa:08:14:e6:dc:68:b7:a8:d7:e8:e2:69:67:41:44: b4:b9:8c:b8:b8:18:00:db:8b:cd:97:c8:44:72:1d:41:14:e1: f5:e3:62:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbcdQZwUoU1GJrCzodEY7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjg1N2M0M2NhMWRmMDRjYjY5YTRhMGFhYzg2MjliZGYz Mjc1NmIwHhcNMjUxMjIxMTUwMTEyWhcNMjUxMjIyMTUwMTEyWjAzMTEwLwYDVQQD EygxMjNlNzk0Y2UyY2JmOGRmYTdhNjI1YjA3OWY2NTcwMGFlODQ1YjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTcSTaQAen6pw0k/no0d1qOj2duZ DDbYXUN7Xh7Mw50u2MJgNoViBmNA4l7U8ECPMzJqZpoErTSV0dWHd0kKXMrA+p98 RoSkHQvQyfw4Ye5FTy8xexfWgyEf2+lZXki26JUPPE35VqdTV4QFJx/G60tqqW3B YQaEZm2tXAv/tWY+Eb7tNowvinTIXSeNXPWAsh3+RnA/KlOP6ZzoAkrFgqslXA7m RxXAMf+czdZELyPkkRULeGobPCXvbdhvIiWNXzHFM2xqtxCTcttTqbUdovBK9/iS gQYZjcnuOjRjfhXqFPVps6Au7WwPN5W+ePTUKhAU24MjVEPPhPzFs0XX+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBI+eUziy/jfp6YlsHn2VwCuhFsLMB8GA1UdIwQY MBaAFGBoV8Q8od8Ey2mkoKrIYpvfMnVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdoWHhEeWgzd1RMYWFTZ3FzaGltOTh5ZFdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi85NWQ3ZGMtMGM4Yi00OTQxLWI5YzEt ZDQ3MTBkMDIyMzM2LzEvWUdoWHhEeWgzd1RMYWFTZ3FzaGltOTh5ZFdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi85NWQ3ZGMtMGM4Yi00OTQxLWI5YzEtZDQ3MTBkMDIyMzM2 LzEvWUdoWHhEeWgzd1RMYWFTZ3FzaGltOTh5ZFdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDV5UeBd zsuMcpSUxTFhsSrLVQOYX2KlqpOokp3CRk3rUk2FfNuiKFoErYe/V8Gu24xLBqKJ wsRBh38aFFPe4Xf0DXEsDR5vC8a3jXUSmWgjAzNUQC44LQVFrSJZ5CfxXQwliJsZ U8DUwArxzZ1m5+aqjORT5amhgPXhpnbslBlda8TKx0+sJ2Uhi6uqMUXXp/4JNL+t AjIde8XjXz4aMPok3R09zRHNpVIEt7WTbFRwBnFXxQ0MnNbArBGnnFOv9OKjdP/C 7hJPNhr3HqRup7RkELab94yAhpeHqggU5txot6jX6OJpZ0FEtLmMuLgYANuLzZfI RHIdQRTh9eNiHA== -----END CERTIFICATE-----Generated at Sun Dec 21 17:02:37 2025 by rpki-client