This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft File: upfBVFbrYAQD7PuxbCDggWCUT48.mft (raw, json) Hash identifier: yPKQIH7VZfnonLf9pTrG9qmeLGmfdSfxN6eWl98KUnA= Subject key identifier: 22:60:6F:DD:80:15:16:B5:1E:FE:BD:36:BF:5F:5D:4F:C9:64:BB:FB Authority key identifier: BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F Certificate issuer: /CN=ba97c15456eb600403ecfbb16c20e08160944f8f Certificate serial: 019AF3522A3F9DA3F3E6C82814A4C32B6B71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft Manifest number: 13EB Signing time: Sat 06 Dec 2025 11:00:39 +0000 Manifest this update: Sat 06 Dec 2025 11:00:39 +0000 Manifest next update: Sun 07 Dec 2025 11:00:39 +0000 Files and hashes: 1: SIndVbkKUXy4BUQozeoniwpZDAY.roa (hash: w+S8wcJNHWfC84514ZDYZ2EFFwmdH9ulSWKDE7QHbmQ=) 2: upfBVFbrYAQD7PuxbCDggWCUT48.crl (hash: P4jB9nVdAD0RV+FG6CbVPGQHqbTgS4AzmAQ4RGq46ug=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:2a:3f:9d:a3:f3:e6:c8:28:14:a4:c3:2b:6b:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba97c15456eb600403ecfbb16c20e08160944f8f Validity Not Before: Dec 6 11:00:39 2025 GMT Not After : Dec 7 11:00:39 2025 GMT Subject: CN=22606fdd801516b51efebd36bf5f5d4fc964bbfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9a:05:a4:b7:04:03:bb:77:7c:87:0b:87:4e: 6e:29:68:fa:93:22:ad:40:94:27:35:98:4e:9c:60: 93:eb:e3:e0:8b:66:6c:4b:0e:39:f3:55:05:26:cf: e7:f2:3a:54:03:62:c5:8e:4b:95:ba:3f:ef:1e:f1: dc:a0:1f:fb:24:6d:05:b4:1c:4a:e4:33:ec:5d:99: b8:5a:54:e0:ee:0f:d7:37:99:96:5d:ac:10:15:88: 46:d0:56:3e:b7:9c:14:63:8f:ed:02:3c:04:ab:f5: 1a:45:88:bb:71:04:c3:8b:8b:f1:8f:fd:59:9c:29: ab:6c:52:40:c3:da:5b:00:74:8a:f5:c2:f8:9b:68: 9f:ad:82:de:3d:cc:fa:9f:63:a6:0a:b1:b8:f3:8b: 0d:50:9a:3a:b2:29:db:bd:40:df:b2:e6:01:30:49: 8d:9a:54:d6:1a:a1:93:f2:09:3c:ce:b7:6c:85:09: 6f:bd:cf:1b:55:13:cb:28:f2:da:70:65:88:e7:41: 36:0b:ca:56:1a:78:cd:25:60:63:4d:4d:a1:2a:e4: 8e:c4:de:ac:e3:42:ca:51:a6:80:23:f6:c3:5a:ff: 2c:93:6b:90:b6:8b:3b:99:3b:75:7d:42:28:9d:4c: 16:f8:72:3b:33:e5:ec:fc:25:41:da:99:a3:40:9b: 2f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:60:6F:DD:80:15:16:B5:1E:FE:BD:36:BF:5F:5D:4F:C9:64:BB:FB X509v3 Authority Key Identifier: keyid:BA:97:C1:54:56:EB:60:04:03:EC:FB:B1:6C:20:E0:81:60:94:4F:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upfBVFbrYAQD7PuxbCDggWCUT48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c46d1e-987d-4f65-b11b-2e2cd6435106/1/upfBVFbrYAQD7PuxbCDggWCUT48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:78:51:7f:97:0d:93:19:24:62:85:7e:5d:22:c9:57:77:03: 