This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.mft File: rUZjafOSfaDIn7X0s-qeMk-SioQ.mft (raw, json) Hash identifier: 9/ORAfICKxznKEk4NnUS0GjTMUYjX33jUc7Nrkvqn7k= Subject key identifier: EC:30:3C:74:F3:B8:FB:7A:5D:F5:30:B6:9D:8F:69:1F:5B:3E:B6:0F Authority key identifier: AD:46:63:69:F3:92:7D:A0:C8:9F:B5:F4:B3:EA:9E:32:4F:92:8A:84 Certificate issuer: /CN=ad466369f3927da0c89fb5f4b3ea9e324f928a84 Certificate serial: 019AF0BF936D9ECEAB04BBAECAF337E22AF0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUZjafOSfaDIn7X0s-qeMk-SioQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.mft Manifest number: 0777 Signing time: Fri 05 Dec 2025 23:01:18 +0000 Manifest this update: Fri 05 Dec 2025 23:01:18 +0000 Manifest next update: Sat 06 Dec 2025 23:01:18 +0000 Files and hashes: 1: e2krXZzkR-AkHScvd476IUHzrz0.roa (hash: KJC7yZeLdAZIJXLO5En/1DBnqhI+LO45sglWIneobpg=) 2: rUZjafOSfaDIn7X0s-qeMk-SioQ.crl (hash: Wee1LYqgRXUtgx3EXnmOO7hrH1fRDnzxrnyoo7xXa+8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rUZjafOSfaDIn7X0s-qeMk-SioQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:93:6d:9e:ce:ab:04:bb:ae:ca:f3:37:e2:2a:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad466369f3927da0c89fb5f4b3ea9e324f928a84 Validity Not Before: Dec 5 23:01:18 2025 GMT Not After : Dec 6 23:01:18 2025 GMT Subject: CN=ec303c74f3b8fb7a5df530b69d8f691f5b3eb60f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b8:79:fb:41:9d:c2:67:2f:d1:98:c7:2c:6f: 8b:80:c7:46:12:9d:ff:0c:8a:54:4a:e0:28:98:04: 68:6e:c7:10:34:b2:8d:ef:3a:50:eb:43:e4:fb:a6: c6:d0:58:90:2b:e3:2a:b4:41:84:ea:c1:be:13:1e: 5f:57:dd:c3:26:d2:d5:4f:fa:bd:d5:73:2a:04:c4: b3:37:03:0c:34:d4:18:62:9b:a0:ed:ce:f5:77:37: b9:4e:bd:4f:3b:18:89:1b:4d:b6:db:8a:bc:bd:88: e8:75:d5:6b:d4:26:ce:40:d2:ab:98:d4:dd:fb:d8: c2:64:f4:b3:cc:2b:bf:92:8c:cb:f4:15:8d:0a:0d: a7:f5:3e:53:2e:13:ce:5c:d5:19:d9:7b:f3:e7:7e: 7a:ae:9d:6e:88:1d:f7:7a:14:c1:7b:50:c4:7f:7a: 6b:c8:fe:20:bc:dc:57:df:39:95:51:b5:a0:8b:ad: da:3b:86:ed:6a:6a:0a:fe:0d:18:92:0f:5a:ad:61: 40:c9:2a:8a:97:07:8a:ae:e7:04:84:f7:54:16:33: ab:ba:c3:1c:23:50:94:d0:83:8f:ae:be:f1:d7:de: 10:c0:b6:a6:f2:20:98:29:de:a3:bb:28:d9:ad:11: 0f:8f:a4:2d:75:ae:64:73:53:a4:8a:00:ee:6b:eb: 70:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:30:3C:74:F3:B8:FB:7A:5D:F5:30:B6:9D:8F:69:1F:5B:3E:B6:0F X509v3 Authority Key Identifier: keyid:AD:46:63:69:F3:92:7D:A0:C8:9F:B5:F4:B3:EA:9E:32:4F:92:8A:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUZjafOSfaDIn7X0s-qeMk-SioQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:32:39:ef:48:93:f4:73:22:5e:e4:e7:3f:1d:2a:cc:4e:67: