This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft File: uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json) Hash identifier: 12xb0XieLJFGwusyD3q/IjtBLCMIA3kUvsv1nhqjheQ= Subject key identifier: 90:80:88:32:AE:34:85:BA:91:2C:59:37:CD:F7:46:D3:53:D0:B6:7C Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB Certificate issuer: /CN=b94f30a07694a21139648725a26eb34ce4a16bab Certificate serial: 019AFB7A1A1C7C27A39D42EED8A4C3ACDC34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft Manifest number: 03FA Signing time: Mon 08 Dec 2025 01:01:14 +0000 Manifest this update: Mon 08 Dec 2025 01:01:14 +0000 Manifest next update: Tue 09 Dec 2025 01:01:14 +0000 Files and hashes: 1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: T4seuOcRZNocxS3bW/YFn0xP+I9MHgTK/260qVI4ATY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 01:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:7a:1a:1c:7c:27:a3:9d:42:ee:d8:a4:c3:ac:dc:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab Validity Not Before: Dec 8 01:01:14 2025 GMT Not After : Dec 9 01:01:14 2025 GMT Subject: CN=90808832ae3485ba912c5937cdf746d353d0b67c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:2d:1d:a2:0b:42:8b:09:08:2a:64:7b:04:da: 6d:80:4a:66:2c:be:49:98:6b:d4:16:20:8f:75:c9: 43:bf:37:ed:cd:03:83:64:22:cc:b6:3d:1a:e4:13: 56:4d:3a:81:e3:b8:93:e7:3c:2a:e8:91:9c:50:21: 4c:e3:d2:9d:4f:a4:1d:7f:6a:51:77:18:d6:f4:a8: cd:c2:eb:71:34:94:32:13:44:bf:6b:d0:56:54:0b: 83:ce:97:63:60:71:dc:de:b3:69:2e:bf:6d:61:40: 69:94:d8:ca:be:66:c6:34:45:4e:d1:bd:36:a7:f1: 5a:7f:ff:3c:ec:9f:76:74:db:65:0a:ed:3d:a1:eb: 2c:3f:b2:cb:fa:58:22:e4:11:c4:89:ff:d1:27:fb: da:ad:bf:84:13:a4:49:e3:51:b8:66:3a:54:05:01: c2:78:37:fc:46:d4:50:ab:08:2e:e0:d4:7b:65:bc: d2:15:8b:2d:42:08:90:5f:8d:3b:46:b1:1c:f4:5e: c8:2b:91:f5:64:85:e3:f4:1e:e0:10:a8:6b:ee:c1: 46:36:1b:2f:ed:3c:86:ad:85:7b:cb:82:38:47:32: cd:f2:43:54:fe:1a:9e:66:4f:4d:02:6a:bb:7d:42: e8:e6:4d:4e:a8:7c:d3:d9:8d:b1:87:f3:ce:b2:68: ef:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:80:88:32:AE:34:85:BA:91:2C:59:37:CD:F7:46:D3:53:D0:B6:7C X509v3 Authority Key Identifier: keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:1e:3a:ea:a8:05:aa:14:33:c1:c6:07:4e:dc:49:67:1e:2c: 4a:01:4d:2d:cb:ff:d7:43:a8:d9:e5:50:bf:70:8a:d7:bd:38: 87:8f:81:a6:97:d9:e9:ef:af:0c:48:30:0b:5a:34:a7:47:ee: b8:a5:ce:f9:eb:ed:f5:1e:fc:6c:a6:ef:8d:8f:e4:04:ca:0f: f5:d8:25:f3:51:a4:b0:3f:49:b8:a3:0e:ec:b4:e2:d9:d9:b4: a5:ed:8c:48:42:c7:b4:8d:a8:fe:cb:f1:54:92:38:ce:de:28: e3:fd:7e:ed:1d:0a:d8:be:f5:37:92:6f:19:d4:05:65:cd:f0: e8:1a:70:97:42:0a:3d:eb:81:d0:a1:4e:90:b7:1f:ff:e0:ed: 1e:23:5b:65:ac:ed:40:32:c9:94:10:64:17:9e:18:f6:8d:80: 87:fb:47:2d:fe:89:f9:77:67:07:da:13:e5:f7:9a:92:59:76: 09:1c:fa:63:77:8c:23:36:4c:48:f9:64:f0:8a:ff:4c:69:e6: ee:52:a9:c0:31:34:e9:1f:2a:93:a5:75:e2:1f:c6:6f:03:0f: 41:70:8b:11:ed:c3:14:c6:19:ef:fe:1a:96:b6:2a:ee:eb:6e: 28:a7:7a:89:7a:84:95:8c:9f:3d:74:eb:37:27:e1:3f:97:f2: 60:fb:0c:bc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr7ehocfCejnULu2KTDrNw0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh MTZiYWIwHhcNMjUxMjA4MDEwMTE0WhcNMjUxMjA5MDEwMTE0WjAzMTEwLwYDVQQD Eyg5MDgwODgzMmFlMzQ4NWJhOTEyYzU5MzdjZGY3NDZkMzUzZDBiNjdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli0dogtCiwkIKmR7BNptgEpmLL5J mGvUFiCPdclDvzftzQODZCLMtj0a5BNWTTqB47iT5zwq6JGcUCFM49KdT6Qdf2pR dxjW9KjNwutxNJQyE0S/a9BWVAuDzpdjYHHc3rNpLr9tYUBplNjKvmbGNEVO0b02 p/Faf/887J92dNtlCu09oessP7LL+lgi5BHEif/RJ/varb+EE6RJ41G4ZjpUBQHC eDf8RtRQqwgu4NR7ZbzSFYstQgiQX407RrEc9F7IK5H1ZIXj9B7gEKhr7sFGNhsv 7TyGrYV7y4I4RzLN8kNU/hqeZk9NAmq7fULo5k1OqHzT2Y2xh/POsmjvjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJCAiDKuNIW6kSxZN833RtNT0LZ8MB8GA1UdIwQY MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQh466qgF qhQzwcYHTtxJZx4sSgFNLcv/10Oo2eVQv3CK1704h4+BppfZ6e+vDEgwC1o0p0fu uKXO+evt9R78bKbvjY/kBMoP9dgl81GksD9JuKMO7LTi2dm0pe2MSELHtI2o/svx VJI4zt4o4/1+7R0K2L71N5JvGdQFZc3w6Bpwl0IKPeuB0KFOkLcf/+DtHiNbZazt QDLJlBBkF54Y9o2Ah/tHLf6J+XdnB9oT5feakll2CRz6Y3eMIzZMSPlk8Ir/TGnm 7lKpwDE06R8qk6V14h/GbwMPQXCLEe3DFMYZ7/4alrYq7utuKKd6iXqElYyfPXTr NyfhP5fyYPsMvA== -----END CERTIFICATE-----Generated at Mon Dec 8 09:36:02 2025 by rpki-client