This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft File: UFzWGp9t6drMDTySFwbffVCvvW8.mft (raw, json) Hash identifier: DJ7Hv56SZA1EghbbYQUu/sQ5Tw34HRQB5rxN+N0u6Uo= Subject key identifier: 62:C9:55:02:AC:0A:CF:18:74:AF:3B:28:0C:D5:13:B2:40:FE:F2:F1 Authority key identifier: 50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F Certificate issuer: /CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f Certificate serial: 019AF1D235FF94F074591C40A28F562E4602 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft Manifest number: 0DB5 Signing time: Sat 06 Dec 2025 04:01:16 +0000 Manifest this update: Sat 06 Dec 2025 04:01:16 +0000 Manifest next update: Sun 07 Dec 2025 04:01:16 +0000 Files and hashes: 1: 02fZd277xqKcuTMYmhFfbwx9HwA.roa (hash: bemKy7xu5/Ii5zazW11+IHavu8JMVH9QIzpKn7l6Pf4=) 2: UFzWGp9t6drMDTySFwbffVCvvW8.crl (hash: ESQ37K07/eBfrTFqYJ1fmudbnWrvFhETa9tsxxDYZxs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:35:ff:94:f0:74:59:1c:40:a2:8f:56:2e:46:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=505cd61a9f6de9dacc0d3c921706df7d50afbd6f Validity Not Before: Dec 6 04:01:16 2025 GMT Not After : Dec 7 04:01:16 2025 GMT Subject: CN=62c95502ac0acf1874af3b280cd513b240fef2f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:cf:23:27:5c:8e:50:be:d0:2c:47:48:27:0e: 22:7f:6d:fc:98:65:97:23:cd:8c:c9:c6:70:f7:c2: c0:c4:1c:8a:27:43:b2:7b:3d:e5:5e:5c:ef:d3:8f: 30:fc:60:bc:15:72:b5:9f:e6:4e:4f:87:b2:5c:53: 45:a2:07:42:9b:3b:ef:7c:dd:0a:a2:bd:81:21:66: 34:48:26:ff:b4:14:68:a7:09:ab:20:90:f1:5d:0c: 66:d2:35:25:f9:74:fe:4f:13:72:3e:cc:70:36:fb: bf:ee:9c:55:ba:b2:9d:26:60:28:ab:c0:aa:f0:0a: ab:21:3a:ce:c0:2b:3e:ea:70:0b:eb:ff:54:e9:ae: b5:d8:21:77:ef:cc:b4:2a:61:62:1a:e8:03:5c:5a: d3:94:82:1e:87:a9:f7:7a:42:22:94:61:ec:98:04: b9:b3:3c:49:2c:5f:45:b1:d3:4f:8c:d0:91:04:9a: c1:bc:7a:cb:15:a9:8a:11:99:4a:9e:2c:e6:a5:8d: 70:5a:a2:71:52:2c:be:f4:8f:ca:8e:42:ee:18:c7: 7d:23:5b:19:f2:8f:69:ac:14:98:bd:44:ce:5e:7c: 7b:45:45:71:e0:2a:a3:3c:29:bb:ee:f5:8a:b0:93: 78:3a:45:4d:7d:1e:a6:92:2b:f9:7a:18:30:09:b0: 0c:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:C9:55:02:AC:0A:CF:18:74:AF:3B:28:0C:D5:13:B2:40:FE:F2:F1 X509v3 Authority Key Identifier: keyid:50:5C:D6:1A:9F:6D:E9:DA:CC:0D:3C:92:17:06:DF:7D:50:AF:BD:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFzWGp9t6drMDTySFwbffVCvvW8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a3735a-eccc-41d7-b723-e01237b5fc10/1/UFzWGp9t6drMDTySFwbffVCvvW8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:07:56:29:6e:69:0d:e5:b2:f8:a5:5b:ba:41:10:b2:a3:81: