This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft File: ugpNIpkX1GVzikghtu7FvrJObuQ.mft (raw, json) Hash identifier: KCGVGPAr0GSP3IjPBTaOpFs3I6alDuvRxF4rNnazobg= Subject key identifier: 6E:A7:52:C8:73:3E:96:85:3A:07:72:FF:D6:F3:C0:96:DB:C5:8F:DB Authority key identifier: BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4 Certificate issuer: /CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4 Certificate serial: 019AF31BD8418FDB570A60AFA59EB51B0F24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft Manifest number: 0216 Signing time: Sat 06 Dec 2025 10:01:19 +0000 Manifest this update: Sat 06 Dec 2025 10:01:19 +0000 Manifest next update: Sun 07 Dec 2025 10:01:19 +0000 Files and hashes: 1: ugpNIpkX1GVzikghtu7FvrJObuQ.crl (hash: OAofwTA50j3b7P302XgU3GbHZSbF7bWOyz7objYketk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:d8:41:8f:db:57:0a:60:af:a5:9e:b5:1b:0f:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4 Validity Not Before: Dec 6 10:01:19 2025 GMT Not After : Dec 7 10:01:19 2025 GMT Subject: CN=6ea752c8733e96853a0772ffd6f3c096dbc58fdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fd:1e:b5:14:a9:db:4c:70:de:67:f4:6a:7b: c4:ac:03:5e:bb:91:00:25:a6:79:38:93:e1:8c:f8: cf:84:c9:41:09:d4:3f:17:39:b9:9a:8c:b6:1f:52: a0:d0:b3:d0:7a:56:1c:3a:7c:dd:a5:54:1c:ef:36: ba:6e:10:89:d7:6e:67:b4:d4:29:2e:42:d5:25:45: a1:9a:77:f1:93:da:72:c7:9c:34:e4:52:ee:dd:51: b3:91:ba:a8:08:2f:1c:b1:3d:b0:1d:ef:3c:5c:06: c7:cb:b4:ae:08:13:2f:92:21:fb:88:bb:d7:b3:8b: 5c:bf:2e:17:74:15:ab:2f:d6:c3:4a:f7:37:4a:9f: 36:a0:6f:59:1b:f6:6d:30:79:93:09:bd:58:3b:83: c5:98:e5:75:5a:8f:72:68:a2:19:2f:3c:7c:3a:e0: 7e:03:30:1c:83:40:ba:66:3e:46:1b:57:0f:4c:4e: 62:83:3d:77:a0:c3:d6:fa:e0:dd:1c:16:9b:b3:bb: 9a:0d:14:eb:68:f9:59:59:95:ca:a5:68:eb:36:94: 40:a2:1d:17:6f:39:b9:2d:29:60:d8:85:af:2b:34: 96:64:b8:29:62:20:ed:d8:bd:db:24:e4:d4:4f:15: 1f:d7:03:95:d8:67:94:68:c8:d9:cd:1c:cc:83:1e: 94:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:A7:52:C8:73:3E:96:85:3A:07:72:FF:D6:F3:C0:96:DB:C5:8F:DB X509v3 Authority Key Identifier: keyid:BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:22:ad:7d:cd:ed:1f:11:75:63:21:5c:dd:da:98:c1:82:ce: 1a:c7:92:1a:a6:a1:c1:2a:81:4d:bb:95:58:8c:5b:a0:2d:2b: 30:8e:97:b8:6c:81:bf:86:cb:cb:8a:51:b1:c8:cf:fc:5d:9c: 4b:f6:39:05:b0:88:03:3e:72:89:66:f1:dc:89:d3:36:2b:7a: b0:2c:6d:87:9d:d4:bc:26:28:b0:58:cd:17:95:ad:03:a6:2a: e9:c4:41:cf:77:96:e0:b4:02:d3:6e:af:dd:05:b3:62:c1:c2: 1a:76:e5:af:9a:24:f7:b6:c4:3c:26:3d:65:75:80:e2:f4:83: a6:e9:9a:1c:f4:c5:7a:84:ef:7a:13:e4:fa:09:98:08:1b:3d: b8:38:33:54:77:6f:c6:16:e5:82:b0:f8:d1:fb:6c:ef:d3:05: 95:fe:89:af:93:24:2f:7b:60:04:4c:f1:ba:28:81:00:72:99: 9f:c6:5a:1b:3b:6d:f1:0b:68:d7:d2:2d:e5:a6:20:99:c7:84: 0d:9a:8d:4e:d0:2e:9e:e8:3a:33:80:12:a4:3f:b7:05:35:b4: 56:6c:25:cb:22:ac:f0:ef:8e:9d:ff:1f:b9:0e:17:11:a5:09: a6:79:d7:dc:3f:92:08:e5:14:35:9d:c5:f2:db:5b:1e:fa:60: 07:5e:d2:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG9hBj9tXCmCvpZ61Gw8kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhMGE0ZDIyOTkxN2Q0NjU3MzhhNDgyMWI2ZWVjNWJlYjI0 ZTZlZTQwHhcNMjUxMjA2MTAwMTE5WhcNMjUxMjA3MTAwMTE5WjAzMTEwLwYDVQQD Eyg2ZWE3NTJjODczM2U5Njg1M2EwNzcyZmZkNmYzYzA5NmRiYzU4ZmRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/0etRSp20xw3mf0anvErANeu5EA JaZ5OJPhjPjPhMlBCdQ/Fzm5moy2H1Kg0LPQelYcOnzdpVQc7za6bhCJ125ntNQp LkLVJUWhmnfxk9pyx5w05FLu3VGzkbqoCC8csT2wHe88XAbHy7SuCBMvkiH7iLvX s4tcvy4XdBWrL9bDSvc3Sp82oG9ZG/ZtMHmTCb1YO4PFmOV1Wo9yaKIZLzx8OuB+ AzAcg0C6Zj5GG1cPTE5igz13oMPW+uDdHBabs7uaDRTraPlZWZXKpWjrNpRAoh0X bzm5LSlg2IWvKzSWZLgpYiDt2L3bJOTUTxUf1wOV2GeUaMjZzRzMgx6UMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG6nUshzPpaFOgdy/9bzwJbbxY/bMB8GA1UdIwQY MBaAFLoKTSKZF9Rlc4pIIbbuxb6yTm7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQt MDU3YWQ5MzMxZmE4LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQtMDU3YWQ5MzMxZmE4 LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuSKtfc3t HxF1YyFc3dqYwYLOGseSGqahwSqBTbuVWIxboC0rMI6XuGyBv4bLy4pRscjP/F2c S/Y5BbCIAz5yiWbx3InTNit6sCxth53UvCYosFjNF5WtA6Yq6cRBz3eW4LQC026v 3QWzYsHCGnblr5ok97bEPCY9ZXWA4vSDpumaHPTFeoTvehPk+gmYCBs9uDgzVHdv xhblgrD40fts79MFlf6Jr5MkL3tgBEzxuiiBAHKZn8ZaGztt8Qto19It5aYgmceE DZqNTtAunug6M4ASpD+3BTW0VmwlyyKs8O+Onf8fuQ4XEaUJpnnX3D+SCOUUNZ3F 8ttbHvpgB17SuQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:09:59 2025 by rpki-client