This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft File: upsYDHz0DC3X-keDflGa37wisD0.mft (raw, json) Hash identifier: ElVcNueZ/WvuFt2YEhMNl1Rny6aUhnv80edCmmdddKE= Subject key identifier: 48:1D:98:84:44:BE:2D:76:2E:F9:B9:03:0D:8A:B7:84:37:AE:E7:44 Authority key identifier: BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D Certificate issuer: /CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d Certificate serial: 019AF1D1A3FCD5B38C0E5D984C1498552F9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft Manifest number: CD Signing time: Sat 06 Dec 2025 04:00:39 +0000 Manifest this update: Sat 06 Dec 2025 04:00:39 +0000 Manifest next update: Sun 07 Dec 2025 04:00:39 +0000 Files and hashes: 1: upsYDHz0DC3X-keDflGa37wisD0.crl (hash: 77QbYzysPMmm4HIzGVSJvsfvq8kr3ldGJfsfYYTk9Bw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a3:fc:d5:b3:8c:0e:5d:98:4c:14:98:55:2f:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba9b180c7cf40c2dd7fa47837e519adfbc22b03d Validity Not Before: Dec 6 04:00:39 2025 GMT Not After : Dec 7 04:00:39 2025 GMT Subject: CN=481d988444be2d762ef9b9030d8ab78437aee744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:63:68:ad:f0:38:66:c4:c9:25:c7:ee:0d:8c: 14:be:92:27:90:e3:3f:f4:ec:b0:8c:1c:1e:e5:be: 40:5c:a7:49:e5:d1:0e:0a:c7:54:89:5f:7f:86:39: cc:1a:1f:14:d6:49:29:9b:03:92:61:2a:8f:cf:b0: 59:41:8d:30:15:ab:d1:79:47:80:f1:58:03:ba:0f: d8:e0:8b:02:0d:f4:f7:a0:33:78:c2:5f:f4:4c:d9: 30:29:14:19:a0:67:c0:43:d1:ce:7b:ce:6c:59:b9: 1c:5e:40:28:ae:ad:ae:08:d0:66:a0:9f:0e:49:f6: a4:40:71:4d:ca:ff:69:a2:79:10:27:91:88:5b:36: 81:c1:d4:96:a2:02:25:bd:79:a5:85:3c:50:c5:83: 83:d5:a7:b1:41:fe:63:07:f7:a8:0f:c5:83:38:04: 3d:e8:0d:8c:c6:ed:6f:a2:a7:4a:1c:04:71:65:04: bc:c6:6e:19:cf:61:77:43:ce:cf:a9:e6:39:9e:92: 4b:b2:97:46:ad:a2:18:67:14:4e:cf:e5:56:e0:16: f5:30:e8:48:9d:4c:21:eb:6a:42:e5:1b:a8:e5:ff: f1:a2:2f:07:7a:33:34:f7:aa:76:3e:0c:f1:ee:b6: 4e:1f:3d:a0:0b:98:3f:ba:fd:3d:87:97:e3:b9:6c: 48:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:1D:98:84:44:BE:2D:76:2E:F9:B9:03:0D:8A:B7:84:37:AE:E7:44 X509v3 Authority Key Identifier: keyid:BA:9B:18:0C:7C:F4:0C:2D:D7:FA:47:83:7E:51:9A:DF:BC:22:B0:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upsYDHz0DC3X-keDflGa37wisD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4512a0-73fa-4426-b5e9-74b778c0b546/1/upsYDHz0DC3X-keDflGa37wisD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:ac:99:e4:a9:f5:c0:5a:57:47:bd:54:96:4d:f6:16:d0:f9: 