ee:4b:f7:89:50:6a:a5:98:70:ae:53:5d:eb:28:aa:40:df:19: db:b5:47:96:92:7d:3c:43:41:a9:28:68:df:a1:76:77:5a:39: 6e:ee:cf:bc:a8:77:9b:bb:71:f7:05:d0:42:95:38:14:d4:1c: 1e:56:07:a5:01:44:85:41:dd:a3:74:f4:47:40:57:e6:7a:ad: b6:a2:d9:17:00:96:89:e9:11:03:73:91:b7:6e:c0:01:ba:d5: 95:b2:cb:6d:ed:67:a7:95:42:ce:17:ba:96:7a:a3:ac:3f:3f: 2a:6e:87:46:39:d1:19:af:40:bb:a2:46:eb:90:4d:f5:aa:29: 51:d2:3e:d9:2e:42:79:7a:1a:de:2e:3a:34:0c:a4:af:34:4e: 09:7d:19:81:5e:e6:ef:42:77:4d:ce:8a:99:e6:27:8e:b2:54: 47:d9:43:f0:cc:6d:c0:ec:8f:87:f6:c7:c5:8b:53:ed:e4:59: ce:7e:7f:07:d7:a4:10:a4:20:bf:d7:a7:ab:7b:46:6a:30:ed: 95:6a:7f:8c:d6:4e:55:74:01:c8:9c:c9:78:71:f8:0a:17:08: b2:7c:fa:9c:3b:2b:c2:40:c1:a3:5a:ef:b5:a7:a7:4f:d8:eb: 5f:41:7b:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv5Ntns6rBLuuyvM34irwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkNDY2MzY5ZjM5MjdkYTBjODlmYjVmNGIzZWE5ZTMyNGY5 MjhhODQwHhcNMjUxMjA1MjMwMTE4WhcNMjUxMjA2MjMwMTE4WjAzMTEwLwYDVQQD EyhlYzMwM2M3NGYzYjhmYjdhNWRmNTMwYjY5ZDhmNjkxZjViM2ViNjBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLh5+0Gdwmcv0ZjHLG+LgMdGEp3/ DIpUSuAomARobscQNLKN7zpQ60Pk+6bG0FiQK+MqtEGE6sG+Ex5fV93DJtLVT/q9 1XMqBMSzNwMMNNQYYpug7c71dze5Tr1POxiJG02224q8vYjoddVr1CbOQNKrmNTd +9jCZPSzzCu/kozL9BWNCg2n9T5TLhPOXNUZ2Xvz5356rp1uiB33ehTBe1DEf3pr yP4gvNxX3zmVUbWgi63aO4btamoK/g0Ykg9arWFAySqKlweKrucEhPdUFjOrusMc I1CU0IOPrr7x194QwLam8iCYKd6juyjZrREPj6Qtda5kc1OkigDua+tw2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOwwPHTzuPt6XfUwtp2PaR9bPrYPMB8GA1UdIwQY MBaAFK1GY2nzkn2gyJ+19LPqnjJPkoqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclVaamFmT1NmYURJbjdYMHMtcWVNay1TaW9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yN2M2YTEtMWM5NC00YTQ5LThlM2Qt OWZkNTAzOTcwZmYwLzEvclVaamFmT1NmYURJbjdYMHMtcWVNay1TaW9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8yN2M2YTEtMWM5NC00YTQ5LThlM2QtOWZkNTAzOTcwZmYw LzEvclVaamFmT1NmYURJbjdYMHMtcWVNay1TaW9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFDI570iT 9HMiXuTnPx0qzE5n7kv3iVBqpZhwrlNd6yiqQN8Z27VHlpJ9PENBqSho36F2d1o5 bu7PvKh3m7tx9wXQQpU4FNQcHlYHpQFEhUHdo3T0R0BX5nqttqLZFwCWiekRA3OR t27AAbrVlbLLbe1np5VCzhe6lnqjrD8/Km6HRjnRGa9Au6JG65BN9aopUdI+2S5C eXoa3i46NAykrzROCX0ZgV7m70J3Tc6KmeYnjrJUR9lD8MxtwOyPh/bHxYtT7eRZ zn5/B9ekEKQgv9enq3tGajDtlWp/jNZOVXQByJzJeHH4ChcIsnz6nDsrwkDBo1rv taenT9jrX0F7AA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:03:51 2025 by rpki-client