This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft File: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft (raw, json) Hash identifier: j7fNZBKY00INwghWeF939Cx5cSW/EkgRC46+guNLEks= Subject key identifier: D5:23:57:5D:64:9B:23:91:8D:7E:7B:52:C4:1B:4C:F6:9F:AA:5C:27 Authority key identifier: CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 Certificate issuer: /CN=ca434d399d93a19d8a8108456c5575096c2ae588 Certificate serial: 019B3F118089AE6B79C723CE1DC9E56A124C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft Manifest number: 07AA Signing time: Sun 21 Dec 2025 04:01:10 +0000 Manifest this update: Sun 21 Dec 2025 04:01:10 +0000 Manifest next update: Mon 22 Dec 2025 04:01:10 +0000 Files and hashes: 1: 6KeHOxxWviP0lluNL5sOXVdQY7c.roa (hash: kUeVBsIsjzs7OuA1c4/VFEC1ddAvMO/ONIYaR+/BuFA=) 2: ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl (hash: KapE6EQstyn7JrBqnoDqClm/EyoeQArlVerrQ/eNTeE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:80:89:ae:6b:79:c7:23:ce:1d:c9:e5:6a:12:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca434d399d93a19d8a8108456c5575096c2ae588 Validity Not Before: Dec 21 04:01:10 2025 GMT Not After : Dec 22 04:01:10 2025 GMT Subject: CN=d523575d649b23918d7e7b52c41b4cf69faa5c27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:db:f5:36:9a:d1:5b:8d:38:16:6a:a9:d0:bf: 24:8a:e1:69:ac:00:45:a6:e1:d1:04:24:0f:1e:6e: 41:3b:fe:f4:13:2a:bf:76:79:48:5a:65:f1:7f:09: e5:d1:86:00:ed:80:be:28:85:7d:05:53:c2:eb:84: 1b:63:8d:5d:18:06:87:96:1c:ec:c2:40:0f:c8:cd: d3:c0:da:03:0c:ff:44:d0:07:5f:8e:c1:5d:3e:8a: 32:bc:53:23:0a:bb:96:4b:d4:56:2c:2c:8d:41:e9: f0:fb:b4:df:62:9c:c8:f3:be:0d:63:79:d7:08:77: bb:43:52:43:3b:32:69:4b:83:53:30:43:d6:d6:46: 05:f6:d6:22:89:af:77:01:c7:79:71:e5:84:47:6e: 3a:ff:81:58:93:44:6b:77:70:57:67:ce:be:84:57: f9:86:4d:83:29:23:44:ef:8f:17:66:86:b2:25:81: f8:8a:98:8f:8e:ad:b2:42:ef:16:53:4b:b7:0c:31: b4:78:af:c7:00:4e:cd:05:7a:52:8a:ab:63:02:36: b8:1a:0b:eb:ee:4e:76:e7:d6:97:76:6b:d2:0e:4e: 3a:cb:11:79:fd:39:f5:e8:cb:18:84:85:81:73:26: 46:bf:e6:70:45:72:66:6e:f9:74:14:de:fb:90:26: 00:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:23:57:5D:64:9B:23:91:8D:7E:7B:52:C4:1B:4C:F6:9F:AA:5C:27 X509v3 Authority Key Identifier: keyid:CA:43:4D:39:9D:93:A1:9D:8A:81:08:45:6C:55:75:09:6C:2A:E5:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/6aec6a-3683-405a-9e61-db2368271913/1/ykNNOZ2ToZ2KgQhFbFV1CWwq5Yg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:7a:5e:e7:2d:d6:9b:bc:ea:a6:36:a0:af:95:68:ce:a3:e3: