This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft File: U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json) Hash identifier: SEQ9cPQR9xC1BnF1uAmgpZQ7U4g622wmYXnMKt71jd4= Subject key identifier: F4:F8:03:F1:64:D3:CE:6B:B8:DE:45:05:67:6F:82:A2:E4:CE:FF:08 Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 Certificate issuer: /CN=539dc8f83af07a2fd7121e77c01cc283c651a087 Certificate serial: 019AF352C8B5136932159282988522FADB54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 11:01:20 +0000 Manifest this update: Sat 06 Dec 2025 11:01:20 +0000 Manifest next update: Sun 07 Dec 2025 11:01:20 +0000 Files and hashes: 1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: 1TP2zZkUAtUChvBFkyjNQ4ICU6wL2db3opQkoMC8iIs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:c8:b5:13:69:32:15:92:82:98:85:22:fa:db:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087 Validity Not Before: Dec 6 11:01:20 2025 GMT Not After : Dec 7 11:01:20 2025 GMT Subject: CN=f4f803f164d3ce6bb8de4505676f82a2e4ceff08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:13:0f:32:7a:b9:1d:f9:25:78:b7:15:e2:74: 6b:f0:f5:a8:54:73:08:1d:a9:3f:1b:58:c6:7e:ee: e8:12:a7:17:a0:1b:e4:92:f0:c1:c0:6c:2f:00:72: ac:1e:bb:58:f2:c4:31:c9:25:5b:e3:5b:83:b5:9d: f6:c7:ea:df:fa:51:7e:a4:5f:28:bf:22:e3:a9:e5: 36:e5:06:3b:5b:4e:81:f1:2e:ac:9c:95:b1:a5:94: f4:0b:62:f7:23:2a:8d:b0:4a:59:26:40:76:07:c5: ee:61:ab:77:51:50:b4:32:bf:8f:56:32:54:1e:7d: 92:76:60:89:b1:9e:79:04:d1:f7:46:f4:48:69:23: 4b:d6:21:ec:39:60:d5:30:d2:e5:ac:c2:9f:67:17: e7:af:3d:41:f8:68:cc:da:06:90:d5:21:10:df:07: 9b:fc:b6:a7:a4:fa:2c:17:e6:9c:56:65:ef:ae:70: 3e:9d:a1:5a:55:c5:69:d3:53:c4:e0:54:4d:7f:aa: f7:16:fe:57:ae:02:c7:2f:72:2d:1d:b2:08:8d:76: 6e:52:8b:a6:a7:07:9e:15:20:4a:93:b5:97:38:29: 55:dd:8d:71:bc:0d:9d:23:de:c0:00:b5:f8:95:04: b7:4d:64:64:63:e3:e2:8b:6d:31:fd:65:a6:5c:0c: ae:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:F8:03:F1:64:D3:CE:6B:B8:DE:45:05:67:6F:82:A2:E4:CE:FF:08 X509v3 Authority Key Identifier: keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:d6:27:2e:dc:d4:21:c4:c0:47:92:ee:e6:6c:59:f2:24:e7: 6a:c5:9c:a8:61:f3:17:76:b8:69:6c:05:76:ff:e5:39:1d:e9: c6:30:50:08:1e:ca:11:10:f3:29:51:b0:ca:39:9d:23:6c:80: 83:f8:f8:e8:29:fd:12:e5:e9:ca:bb:e1:ed:49:a7:8f:b0:d9: 95:1d:58:2a:e0:b9:8d:3d:9f:2a:e4:81:97:0a:1c:9e:60:2c: c9:4f:c8:9d:f4:03:ad:a7:64:b5:c6:96:7b:7c:ff:75:d7:cd: cc:05:ee:3f:e0:99:ec:3d:f5:61:16:9a:e1:62:af:eb:ee:c7: e2:2d:c6:d9:16:eb:e7:e4:32:6b:3c:d3:24:00:43:a8:97:98: 24:77:2d:e6:4b:3a:ff:d4:11:35:b4:d8:96:45:1e:1f:36:92: 9f:5a:ed:d8:e5:3a:04:b7:6e:84:8d:bd:cc:77:bd:0b:69:52: 29:f4:0b:3b:41:a4:9f:1f:54:15:eb:50:bd:a1:eb:50:e3:2a: e5:1e:80:28:d3:af:3c:0e:02:93:ed:1f:c8:01:e9:6e:30:8a: 85:fe:ee:35:5c:70:12:45:f7:5a:8b:76:e1:38:5e:5d:ed:1b: 8b:f0:7b:e5:2d:3b:7e:3a:86:22:ce:c2:92:c3:f1:b1:2b:d1: 01:f2:ff:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUsi1E2kyFZKCmIUi+ttUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1 MWEwODcwHhcNMjUxMjA2MTEwMTIwWhcNMjUxMjA3MTEwMTIwWjAzMTEwLwYDVQQD EyhmNGY4MDNmMTY0ZDNjZTZiYjhkZTQ1MDU2NzZmODJhMmU0Y2VmZjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRMPMnq5HfkleLcV4nRr8PWoVHMI Hak/G1jGfu7oEqcXoBvkkvDBwGwvAHKsHrtY8sQxySVb41uDtZ32x+rf+lF+pF8o vyLjqeU25QY7W06B8S6snJWxpZT0C2L3IyqNsEpZJkB2B8XuYat3UVC0Mr+PVjJU Hn2SdmCJsZ55BNH3RvRIaSNL1iHsOWDVMNLlrMKfZxfnrz1B+GjM2gaQ1SEQ3web /LanpPosF+acVmXvrnA+naFaVcVp01PE4FRNf6r3Fv5XrgLHL3ItHbIIjXZuUoum pweeFSBKk7WXOClV3Y1xvA2dI97AALX4lQS3TWRkY+Pii20x/WWmXAyu8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPT4A/Fk085ruN5FBWdvgqLkzv8IMB8GA1UdIwQY MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9YnLtzU IcTAR5Lu5mxZ8iTnasWcqGHzF3a4aWwFdv/lOR3pxjBQCB7KERDzKVGwyjmdI2yA g/j46Cn9EuXpyrvh7Umnj7DZlR1YKuC5jT2fKuSBlwocnmAsyU/InfQDradktcaW e3z/ddfNzAXuP+CZ7D31YRaa4WKv6+7H4i3G2Rbr5+QyazzTJABDqJeYJHct5ks6 /9QRNbTYlkUeHzaSn1rt2OU6BLduhI29zHe9C2lSKfQLO0Gknx9UFetQvaHrUOMq 5R6AKNOvPA4Ck+0fyAHpbjCKhf7uNVxwEkX3Wot24TheXe0bi/B75S07fjqGIs7C ksPxsSvRAfL/Xw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:48:54 2025 by rpki-client