This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft File: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft (raw, json) Hash identifier: kcOCkv4k1PTbjk7iJSexgDOhCklUGYu41mZg9odsNJU= Subject key identifier: AE:5C:CF:1D:40:8A:2E:E9:30:66:08:6F:A9:C4:F2:82:9C:8B:29:65 Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f Certificate serial: 019AF68AB4E8C1DCDA8C293B0702E76A5A30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft Manifest number: 09EF Signing time: Sun 07 Dec 2025 02:01:16 +0000 Manifest this update: Sun 07 Dec 2025 02:01:16 +0000 Manifest next update: Mon 08 Dec 2025 02:01:16 +0000 Files and hashes: 1: If5j4KjsWFg3kwDUxrHpbFCCjpg.roa (hash: iGbVOgQjxfoZ4tZTHfIMlZvCv27war8Yd/ywUcGl39o=) 2: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl (hash: KRqPteQfKtkH1ZHTokNXYKJVX6QDMQBaMrBmkNVtM04=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:8a:b4:e8:c1:dc:da:8c:29:3b:07:02:e7:6a:5a:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f Validity Not Before: Dec 7 02:01:16 2025 GMT Not After : Dec 8 02:01:16 2025 GMT Subject: CN=ae5ccf1d408a2ee93066086fa9c4f2829c8b2965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ac:ae:c3:61:4b:84:72:24:6a:7c:a5:f3:16: a8:1d:0d:73:32:b6:40:24:c4:0f:b8:e8:24:31:df: 07:e4:1e:5a:8e:0b:bc:ac:31:d1:67:ae:cf:28:e8: 07:dd:ad:ed:25:9a:3c:b1:4a:81:47:a7:20:4d:e3: 8b:e5:2d:24:f3:ff:47:b4:70:58:fa:ca:06:32:e9: f5:27:73:f0:9b:ff:e2:b8:e7:82:b7:ce:dc:12:04: b5:d2:f4:2f:3a:87:d9:db:c8:20:ab:53:09:4f:4e: c2:26:25:21:86:e9:e4:fc:1f:99:ea:f4:98:86:b0: 71:76:f7:f5:6d:a9:dd:92:56:bb:6e:05:0a:19:4a: 2b:f3:8a:2c:4c:7d:b9:30:88:c5:50:20:19:a3:93: 44:97:8e:7c:1e:7c:70:dd:f9:5c:6d:80:43:50:4c: 28:a2:55:f0:e5:ef:49:da:28:03:71:b3:9d:ef:aa: 00:c2:83:b3:72:08:eb:f0:f0:6d:28:d3:0c:55:9d: 4b:11:5b:34:0e:0c:b1:7c:9d:b7:5f:e1:d6:96:f2: 1f:46:c5:af:f2:25:b0:82:f8:b4:a3:97:57:2d:c6: 40:cb:99:ca:e9:51:f3:58:02:9f:63:e1:bc:a1:b5: 2c:a3:c0:51:db:07:d7:7c:7b:5d:3b:4e:a0:17:89: ce:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:5C:CF:1D:40:8A:2E:E9:30:66:08:6F:A9:C4:F2:82:9C:8B:29:65 X509v3 Authority Key Identifier: keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:6f:7b:b1:51:5d:71:da:22:e6:10:f9:1d:92:47:de:e4:4e: e3:f2:f1:60:75:9f:7c:b1:2a:fa:b6:da:c2:ae:c2:fc:c8:01: 45:33:52:12:2c:4a:76:45:27:62:8f:49:31:03:d7:48:2d:60: 0c:73:c0:bc:5b:28:b1:9e:30:64:96:2a:a8:46:be:22:85:d1: 9f:ac:e4:b9:9b:0f:f3:a3:09:49:71:ba:4b:50:39:39:37:e0: 5e:0d:8f:5d:15:52:a3:47:ad:5e:a1:41:80:67:75:f8:66:88: 31:d3:fb:cd:70:f6:b0:11:71:95:55:b8:f9:0a:76:4b:00:05: bc:65:cc:cf:97:55:a0:c8:be:ac:0e:6a:83:c0:df:10:03:a8: f2:b7:be:4d:35:39:38:16:fd:e3:0d:14:37:a7:9f:6d:96:6c: 64:73:e4:94:7f:f2:41:c5:73:f5:bc:21:9c:b3:e9:f4:84:1b: 64:d4:b6:1a:f0:8d:58:3f:6b:8d:79:9b:51:b1:51:cd:82:fb: df:c9:cb:6f:2a:7d:e0:4a:e9:00:dd:83:8c:b7:e5:89:a9:c2: 9c:23:42:c6:46:90:fe:c3:4b:bb:6d:a9:60:52:59:c1:cc:c7: 0a:28:7e:9d:6c:93:9f:7a:84:63:e2:6f:b2:ae:a3:e0:c9:bd: e7:53:81:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2irTowdzajCk7BwLnalowMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2 NjFhNWYwHhcNMjUxMjA3MDIwMTE2WhcNMjUxMjA4MDIwMTE2WjAzMTEwLwYDVQQD EyhhZTVjY2YxZDQwOGEyZWU5MzA2NjA4NmZhOWM0ZjI4MjljOGIyOTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6yuw2FLhHIkanyl8xaoHQ1zMrZA JMQPuOgkMd8H5B5ajgu8rDHRZ67PKOgH3a3tJZo8sUqBR6cgTeOL5S0k8/9HtHBY +soGMun1J3Pwm//iuOeCt87cEgS10vQvOofZ28ggq1MJT07CJiUhhunk/B+Z6vSY hrBxdvf1bandkla7bgUKGUor84osTH25MIjFUCAZo5NEl458Hnxw3flcbYBDUEwo olXw5e9J2igDcbOd76oAwoOzcgjr8PBtKNMMVZ1LEVs0DgyxfJ23X+HWlvIfRsWv 8iWwgvi0o5dXLcZAy5nK6VHzWAKfY+G8obUso8BR2wfXfHtdO06gF4nORwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK5czx1Aii7pMGYIb6nE8oKciyllMB8GA1UdIwQY MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt YTdkOTQ1YWYxNGU1LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1 LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIG97sVFd cdoi5hD5HZJH3uRO4/LxYHWffLEq+rbawq7C/MgBRTNSEixKdkUnYo9JMQPXSC1g DHPAvFsosZ4wZJYqqEa+IoXRn6zkuZsP86MJSXG6S1A5OTfgXg2PXRVSo0etXqFB gGd1+GaIMdP7zXD2sBFxlVW4+Qp2SwAFvGXMz5dVoMi+rA5qg8DfEAOo8re+TTU5 OBb94w0UN6efbZZsZHPklH/yQcVz9bwhnLPp9IQbZNS2GvCNWD9rjXmbUbFRzYL7 38nLbyp94ErpAN2DjLflianCnCNCxkaQ/sNLu22pYFJZwczHCih+nWyTn3qEY+Jv sq6j4Mm951OBqg== -----END CERTIFICATE-----Generated at Sun Dec 7 03:56:35 2025 by rpki-client