d9:1c:4b:60:f1:6e:dc:35:05:04:e5:76:2a:ba:e0:24:8a:8c: a0:66:49:57:a5:92:da:3e:a7:8c:a7:05:9a:b1:7c:c6:9a:f0: 4c:22:83:a2:fe:54:ec:88:c7:33:e9:d1:47:15:21:08:f6:4e: 31:71:64:03:eb:93:ae:7f:05:20:ed:d5:23:38:79:50:c0:70: fc:9f:ab:c6:e8:53:53:9b:11:52:5a:52:32:18:85:9e:db:73: a9:20:b6:dd:af:2a:31:74:8e:26:db:10:39:b1:f4:b4:ec:cf: 5d:45:34:b4:6b:1d:b5:a2:48:6f:d3:7a:06:b1:48:f3:46:c3: bf:6c:6a:58:cf:93:6e:c3:4f:02:70:c2:91:2c:51:a1:fd:ef: 3d:3b:4a:c3:63:dc:d0:5b:c3:36:60:08:9b:3e:38:a7:ae:39: 31:24:39:12:ae:e4:73:cc:b5:69:af:82:83:43:e6:b5:73:99: b1:31:06:1d:2f:34:c8:20:0f:1e:a1:3e:cd:d6:7f:c0:b0:b3: 7a:81:e8:90:7e:38:4f:b0:b2:75:4f:e4:3e:84:1f:2a:7f:0a: dd:83:cf:65:50:7d:9f:68:72:e1:2d:1f:67:4c:66:b9:48:8e: 09:ab:e2:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/EYCJrmt5xyPOHcnlahJMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNDM0ZDM5OWQ5M2ExOWQ4YTgxMDg0NTZjNTU3NTA5NmMy YWU1ODgwHhcNMjUxMjIxMDQwMTEwWhcNMjUxMjIyMDQwMTEwWjAzMTEwLwYDVQQD EyhkNTIzNTc1ZDY0OWIyMzkxOGQ3ZTdiNTJjNDFiNGNmNjlmYWE1YzI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtv1NprRW404Fmqp0L8kiuFprABF puHRBCQPHm5BO/70Eyq/dnlIWmXxfwnl0YYA7YC+KIV9BVPC64QbY41dGAaHlhzs wkAPyM3TwNoDDP9E0AdfjsFdPooyvFMjCruWS9RWLCyNQenw+7TfYpzI874NY3nX CHe7Q1JDOzJpS4NTMEPW1kYF9tYiia93Acd5ceWER246/4FYk0Rrd3BXZ86+hFf5 hk2DKSNE748XZoayJYH4ipiPjq2yQu8WU0u3DDG0eK/HAE7NBXpSiqtjAja4Ggvr 7k5259aXdmvSDk46yxF5/Tn16MsYhIWBcyZGv+ZwRXJmbvl0FN77kCYA/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNUjV11kmyORjX57UsQbTPafqlwnMB8GA1UdIwQY MBaAFMpDTTmdk6GdioEIRWxVdQlsKuWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEt ZGIyMzY4MjcxOTEzLzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC82YWVjNmEtMzY4My00MDVhLTllNjEtZGIyMzY4MjcxOTEz LzEveWtOTk9aMlRvWjJLZ1FoRmJGVjFDV3dxNVlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu3pe5y3W m7zqpjagr5VozqPj2RxLYPFu3DUFBOV2KrrgJIqMoGZJV6WS2j6njKcFmrF8xprw TCKDov5U7IjHM+nRRxUhCPZOMXFkA+uTrn8FIO3VIzh5UMBw/J+rxuhTU5sRUlpS MhiFnttzqSC23a8qMXSOJtsQObH0tOzPXUU0tGsdtaJIb9N6BrFI80bDv2xqWM+T bsNPAnDCkSxRof3vPTtKw2Pc0FvDNmAImz44p645MSQ5Eq7kc8y1aa+Cg0PmtXOZ sTEGHS80yCAPHqE+zdZ/wLCzeoHokH44T7CydU/kPoQfKn8K3YPPZVB9n2hy4S0f Z0xmuUiOCaviXQ== -----END CERTIFICATE-----Generated at Sun Dec 21 06:46:02 2025 by rpki-client