This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft File: ygHfSTk2pi4uyamAWo-ja4M1vVA.mft (raw, json) Hash identifier: dPAPLyp9KQbNz1/f3ycXjTvVb/gt+ktQT1AJzUn0+cc= Subject key identifier: 98:BC:92:7E:7A:95:41:CE:AB:4E:D9:8B:B4:71:F3:80:28:69:6C:76 Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50 Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50 Certificate serial: 019B24764289019F06E31851336C9377B274 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft Manifest number: 0909 Signing time: Tue 16 Dec 2025 00:01:28 +0000 Manifest this update: Tue 16 Dec 2025 00:01:28 +0000 Manifest next update: Wed 17 Dec 2025 00:01:28 +0000 Files and hashes: 1: VJejrkbQcGz8ZtoJmN8x1bw4bkc.roa (hash: fTHkpU+4ZrTAo/sH1aFITBDz8Ocuvc9wBymMbgUJLms=) 2: ygHfSTk2pi4uyamAWo-ja4M1vVA.crl (hash: HRgL2PxE20T8M8fzq+o0Jssbrv1JLknsONJgJjxUrLY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:76:42:89:01:9f:06:e3:18:51:33:6c:93:77:b2:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50 Validity Not Before: Dec 16 00:01:28 2025 GMT Not After : Dec 17 00:01:28 2025 GMT Subject: CN=98bc927e7a9541ceab4ed98bb471f38028696c76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:52:80:f4:e5:bc:38:5c:e7:de:d3:51:82:2c: fd:a1:41:82:f9:5f:01:99:01:ac:22:75:52:f6:5f: 9d:dd:86:93:25:94:38:80:42:1e:8c:94:0f:52:22: d4:fe:a5:af:8f:5a:e3:ba:a3:e6:6b:ab:32:2b:71: a4:1e:0d:28:fc:0e:52:60:f2:69:cf:fc:b9:3a:f5: 65:03:d1:5c:15:d1:f4:9d:21:82:1c:14:47:6a:c5: d5:58:92:ea:7d:0b:21:f3:70:47:83:c0:ef:95:97: 10:e8:46:97:05:19:06:3f:65:af:e8:da:f1:03:89: 92:03:cf:3f:76:6a:54:44:a9:8b:b2:dc:e8:66:09: 3e:2b:80:f2:c0:bd:0e:90:0a:76:dc:57:3a:3e:d7: b1:49:08:ad:53:43:9e:6c:f3:6b:d7:34:e4:c0:24: c2:b5:cb:ef:6b:a0:24:96:45:bb:86:87:dd:42:31: 45:75:7c:c4:46:b0:e7:17:bb:e6:1a:8f:d1:2c:f0: 68:82:d1:47:bf:39:91:bb:f7:82:07:3f:c1:8e:5a: 86:40:0c:f8:06:c2:91:83:75:a8:d5:1f:0b:a6:9f: 2e:b1:84:59:aa:49:9a:20:d8:c7:ca:bc:35:60:e5: 10:bc:5b:45:03:98:73:54:9b:89:31:da:b1:92:79: 75:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:BC:92:7E:7A:95:41:CE:AB:4E:D9:8B:B4:71:F3:80:28:69:6C:76 X509v3 Authority Key Identifier: keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:fe:bd:1e:af:16:d6:f4:f5:2f:ba:59:23:c0:55:96:87:5a: 86:c8:d1:e6:48:e0:02:30:2d:5d:a0:3e:54:86:46:5d:65:6b: 33:87:bc:60:74:de:59:a1:93:78:bb:fa:f3:14:33:8c:07:72: c6:58:bd:74:8a:c7:e5:51:69:ae:2f:e3:1f:1b:b7:bb:5c:5d: bb:20:6e:31:d0:c8:02:1d:20:6d:06:cd:19:14:6f:90:64:52: b0:31:e7:7d:30:7e:7a:49:80:ad:1e:ba:52:76:1d:5a:b2:fc: 01:83:f2:b8:77:85:30:d2:67:dc:e4:f3:22:1c:ec:fc:00:b1: a7:d9:a8:af:28:fa:5e:64:93:62:d1:6a:8d:2f:95:6a:ed:4e: 2e:2c:d8:2e:13:d4:e2:dd:99:24:5c:ff:9a:d4:af:00:b0:38: ac:a8:00:b7:49:cf:45:fc:a8:e4:63:20:76:30:da:5a:24:76: 57:6a:09:9f:9c:aa:ea:2e:85:2c:bd:76:1d:5e:84:33:13:6d: 3e:30:7e:3b:e9:db:95:51:d4:64:7d:2e:0f:25:b3:de:a3:d9: 89:6e:1c:91:f4:8f:17:38:f3:ff:6a:ce:77:88:d6:05:80:19: b6:88:44:b2:24:69:c9:89:83:48:86:57:b0:2a:b8:cd:6f:55: 23:9b:3e:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskdkKJAZ8G4xhRM2yTd7J0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz NWJkNTAwHhcNMjUxMjE2MDAwMTI4WhcNMjUxMjE3MDAwMTI4WjAzMTEwLwYDVQQD Eyg5OGJjOTI3ZTdhOTU0MWNlYWI0ZWQ5OGJiNDcxZjM4MDI4Njk2Yzc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1KA9OW8OFzn3tNRgiz9oUGC+V8B mQGsInVS9l+d3YaTJZQ4gEIejJQPUiLU/qWvj1rjuqPma6syK3GkHg0o/A5SYPJp z/y5OvVlA9FcFdH0nSGCHBRHasXVWJLqfQsh83BHg8DvlZcQ6EaXBRkGP2Wv6Nrx A4mSA88/dmpURKmLstzoZgk+K4DywL0OkAp23Fc6PtexSQitU0OebPNr1zTkwCTC tcvva6AklkW7hofdQjFFdXzERrDnF7vmGo/RLPBogtFHvzmRu/eCBz/BjlqGQAz4 BsKRg3Wo1R8Lpp8usYRZqkmaINjHyrw1YOUQvFtFA5hzVJuJMdqxknl1eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJi8kn56lUHOq07Zi7Rx84AoaWx2MB8GA1UdIwQY MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt OTYyNzU4YTNkNWVhLzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArv69Hq8W 1vT1L7pZI8BVlodahsjR5kjgAjAtXaA+VIZGXWVrM4e8YHTeWaGTeLv68xQzjAdy xli9dIrH5VFpri/jHxu3u1xduyBuMdDIAh0gbQbNGRRvkGRSsDHnfTB+ekmArR66 UnYdWrL8AYPyuHeFMNJn3OTzIhzs/ACxp9moryj6XmSTYtFqjS+Vau1OLizYLhPU 4t2ZJFz/mtSvALA4rKgAt0nPRfyo5GMgdjDaWiR2V2oJn5yq6i6FLL12HV6EMxNt PjB+O+nblVHUZH0uDyWz3qPZiW4ckfSPFzjz/2rOd4jWBYAZtohEsiRpyYmDSIZX sCq4zW9VI5s+YA== -----END CERTIFICATE-----Generated at Tue Dec 16 04:35:01 2025 by rpki-client