6c:40:77:59:3b:89:2a:17:14:ef:ab:9b:d2:e0:15:a6:1a:23: bb:3f:72:01:45:b6:7c:1f:98:49:8c:41:8a:55:45:56:9e:55: cb:25:c3:a7:15:44:7b:25:c3:2b:18:e0:11:0c:fb:e5:05:8d: c3:25:17:82:81:c8:e1:55:dc:ce:d7:fc:1d:51:23:e1:d3:0c: 80:7e:61:0d:46:9b:48:ec:d2:bf:08:f6:3b:b2:87:02:36:9b: 63:5e:55:31:17:7c:a7:f8:58:6a:81:b1:dc:13:45:dd:a8:33: b5:eb:1d:c5:5d:c8:db:ad:4a:d2:0c:f3:ab:69:b6:18:b7:f5: 3a:84:e5:d5:c2:cf:a0:1e:76:1b:84:75:14:21:bd:d6:5c:ab: 87:fc:3c:6c:13:21:b3:31:2e:59:0c:69:dc:7f:6f:dd:df:c8: 04:d5:94:14:79:c5:e4:88:16:c2:fb:09:b2:ad:2d:50:4b:65: f4:f0:8f:99:57:30:62:7b:ad:99:af:75:ea:7b:10:66:7a:ae: 3f:70:89:3c:7d:ba:60:dc:b3:a5:ef:e3:78:df:e9:86:04:e5: b7:0c:01:d3:23:c4:ba:6f:fa:0e:b8:5e:57:4a:b4:0f:50:65: 07:97:5d:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0aP81bOMDl2YTBSYVS+dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOWIxODBjN2NmNDBjMmRkN2ZhNDc4MzdlNTE5YWRmYmMy MmIwM2QwHhcNMjUxMjA2MDQwMDM5WhcNMjUxMjA3MDQwMDM5WjAzMTEwLwYDVQQD Eyg0ODFkOTg4NDQ0YmUyZDc2MmVmOWI5MDMwZDhhYjc4NDM3YWVlNzQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2NorfA4ZsTJJcfuDYwUvpInkOM/ 9OywjBwe5b5AXKdJ5dEOCsdUiV9/hjnMGh8U1kkpmwOSYSqPz7BZQY0wFavReUeA 8VgDug/Y4IsCDfT3oDN4wl/0TNkwKRQZoGfAQ9HOe85sWbkcXkAorq2uCNBmoJ8O SfakQHFNyv9ponkQJ5GIWzaBwdSWogIlvXmlhTxQxYOD1aexQf5jB/eoD8WDOAQ9 6A2Mxu1voqdKHARxZQS8xm4Zz2F3Q87PqeY5npJLspdGraIYZxROz+VW4Bb1MOhI nUwh62pC5Ruo5f/xoi8HejM096p2Pgzx7rZOHz2gC5g/uv09h5fjuWxIPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEgdmIREvi12Lvm5Aw2Kt4Q3rudEMB8GA1UdIwQY MBaAFLqbGAx89Awt1/pHg35Rmt+8IrA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTkt NzRiNzc4YzBiNTQ2LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy80NTEyYTAtNzNmYS00NDI2LWI1ZTktNzRiNzc4YzBiNTQ2 LzEvdXBzWURIejBEQzNYLWtlRGZsR2EzN3dpc0QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKyZ5Kn1 wFpXR71Ulk32FtD5bEB3WTuJKhcU76ub0uAVphojuz9yAUW2fB+YSYxBilVFVp5V yyXDpxVEeyXDKxjgEQz75QWNwyUXgoHI4VXcztf8HVEj4dMMgH5hDUabSOzSvwj2 O7KHAjabY15VMRd8p/hYaoGx3BNF3agztesdxV3I261K0gzzq2m2GLf1OoTl1cLP oB52G4R1FCG91lyrh/w8bBMhszEuWQxp3H9v3d/IBNWUFHnF5IgWwvsJsq0tUEtl 9PCPmVcwYnutma916nsQZnquP3CJPH26YNyzpe/jeN/phgTltwwB0yPEum/6Drhe V0q0D1BlB5ddWA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:19 2025 by rpki-client