This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft File: U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft (raw, json) Hash identifier: e831fblxUMqk71M5i+oA+VsI9NC68uE6IvalRdG/ezU= Subject key identifier: 7A:78:05:7E:3B:5B:7E:EF:CE:DC:66:68:AB:D0:D7:3E:E4:79:B0:8E Authority key identifier: 53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB Certificate issuer: /CN=53f66601b7ceac08c1820784064e571db9887beb Certificate serial: 019AF209A317203FDB29198A9857910922E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft Manifest number: 8A Signing time: Sat 06 Dec 2025 05:01:49 +0000 Manifest this update: Sat 06 Dec 2025 05:01:49 +0000 Manifest next update: Sun 07 Dec 2025 05:01:49 +0000 Files and hashes: 1: U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl (hash: 0q73iVDQuSG4vWzn1JwYj0BiflTEqdy3zDS8u6/Quyk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:a3:17:20:3f:db:29:19:8a:98:57:91:09:22:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53f66601b7ceac08c1820784064e571db9887beb Validity Not Before: Dec 6 05:01:49 2025 GMT Not After : Dec 7 05:01:49 2025 GMT Subject: CN=7a78057e3b5b7eefcedc6668abd0d73ee479b08e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3f:92:a5:dd:a4:d5:67:e2:08:8b:23:2b:d9: 95:94:46:e4:4c:e5:83:4a:93:47:0a:39:6d:b2:2d: c8:21:8d:31:c6:2a:27:8a:03:70:dc:f2:3e:73:a4: 9c:6b:bd:6a:4e:9c:86:6e:9a:80:82:eb:0b:44:2d: b5:41:69:2a:98:f6:91:8a:9c:7a:0b:32:54:4d:12: ca:ca:d5:17:8f:57:81:45:01:90:5c:99:12:60:6b: 73:d1:f0:b6:9b:99:ed:06:de:e1:22:d7:ff:87:db: f2:b1:fa:06:84:03:89:e7:22:d7:76:f9:70:68:09: b4:e6:fd:7c:de:54:56:c9:59:30:14:5e:27:c8:99: 75:d4:e3:93:d9:ed:07:7d:32:da:99:bd:be:0c:53: c1:ef:1d:94:69:e9:f3:f1:97:cc:c7:5b:7e:89:96: 92:39:22:ec:a1:de:b6:64:9a:32:67:6d:71:4a:85: 4e:3f:5d:1d:ef:33:36:59:bd:b7:7e:2f:26:c5:ce: 29:01:0b:bd:dc:f2:87:5b:e7:48:4f:34:b3:e1:68: 5d:0e:dd:c9:26:7e:3f:c8:e7:39:ae:ee:21:48:47: ff:b0:21:5a:86:66:c5:81:94:2c:ca:2d:d0:28:06: b2:15:31:82:4c:e4:e4:e3:5b:73:20:db:63:28:5e: 3d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:78:05:7E:3B:5B:7E:EF:CE:DC:66:68:AB:D0:D7:3E:E4:79:B0:8E X509v3 Authority Key Identifier: keyid:53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:ed:ca:74:5c:f1:8d:14:31:2a:90:e0:87:b2:3a:f2:25:a3: df:b3:d3:99:48:3f:3a:31:1d:96:43:ce:8b:a1:15:b8:ca:74: cc:b4:14:ac:7f:b4:e2:a3:c9:08:50:06:c7:17:38:c6:0e:42: 4c:14:87:85:c7:af:52:4a:8c:ac:54:de:2c:e7:5e:27:70:08: 89:3a:4d:8c:71:09:74:4a:96:12:05:4c:58:7f:a9:75:73:f8: 59:11:b0:03:c2:38:f4:cf:65:fc:ad:45:35:67:01:e7:cc:5b: ed:5d:34:4a:3e:4c:8d:e4:27:15:2a:aa:e1:2b:39:f2:b6:c1: 7b:69:00:f3:1a:79:2a:00:e3:93:39:83:6d:45:60:d6:53:be: cc:03:92:3c:fb:d1:3d:a0:c9:ea:07:eb:37:cd:cc:65:1a:88: c6:4b:02:41:62:79:25:7a:6e:ea:f0:65:ad:4f:73:76:05:c3: 3e:4c:0f:c4:a0:22:9d:a9:94:34:b8:6c:f6:03:f5:3d:00:3c: 27:f5:5f:fc:b2:ac:31:cb:ea:48:e9:5d:26:61:9a:ff:72:6a: fd:59:c0:9f:45:99:cd:9a:01:ba:e9:c2:1d:7d:e0:14:f2:aa: 1b:7d:0e:c9:06:66:c1:51:3f:20:c6:fd:5b:f4:83:41:33:99: f1:e9:81:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCaMXID/bKRmKmFeRCSLiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZjY2NjAxYjdjZWFjMDhjMTgyMDc4NDA2NGU1NzFkYjk4 ODdiZWIwHhcNMjUxMjA2MDUwMTQ5WhcNMjUxMjA3MDUwMTQ5WjAzMTEwLwYDVQQD Eyg3YTc4MDU3ZTNiNWI3ZWVmY2VkYzY2NjhhYmQwZDczZWU0NzliMDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD+Spd2k1WfiCIsjK9mVlEbkTOWD SpNHCjltsi3IIY0xxionigNw3PI+c6Sca71qTpyGbpqAgusLRC21QWkqmPaRipx6 CzJUTRLKytUXj1eBRQGQXJkSYGtz0fC2m5ntBt7hItf/h9vysfoGhAOJ5yLXdvlw aAm05v183lRWyVkwFF4nyJl11OOT2e0HfTLamb2+DFPB7x2Uaenz8ZfMx1t+iZaS OSLsod62ZJoyZ21xSoVOP10d7zM2Wb23fi8mxc4pAQu93PKHW+dITzSz4WhdDt3J Jn4/yOc5ru4hSEf/sCFahmbFgZQsyi3QKAayFTGCTOTk41tzINtjKF49tQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHp4BX47W37vztxmaKvQ1z7kebCOMB8GA1UdIwQY MBaAFFP2ZgG3zqwIwYIHhAZOVx25iHvrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEt YWQwYjVkY2YzMzAzLzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEtYWQwYjVkY2YzMzAz LzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAau3KdFzx jRQxKpDgh7I68iWj37PTmUg/OjEdlkPOi6EVuMp0zLQUrH+04qPJCFAGxxc4xg5C TBSHhcevUkqMrFTeLOdeJ3AIiTpNjHEJdEqWEgVMWH+pdXP4WRGwA8I49M9l/K1F NWcB58xb7V00Sj5MjeQnFSqq4Ss58rbBe2kA8xp5KgDjkzmDbUVg1lO+zAOSPPvR PaDJ6gfrN83MZRqIxksCQWJ5JXpu6vBlrU9zdgXDPkwPxKAinamUNLhs9gP1PQA8 J/Vf/LKsMcvqSOldJmGa/3Jq/VnAn0WZzZoBuunCHX3gFPKqG30OyQZmwVE/IMb9 W/SDQTOZ8emBWg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:18:18 2025 by rpki-client