This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft File: bUmIt5OIS3moT-NFY9A581RsGF8.mft (raw, json) Hash identifier: btKZt/732Oo2S8/7vuCij+/U4tj3Bdwg2aEcqXSkUYk= Subject key identifier: 4E:14:3B:FD:EC:0F:A1:20:0E:CF:4F:38:12:0F:CF:B5:B9:CF:38:DB Authority key identifier: 6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F Certificate issuer: /CN=6d4988b793884b79a84fe34563d039f3546c185f Certificate serial: 019AF19B760512046BB20D02558797AB98F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft Manifest number: 0125 Signing time: Sat 06 Dec 2025 03:01:28 +0000 Manifest this update: Sat 06 Dec 2025 03:01:28 +0000 Manifest next update: Sun 07 Dec 2025 03:01:28 +0000 Files and hashes: 1: bUmIt5OIS3moT-NFY9A581RsGF8.crl (hash: G9M0Agk0p0+Bt+kPnk33kDu8vQ8UKGpJPao+YwJ+h10=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:76:05:12:04:6b:b2:0d:02:55:87:97:ab:98:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d4988b793884b79a84fe34563d039f3546c185f Validity Not Before: Dec 6 03:01:28 2025 GMT Not After : Dec 7 03:01:28 2025 GMT Subject: CN=4e143bfdec0fa1200ecf4f38120fcfb5b9cf38db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3e:d1:2b:bf:b9:35:05:c4:3c:ad:0b:8f:d0: f5:73:33:60:94:bd:e9:eb:5a:69:69:f6:30:a4:c1: ea:ea:d2:d7:46:8d:f5:6a:e2:2b:63:9c:44:85:13: 3a:fc:b4:12:ef:28:11:a6:e2:29:83:a0:b3:e9:0f: 42:9c:c1:c9:1e:db:ae:f4:27:e0:2f:18:57:f5:ba: da:48:d6:81:50:99:a3:6a:fd:59:4e:3a:cc:f4:8b: d9:85:09:78:5a:4b:f6:95:54:f6:2a:2f:3a:97:f6: 11:d6:63:aa:9b:b0:20:50:0e:c3:50:59:7c:c4:46: 55:7e:29:8e:36:c1:f2:3b:76:c7:b6:06:4f:c1:18: cc:e9:9c:88:14:96:5e:e9:33:7b:9e:c3:33:dc:bb: 6e:13:92:9b:c3:5b:3c:29:0f:e7:7f:1c:da:16:cc: 5b:6e:45:ce:46:a5:c0:62:da:e9:71:ef:d6:f1:ab: af:c9:66:32:9c:0a:39:95:98:2e:3e:a0:51:dc:75: a4:50:3b:b7:2c:2a:49:fc:8c:a4:c3:59:22:d2:5a: c3:88:e2:33:0f:7c:ca:db:b7:93:bc:c1:70:8b:15: e4:32:23:a2:7d:b3:e5:ba:02:ba:e3:09:fe:45:ae: 89:5e:7f:d9:23:dd:6d:70:3d:5c:fc:3e:ed:2b:c7: 89:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:14:3B:FD:EC:0F:A1:20:0E:CF:4F:38:12:0F:CF:B5:B9:CF:38:DB X509v3 Authority Key Identifier: keyid:6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:9e:d6:e9:e3:b6:24:e9:f2:d9:f0:14:90:a2:54:5c:34:1a: 8c:7a:e4:b8:19:f8:e0:57:42:08:1a:76:6c:d1:52:2e:fd:3f: 72:bb:6a:2a:75:a1:00:91:3b:59:e3:54:5b:d6:a5:f3:31:1f: 56:77:5f:98:72:8f:30:a5:94:bf:b2:3a:6d:3a:07:02:68:fa: 44:14:ec:f3:ad:95:d1:32:74:d0:c0:7b:37:d0:68:3a:68:a1: ed:8f:7f:10:f6:d6:50:30:ae:d0:bc:7d:b2:4d:da:66:b2:fb: 9f:7a:8c:8f:cd:a5:0f:85:a3:db:de:2d:9f:a2:93:66:bd:7b: 22:9d:26:83:a4:59:01:72:ef:8e:3f:58:70:98:fd:47:35:a4: 48:73:ae:af:af:04:5b:75:d2:ac:27:26:57:6e:d4:7d:54:98: 90:e8:a6:87:11:d1:17:28:18:7d:ab:98:27:8f:02:d0:81:30: 7b:c3:0c:27:6d:b3:d8:98:17:1b:f3:5d:31:5f:b5:29:bb:c0: 2a:c3:c6:08:a4:6e:95:7c:aa:d7:89:14:77:e8:64:d9:28:38: 2c:7a:da:09:3d:3f:4b:6c:59:8d:5b:bb:e4:35:9b:d5:a4:0f: 33:31:33:4e:20:5b:5f:56:81:cd:9d:c9:9b:05:33:47:77:23: 8d:d7:91:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm3YFEgRrsg0CVYeXq5jyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkNDk4OGI3OTM4ODRiNzlhODRmZTM0NTYzZDAzOWYzNTQ2 YzE4NWYwHhcNMjUxMjA2MDMwMTI4WhcNMjUxMjA3MDMwMTI4WjAzMTEwLwYDVQQD Eyg0ZTE0M2JmZGVjMGZhMTIwMGVjZjRmMzgxMjBmY2ZiNWI5Y2YzOGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD7RK7+5NQXEPK0Lj9D1czNglL3p 61ppafYwpMHq6tLXRo31auIrY5xEhRM6/LQS7ygRpuIpg6Cz6Q9CnMHJHtuu9Cfg LxhX9braSNaBUJmjav1ZTjrM9IvZhQl4Wkv2lVT2Ki86l/YR1mOqm7AgUA7DUFl8 xEZVfimONsHyO3bHtgZPwRjM6ZyIFJZe6TN7nsMz3LtuE5Kbw1s8KQ/nfxzaFsxb bkXORqXAYtrpce/W8auvyWYynAo5lZguPqBR3HWkUDu3LCpJ/Iykw1ki0lrDiOIz D3zK27eTvMFwixXkMiOifbPlugK64wn+Ra6JXn/ZI91tcD1c/D7tK8eJkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4UO/3sD6EgDs9POBIPz7W5zzjbMB8GA1UdIwQY MBaAFG1JiLeTiEt5qE/jRWPQOfNUbBhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODIt MDkwM2VlN2MxOTAyLzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODItMDkwM2VlN2MxOTAy LzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI57W6eO2 JOny2fAUkKJUXDQajHrkuBn44FdCCBp2bNFSLv0/crtqKnWhAJE7WeNUW9al8zEf VndfmHKPMKWUv7I6bToHAmj6RBTs862V0TJ00MB7N9BoOmih7Y9/EPbWUDCu0Lx9 sk3aZrL7n3qMj82lD4Wj294tn6KTZr17Ip0mg6RZAXLvjj9YcJj9RzWkSHOur68E W3XSrCcmV27UfVSYkOimhxHRFygYfauYJ48C0IEwe8MMJ22z2JgXG/NdMV+1KbvA KsPGCKRulXyq14kUd+hk2Sg4LHraCT0/S2xZjVu75DWb1aQPMzEzTiBbX1aBzZ3J mwUzR3cjjdeRWA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:52:09 2025 by rpki-client