This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft File: USzy1zi8akeL64yogkEB_w_IGmE.mft (raw, json) Hash identifier: jwfktwPCyYt40n+pbeAFiny61IhXb/sySo/8/yUe+OU= Subject key identifier: D8:DB:EB:F0:FA:B3:1B:C0:A7:F5:40:1B:85:52:4D:19:69:1E:35:13 Authority key identifier: 51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61 Certificate issuer: /CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61 Certificate serial: 019AF1D244886AEDA4E490C89BAE2A4ECEDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft Manifest number: 0543 Signing time: Sat 06 Dec 2025 04:01:20 +0000 Manifest this update: Sat 06 Dec 2025 04:01:20 +0000 Manifest next update: Sun 07 Dec 2025 04:01:20 +0000 Files and hashes: 1: USzy1zi8akeL64yogkEB_w_IGmE.crl (hash: wn+2TovmB/VHR6sbzlypCzymakmfZugWyjo9sT+srwI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:44:88:6a:ed:a4:e4:90:c8:9b:ae:2a:4e:ce:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=512cf2d738bc6a478beb8ca8824101ff0fc81a61 Validity Not Before: Dec 6 04:01:20 2025 GMT Not After : Dec 7 04:01:20 2025 GMT Subject: CN=d8dbebf0fab31bc0a7f5401b85524d19691e3513 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:90:02:b2:83:ef:20:00:6f:98:7d:d7:69:87: 99:74:d7:31:f6:bd:86:fc:60:f2:9c:3f:d1:98:05: c5:65:12:06:2a:0a:f9:1e:a0:d5:01:10:73:67:20: ff:f4:f6:3d:c2:c5:94:0d:3f:d7:27:ba:e1:d6:2d: 29:a1:60:71:0d:37:03:9b:7a:62:9b:1b:f0:0c:ba: a5:e1:72:4e:44:73:77:4a:19:2b:44:fe:29:29:a8: 5b:86:2a:1b:35:d7:77:02:fc:e1:b9:46:3b:14:66: e7:35:d3:cb:a1:c4:2c:18:25:47:7a:de:30:2d:be: a7:a0:f6:d0:2a:72:0a:c6:af:e7:f9:d7:57:c7:3b: 29:2c:1a:6c:0c:88:6e:20:0b:8e:9a:47:54:79:f0: c8:47:a7:02:df:7a:71:f8:cb:8a:b4:db:29:8a:ef: 62:5a:c0:30:ad:aa:e9:9e:65:1c:20:b6:c9:d3:d8: 29:8c:30:49:be:d9:99:54:51:32:70:47:07:37:89: ac:fe:29:56:d8:c3:75:39:91:db:55:16:43:73:0f: 79:50:75:43:02:42:e5:1a:3b:74:cd:41:6b:de:26: ef:61:ab:2c:67:5a:72:c0:be:76:d9:57:6c:ca:54: 76:94:f2:74:b4:3e:e7:19:30:f7:15:e3:9d:2e:ba: 7d:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:DB:EB:F0:FA:B3:1B:C0:A7:F5:40:1B:85:52:4D:19:69:1E:35:13 X509v3 Authority Key Identifier: keyid:51:2C:F2:D7:38:BC:6A:47:8B:EB:8C:A8:82:41:01:FF:0F:C8:1A:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USzy1zi8akeL64yogkEB_w_IGmE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4a54cf-2414-4d6f-8ba5-7001baf775f2/1/USzy1zi8akeL64yogkEB_w_IGmE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:ad:55:f0:1d:77:71:4d:14:76:39:fb:0d:3e:85:12:51:f4: 0f:52:32:01:ac:a9:ab:0f:4e:75:45:8f:e7:83:16:a6:52:26: c5:b8:af:79:95:a7:b1:7c:f4:03:7a:26:0d:62:d7:78:93:62: 7f:f7:c8:c7:28:25:3f:22:78:79:1c:b9:92:28:56:32:8d:1e: 45:0e:f4:2d:4d:3c:3d:5a:64:d3:42:72:5a:09:e0:56:6b:a8: e2:dc:d6:af:01:01:22:bb:05:7d:7f:91:f5:f1:2e:64:a0:04: 3a:ac:7a:cd:9b:72:43:aa:9f:60:8d:e1:a8:ac:06:df:27:9f: 2f:ba:5e:9b:92:30:33:6d:e4:60:31:a4:56:9d:1a:9c:ee:dc: 52:79:bb:2c:1a:d2:f3:01:9f:bc:8c:0b:db:35:21:83:62:93: 8a:51:07:c7:6b:6c:5f:f6:e6:f2:4a:e3:f4:45:e1:23:1c:f0: 48:54:29:82:ea:93:de:91:e1:13:e7:ad:6e:85:4f:7a:f1:e1: 9f:43:dd:10:f5:c3:e7:e4:c7:db:65:8c:84:ff:35:c6:b6:c6: 1e:e5:2e:79:e6:c4:02:e9:9b:ab:af:b0:80:b5:9e:a8:12:11: 4a:fc:bb:c8:c7:2f:ed:c9:83:c5:42:c8:ee:ec:66:f4:4c:13: 6c:63:33:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0kSIau2k5JDIm64qTs7cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMmNmMmQ3MzhiYzZhNDc4YmViOGNhODgyNDEwMWZmMGZj ODFhNjEwHhcNMjUxMjA2MDQwMTIwWhcNMjUxMjA3MDQwMTIwWjAzMTEwLwYDVQQD EyhkOGRiZWJmMGZhYjMxYmMwYTdmNTQwMWI4NTUyNGQxOTY5MWUzNTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pACsoPvIABvmH3XaYeZdNcx9r2G /GDynD/RmAXFZRIGKgr5HqDVARBzZyD/9PY9wsWUDT/XJ7rh1i0poWBxDTcDm3pi mxvwDLql4XJORHN3ShkrRP4pKahbhiobNdd3AvzhuUY7FGbnNdPLocQsGCVHet4w Lb6noPbQKnIKxq/n+ddXxzspLBpsDIhuIAuOmkdUefDIR6cC33px+MuKtNspiu9i WsAwrarpnmUcILbJ09gpjDBJvtmZVFEycEcHN4ms/ilW2MN1OZHbVRZDcw95UHVD AkLlGjt0zUFr3ibvYassZ1pywL522VdsylR2lPJ0tD7nGTD3FeOdLrp9kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNjb6/D6sxvAp/VAG4VSTRlpHjUTMB8GA1UdIwQY MBaAFFEs8tc4vGpHi+uMqIJBAf8PyBphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUt NzAwMWJhZjc3NWYyLzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS80YTU0Y2YtMjQxNC00ZDZmLThiYTUtNzAwMWJhZjc3NWYy LzEvVVN6eTF6aThha2VMNjR5b2drRUJfd19JR21FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAba1V8B13 cU0Udjn7DT6FElH0D1IyAaypqw9OdUWP54MWplImxbiveZWnsXz0A3omDWLXeJNi f/fIxyglPyJ4eRy5kihWMo0eRQ70LU08PVpk00JyWgngVmuo4tzWrwEBIrsFfX+R 9fEuZKAEOqx6zZtyQ6qfYI3hqKwG3yefL7pem5IwM23kYDGkVp0anO7cUnm7LBrS 8wGfvIwL2zUhg2KTilEHx2tsX/bm8krj9EXhIxzwSFQpguqT3pHhE+etboVPevHh n0PdEPXD5+TH22WMhP81xrbGHuUueebEAumbq6+wgLWeqBIRSvy7yMcv7cmDxULI 7uxm9EwTbGMzUA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:41 2025 by rpki-client