0a:dd:80:e5:48:a1:4f:60:84:df:56:ec:55:3e:74:37:07:89: fd:02:4d:de:1c:a3:6c:c8:17:2a:60:66:ef:94:eb:48:54:dd: 0f:6b:3c:33:af:9b:bc:3d:9f:f7:b2:1a:82:07:ee:ee:7e:f9: 91:ba:f9:d6:15:ee:36:43:b4:a8:52:2f:a0:82:5e:ec:04:28: 86:c0:07:84:ab:a2:c5:02:cf:06:e0:d3:51:26:f4:aa:6a:d3: d0:f3:3b:05:5f:ec:36:2a:b1:c8:e3:b0:48:4a:fd:f4:c8:77: 21:f7:23:7c:e1:ee:a8:be:81:4d:57:e3:a8:1a:a5:8c:bf:10: a0:83:0a:54:b1:dc:28:5c:95:1d:68:2c:3c:79:cd:7f:65:47: 08:1c:2b:2a:10:6d:75:d0:a5:72:4c:7f:86:04:14:0c:44:0d: 1c:96:ad:43:19:c6:df:45:d9:a5:0e:69:d3:d3:f1:38:d8:25: 6e:01:33:d1:35:1f:7e:5d:7b:01:0f:16:f7:67:f6:dd:c9:d0: b2:68:ee:2c:8b:9d:eb:16:ea:ad:25:1e:70:18:54:6b:40:7f: b8:7f:12:c7:c1:d9:2f:67:61:bc:cf:91:a2:ff:ad:55:9e:6a: 39:e8:17:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUio/naPz5sgoFKTDK2txMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOTdjMTU0NTZlYjYwMDQwM2VjZmJiMTZjMjBlMDgxNjA5 NDRmOGYwHhcNMjUxMjA2MTEwMDM5WhcNMjUxMjA3MTEwMDM5WjAzMTEwLwYDVQQD EygyMjYwNmZkZDgwMTUxNmI1MWVmZWJkMzZiZjVmNWQ0ZmM5NjRiYmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5oFpLcEA7t3fIcLh05uKWj6kyKt QJQnNZhOnGCT6+Pgi2ZsSw4581UFJs/n8jpUA2LFjkuVuj/vHvHcoB/7JG0FtBxK 5DPsXZm4WlTg7g/XN5mWXawQFYhG0FY+t5wUY4/tAjwEq/UaRYi7cQTDi4vxj/1Z nCmrbFJAw9pbAHSK9cL4m2ifrYLePcz6n2OmCrG484sNUJo6sinbvUDfsuYBMEmN mlTWGqGT8gk8zrdshQlvvc8bVRPLKPLacGWI50E2C8pWGnjNJWBjTU2hKuSOxN6s 40LKUaaAI/bDWv8sk2uQtos7mTt1fUIonUwW+HI7M+Xs/CVB2pmjQJsvgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCJgb92AFRa1Hv69Nr9fXU/JZLv7MB8GA1UdIwQY MBaAFLqXwVRW62AEA+z7sWwg4IFglE+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWIt MmUyY2Q2NDM1MTA2LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9jNDZkMWUtOTg3ZC00ZjY1LWIxMWItMmUyY2Q2NDM1MTA2 LzEvdXBmQlZGYnJZQVFEN1B1eGJDRGdnV0NVVDQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnhRf5cN kxkkYoV+XSLJV3cDCt2A5UihT2CE31bsVT50NweJ/QJN3hyjbMgXKmBm75TrSFTd D2s8M6+bvD2f97Iaggfu7n75kbr51hXuNkO0qFIvoIJe7AQohsAHhKuixQLPBuDT USb0qmrT0PM7BV/sNiqxyOOwSEr99Mh3IfcjfOHuqL6BTVfjqBqljL8QoIMKVLHc KFyVHWgsPHnNf2VHCBwrKhBtddClckx/hgQUDEQNHJatQxnG30XZpQ5p09PxONgl bgEz0TUffl17AQ8W92f23cnQsmjuLIud6xbqrSUecBhUa0B/uH8Sx8HZL2dhvM+R ov+tVZ5qOegXXQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:58:03 2025 by rpki-client