This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft File: u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json) Hash identifier: tZxLXqh987vUrwJiXBI1prjgSBn1jSRduTSRd20eUGc= Subject key identifier: 96:68:72:31:BC:80:AB:B2:0E:0D:DC:89:3D:BB:3B:23:09:22:92:BE Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66 Certificate issuer: /CN=bb4585b467923736c42c7972e1042f1b2e30dc66 Certificate serial: 019AF12DE9172B4132F98EDF5A07C4B88E67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:01:49 +0000 Manifest this update: Sat 06 Dec 2025 01:01:49 +0000 Manifest next update: Sun 07 Dec 2025 01:01:49 +0000 Files and hashes: 1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: 96H1iVPJZBfFbjjBarilGatxs5pZOMheLr52KKw6JRg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:e9:17:2b:41:32:f9:8e:df:5a:07:c4:b8:8e:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66 Validity Not Before: Dec 6 01:01:49 2025 GMT Not After : Dec 7 01:01:49 2025 GMT Subject: CN=96687231bc80abb20e0ddc893dbb3b23092292be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:01:da:c0:1c:c2:c2:55:c4:64:12:94:b0:6d: 93:6d:b5:55:d6:fb:40:44:16:c9:3c:49:b9:64:aa: 66:96:d6:21:f3:77:a9:fa:f0:05:69:be:23:5a:46: 26:e9:a3:e6:2e:70:8d:b2:03:42:e5:3e:6e:89:cb: 14:6f:82:c1:af:c2:17:f5:3e:a5:e5:88:62:08:5f: 55:0e:8e:16:54:2d:fc:fe:0f:94:92:08:b8:f8:a4: ad:78:b8:a0:63:d1:4d:85:1b:ec:f7:bc:00:26:3f: ec:70:57:49:e4:34:b2:c2:50:6e:2b:26:63:74:71: 3c:08:4e:3a:c4:b4:7f:57:10:4f:12:be:56:7d:57: e0:cc:3b:24:62:1d:5b:03:6f:25:98:27:68:a7:11: be:51:b2:e0:ca:46:55:1a:cd:98:4b:b5:2e:71:58: fc:81:47:20:78:f2:e4:dd:4a:1a:28:57:b3:69:ec: 11:87:5a:2b:45:67:40:76:3b:3d:6a:d9:e1:db:e5: 51:84:40:69:61:91:71:c6:52:84:67:02:48:da:a2: a9:44:b9:9d:85:a0:bf:31:48:f2:e0:2b:67:9d:e7: df:d6:7c:49:b6:ea:06:df:c3:50:53:76:88:98:89: fb:e5:d9:a1:f4:bd:29:ed:ab:3e:e5:f5:14:eb:74: b7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:68:72:31:BC:80:AB:B2:0E:0D:DC:89:3D:BB:3B:23:09:22:92:BE X509v3 Authority Key Identifier: keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:ef:4c:d8:bb:b1:e4:23:47:5e:27:29:99:f2:e7:1a:f2:b4: 81:74:ad:d6:7a:79:aa:53:4d:9b:18:19:13:da:19:d6:7f:fb: 0e:e4:34:25:72:6f:ff:c9:bb:cd:47:51:6b:13:24:71:3a:57: a9:41:19:26:fc:97:da:a9:8c:6b:5c:22:06:ca:bc:9b:39:e6: f7:ce:46:ad:03:2d:e3:e7:da:22:85:a3:a6:4d:ad:4b:04:34: 7f:fc:eb:3b:8e:b4:40:d5:0b:40:b1:bb:74:ce:df:f5:ee:54: c0:39:5a:5e:db:81:31:af:cc:96:c1:20:96:4d:01:c9:f2:ca: e9:30:60:47:74:23:a5:e0:b2:e2:11:34:70:9a:fc:8e:47:21: 17:fe:f3:1d:70:eb:cd:37:e7:34:a2:86:c1:13:7d:59:f3:64: bb:e7:39:41:b8:2e:2c:b6:5e:d0:3e:cd:b4:10:3d:29:a8:68: df:1a:c9:35:b8:13:ac:5f:45:98:bd:15:7d:5a:81:18:74:d7: 97:e8:11:26:ee:c0:0b:e6:dd:36:9f:45:0b:d9:76:f9:56:62: 4c:77:67:f6:b8:7a:da:88:77:5b:7c:b3:6c:4a:38:0c:31:47: 8b:f8:14:fc:37:38:fd:62:12:f1:5a:86:5e:57:34:15:2b:fc: 46:01:3d:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLekXK0Ey+Y7fWgfEuI5nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz MGRjNjYwHhcNMjUxMjA2MDEwMTQ5WhcNMjUxMjA3MDEwMTQ5WjAzMTEwLwYDVQQD Eyg5NjY4NzIzMWJjODBhYmIyMGUwZGRjODkzZGJiM2IyMzA5MjI5MmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwHawBzCwlXEZBKUsG2TbbVV1vtA RBbJPEm5ZKpmltYh83ep+vAFab4jWkYm6aPmLnCNsgNC5T5uicsUb4LBr8IX9T6l 5YhiCF9VDo4WVC38/g+Ukgi4+KSteLigY9FNhRvs97wAJj/scFdJ5DSywlBuKyZj dHE8CE46xLR/VxBPEr5WfVfgzDskYh1bA28lmCdopxG+UbLgykZVGs2YS7UucVj8 gUcgePLk3UoaKFezaewRh1orRWdAdjs9atnh2+VRhEBpYZFxxlKEZwJI2qKpRLmd haC/MUjy4Ctnneff1nxJtuoG38NQU3aImIn75dmh9L0p7as+5fUU63S3ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJZocjG8gKuyDg3ciT27OyMJIpK+MB8GA1UdIwQY MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAme9M2Lux 5CNHXicpmfLnGvK0gXSt1np5qlNNmxgZE9oZ1n/7DuQ0JXJv/8m7zUdRaxMkcTpX qUEZJvyX2qmMa1wiBsq8mznm985GrQMt4+faIoWjpk2tSwQ0f/zrO460QNULQLG7 dM7f9e5UwDlaXtuBMa/MlsEglk0ByfLK6TBgR3QjpeCy4hE0cJr8jkchF/7zHXDr zTfnNKKGwRN9WfNku+c5QbguLLZe0D7NtBA9Kaho3xrJNbgTrF9FmL0VfVqBGHTX l+gRJu7AC+bdNp9FC9l2+VZiTHdn9rh62oh3W3yzbEo4DDFHi/gU/Dc4/WIS8VqG Xlc0FSv8RgE9Xg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:12 2025 by rpki-client