This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft File: upcN4SazoLVI2tdvXvqIhVxvH_I.mft (raw, json) Hash identifier: uEmPOOhsiH20wcBFA08/BizchA07oREw0xiY+HBduzE= Subject key identifier: 15:78:18:D4:FC:DD:8A:32:A6:5B:A1:82:5B:57:59:0B:40:83:75:94 Authority key identifier: BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2 Certificate issuer: /CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2 Certificate serial: 019AF31C33F03E3668C1342384852E2C3534 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft Manifest number: 0AE8 Signing time: Sat 06 Dec 2025 10:01:43 +0000 Manifest this update: Sat 06 Dec 2025 10:01:43 +0000 Manifest next update: Sun 07 Dec 2025 10:01:43 +0000 Files and hashes: 1: iB0nh2pqz5-ySXR-fF2YCAS68X8.roa (hash: Y94jSzgT6noKQkiYTVT17vXi3fN7I6D0Bkm1xKFYYKk=) 2: upcN4SazoLVI2tdvXvqIhVxvH_I.crl (hash: FLmFCUmZBxIBUHi2nBlzzts0zyUpsA7rxIAHzfP5kf8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:33:f0:3e:36:68:c1:34:23:84:85:2e:2c:35:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2 Validity Not Before: Dec 6 10:01:43 2025 GMT Not After : Dec 7 10:01:43 2025 GMT Subject: CN=157818d4fcdd8a32a65ba1825b57590b40837594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:51:25:69:61:1a:ea:ed:02:23:34:00:96:f0: 66:26:02:ff:8a:55:f8:3e:fd:2b:b1:cf:25:08:2c: 3f:f7:e9:63:00:ad:95:cc:e0:68:32:e0:5b:30:30: 47:e3:66:12:68:c7:bc:14:e2:25:e5:8d:3c:0d:15: dd:82:78:48:95:92:57:11:3e:82:ae:30:a2:03:e3: 66:0a:c9:31:1c:89:04:45:d0:ee:3e:7c:25:5f:50: cb:71:36:a1:c4:98:d0:64:e6:23:30:3b:db:93:12: 59:c1:9a:53:a8:25:cb:0a:16:c4:ea:f0:be:e3:89: 83:2f:b3:0d:41:4b:41:85:60:a5:c7:c4:32:71:b9: fa:36:f3:b5:28:d1:de:c2:23:68:29:69:db:44:38: c8:ff:13:b0:89:39:10:a1:d8:32:df:29:81:76:99: c5:c7:b2:45:81:62:32:10:cb:9c:bf:64:9b:2b:dc: 90:f6:de:e8:a1:53:f4:d3:dd:c1:75:58:e4:2d:bf: 68:04:84:00:ef:de:65:47:4d:a5:08:7e:f2:a3:3f: 7b:1a:c5:c4:5a:b9:ec:b2:f5:76:4a:14:15:65:92: 58:2c:3d:15:0d:bc:2d:14:10:1f:38:b2:88:7f:99: b5:d8:6c:45:2d:53:bc:aa:5f:04:c0:56:df:e3:6d: c7:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:78:18:D4:FC:DD:8A:32:A6:5B:A1:82:5B:57:59:0B:40:83:75:94 X509v3 Authority Key Identifier: keyid:BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:5e:3c:23:44:3a:26:84:45:64:81:72:c8:5d:b3:83:8e:32: 08:20:cc:7b:3e:ea:97:46:46:2b:d8:49:a7:97:11:cf:92:69: 79:e2:03:4a:f0:ae:14:27:92:fe:a2:6d:c4:78:be:5c:ee:83: 5b:2b:ec:39:0a:a3:05:82:f8:38:34:94:ff:75:eb:d3:38:55: 78:cf:66:44:a0:d3:ef:8d:d1:c6:fa:03:0c:8e:41:e2:37:73: 4f:a5:1c:b5:88:e6:00:30:12:09:a0:3d:52:b2:b2:c7:c2:73: 4c:83:7c:9f:1f:ec:2c:22:b2:ef:8f:13:fc:a7:9c:7a:95:5c: 6d:48:b9:9a:56:78:98:4b:ca:e1:04:1d:13:35:8c:09:6b:88: 38:6d:66:1c:0e:ca:9a:6e:4d:70:00:b5:2d:de:8a:cc:f6:4d: 21:a5:ad:e5:a5:82:ae:47:24:16:ae:c3:40:15:2d:14:61:ad: 36:97:af:26:dc:33:45:00:6e:dc:de:5a:49:67:ba:e2:dc:a8: f3:a1:c2:30:2c:8c:bc:f1:45:2b:f4:28:75:42:72:9f:6e:6b: 98:dd:c2:c3:12:38:6a:e2:29:c5:0f:05:6c:16:2f:33:63:48: 89:03:fd:f9:13:c8:51:c3:ec:df:9d:b7:42:48:29:73:12:8b: 7e:06:36:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHDPwPjZowTQjhIUuLDU0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOTcwZGUxMjZiM2EwYjU0OGRhZDc2ZjVlZmE4ODg1NWM2 ZjFmZjIwHhcNMjUxMjA2MTAwMTQzWhcNMjUxMjA3MTAwMTQzWjAzMTEwLwYDVQQD EygxNTc4MThkNGZjZGQ4YTMyYTY1YmExODI1YjU3NTkwYjQwODM3NTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFElaWEa6u0CIzQAlvBmJgL/ilX4 Pv0rsc8lCCw/9+ljAK2VzOBoMuBbMDBH42YSaMe8FOIl5Y08DRXdgnhIlZJXET6C rjCiA+NmCskxHIkERdDuPnwlX1DLcTahxJjQZOYjMDvbkxJZwZpTqCXLChbE6vC+ 44mDL7MNQUtBhWClx8Qycbn6NvO1KNHewiNoKWnbRDjI/xOwiTkQodgy3ymBdpnF x7JFgWIyEMucv2SbK9yQ9t7ooVP0093BdVjkLb9oBIQA795lR02lCH7yoz97GsXE WrnssvV2ShQVZZJYLD0VDbwtFBAfOLKIf5m12GxFLVO8ql8EwFbf423HEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBV4GNT83YoypluhgltXWQtAg3WUMB8GA1UdIwQY MBaAFLqXDeEms6C1SNrXb176iIVcbx/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAt M2FiYTU5NWI1OGE4LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAtM2FiYTU5NWI1OGE4 LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASl48I0Q6 JoRFZIFyyF2zg44yCCDMez7ql0ZGK9hJp5cRz5JpeeIDSvCuFCeS/qJtxHi+XO6D WyvsOQqjBYL4ODSU/3Xr0zhVeM9mRKDT743RxvoDDI5B4jdzT6UctYjmADASCaA9 UrKyx8JzTIN8nx/sLCKy748T/KecepVcbUi5mlZ4mEvK4QQdEzWMCWuIOG1mHA7K mm5NcAC1Ld6KzPZNIaWt5aWCrkckFq7DQBUtFGGtNpevJtwzRQBu3N5aSWe64tyo 86HCMCyMvPFFK/QodUJyn25rmN3CwxI4auIpxQ8FbBYvM2NIiQP9+RPIUcPs3523 QkgpcxKLfgY22A== -----END CERTIFICATE-----Generated at Sat Dec 6 13:14:17 2025 by rpki-client