eb:b8:9d:f8:94:0f:79:81:9b:51:1e:11:43:b1:73:05:2a:a4: 45:34:db:df:b6:08:a6:83:95:ea:a2:0c:91:fb:51:4b:b5:52: b0:94:67:bd:b8:2f:88:20:ae:67:48:ed:ff:23:4a:65:35:02: 43:93:a2:58:df:dc:c4:0c:7b:8f:98:22:9b:1f:f9:f3:5c:95: 96:b2:0e:d3:85:cf:a0:8d:d6:8f:89:f4:5e:a4:23:c6:a1:e7: dd:67:69:08:3e:2d:8f:2f:d8:15:ff:8a:71:7a:e4:23:23:35: 67:23:cd:1c:eb:cd:e8:ec:9b:f2:f8:e3:26:fd:9f:5e:21:28: 38:40:c1:46:3b:89:46:61:81:c8:36:05:2d:8e:58:ce:57:4d: 33:5f:2b:7e:44:0c:ab:44:e6:72:c0:35:48:0c:f4:79:58:d8: 57:fb:75:81:76:68:23:ec:18:9e:2a:7f:20:77:af:54:d3:0c: 74:ff:fc:8e:42:46:6a:de:95:27:b7:15:66:5b:28:b0:c9:0e: d2:04:af:18:f6:1b:2c:03:25:7a:48:4e:64:dc:b5:bd:95:e8: 04:7f:e5:ca:e4:ad:b8:90:f5:3b:93:5a:c1:2f:fb:4e:95:ce: 30:01:0f:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jX/lPB0WRxAoo9WLkYCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwNWNkNjFhOWY2ZGU5ZGFjYzBkM2M5MjE3MDZkZjdkNTBh ZmJkNmYwHhcNMjUxMjA2MDQwMTE2WhcNMjUxMjA3MDQwMTE2WjAzMTEwLwYDVQQD Eyg2MmM5NTUwMmFjMGFjZjE4NzRhZjNiMjgwY2Q1MTNiMjQwZmVmMmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt88jJ1yOUL7QLEdIJw4if238mGWX I82MycZw98LAxByKJ0Oyez3lXlzv048w/GC8FXK1n+ZOT4eyXFNFogdCmzvvfN0K or2BIWY0SCb/tBRopwmrIJDxXQxm0jUl+XT+TxNyPsxwNvu/7pxVurKdJmAoq8Cq 8AqrITrOwCs+6nAL6/9U6a612CF378y0KmFiGugDXFrTlIIeh6n3ekIilGHsmAS5 szxJLF9FsdNPjNCRBJrBvHrLFamKEZlKnizmpY1wWqJxUiy+9I/KjkLuGMd9I1sZ 8o9prBSYvUTOXnx7RUVx4CqjPCm77vWKsJN4OkVNfR6mkiv5ehgwCbAMXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGLJVQKsCs8YdK87KAzVE7JA/vLxMB8GA1UdIwQY MBaAFFBc1hqfbenazA08khcG331Qr71vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMt ZTAxMjM3YjVmYzEwLzEvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi9hMzczNWEtZWNjYy00MWQ3LWI3MjMtZTAxMjM3YjVmYzEw LzEvVUZ6V0dwOXQ2ZHJNRFR5U0Z3YmZmVkN2dlc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJQdWKW5p DeWy+KVbukEQsqOB67id+JQPeYGbUR4RQ7FzBSqkRTTb37YIpoOV6qIMkftRS7VS sJRnvbgviCCuZ0jt/yNKZTUCQ5OiWN/cxAx7j5gimx/581yVlrIO04XPoI3Wj4n0 XqQjxqHn3WdpCD4tjy/YFf+KcXrkIyM1ZyPNHOvN6Oyb8vjjJv2fXiEoOEDBRjuJ RmGByDYFLY5YzldNM18rfkQMq0TmcsA1SAz0eVjYV/t1gXZoI+wYnip/IHevVNMM dP/8jkJGat6VJ7cVZlsosMkO0gSvGPYbLAMlekhOZNy1vZXoBH/lyuStuJD1O5Na wS/7TpXOMAEPHw== -----END CERTIFICATE-----Generated at Sat Dec 6 15:02:13 2025 by rpki-client