This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft File: U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json) Hash identifier: alYu8AJrpMMqz6KnKG9Mnona+2XXGqd2FPvfb2vbmK0= Subject key identifier: 72:9E:94:E1:EF:C2:57:B5:1C:25:A1:94:1F:92:5A:24:A0:97:89:7A Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04 Certificate issuer: /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104 Certificate serial: 019AF12ED4AB7BEE795DA892D828DC6EB247 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft Manifest number: 10C8 Signing time: Sat 06 Dec 2025 01:02:49 +0000 Manifest this update: Sat 06 Dec 2025 01:02:49 +0000 Manifest next update: Sun 07 Dec 2025 01:02:49 +0000 Files and hashes: 1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: N7vCwggw5svotFeHxHI95Rc5HBIvI6UjPIdN3dPZVI0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:d4:ab:7b:ee:79:5d:a8:92:d8:28:dc:6e:b2:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104 Validity Not Before: Dec 6 01:02:49 2025 GMT Not After : Dec 7 01:02:49 2025 GMT Subject: CN=729e94e1efc257b51c25a1941f925a24a097897a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:e5:e2:2f:87:df:e6:ff:77:63:f6:f0:5c:a5: 0a:10:84:dd:e8:e1:87:e5:79:0f:8a:04:ea:9e:04: 20:3a:e1:e8:a4:a5:74:b3:4d:82:83:98:f5:5b:5b: 05:b4:83:17:25:a7:e6:ca:ca:36:3d:6d:c0:d0:10: 0e:f4:03:ee:8d:91:b7:80:a2:e0:76:44:be:c8:72: 73:64:7d:ae:19:4f:96:0a:2d:70:a6:4b:9d:5e:55: eb:54:44:81:a0:06:8b:e7:ff:f0:77:c2:8f:0c:8f: c4:b7:e7:6d:e4:74:78:ab:45:db:12:1b:e6:de:fa: c2:6a:21:03:01:42:f9:6a:ee:92:2d:73:4f:d0:f8: f3:c2:7d:ad:27:bd:ac:66:62:83:da:63:0b:88:e0: e0:37:60:5a:28:56:d5:78:bd:84:e0:3e:4e:8c:a4: 4d:2b:20:c8:dd:42:d1:44:93:56:65:5d:5b:70:c4: 25:59:23:f0:42:64:33:01:2f:e7:e7:85:d9:3d:4c: c9:e4:f8:9c:d5:96:9d:a2:f1:13:4e:97:fd:57:72: 32:49:12:49:40:fa:01:11:2e:d7:4b:13:bc:d3:97: 19:b9:1f:22:b2:fa:2c:ec:fe:d1:a6:c6:e1:56:4a: f6:7f:9b:77:9d:bc:c1:45:11:c6:84:0e:ec:d3:f3: 50:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:9E:94:E1:EF:C2:57:B5:1C:25:A1:94:1F:92:5A:24:A0:97:89:7A X509v3 Authority Key Identifier: keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:3d:a7:2d:37:c7:fd:4a:d8:0b:12:03:fc:b6:0e:57:c3:71: d6:1b:2e:89:ab:d5:89:f5:9d:92:0d:96:21:fd:12:22:f3:37: 8e:f5:fe:fa:55:2e:9c:87:41:3e:9e:59:db:f5:74:91:84:3a: c8:c1:b7:a5:01:5c:95:e4:ef:f8:fb:d5:fd:82:9f:ef:0d:9a: 56:bc:bf:d1:8e:f7:b6:29:f6:42:a2:8e:b1:32:ed:31:b8:f3: f7:20:d1:6c:55:d9:4a:22:64:a2:7b:80:80:b0:05:09:77:72: 55:f0:45:cc:29:51:66:74:9e:92:cb:34:cf:15:ec:04:a8:30: 79:61:8f:c0:50:73:93:c6:bd:30:9e:6a:0f:8c:7f:ab:9a:d0: d3:04:ef:5a:f7:f2:4c:79:b5:a8:5f:cc:3c:85:cc:92:a4:96: ad:c2:18:46:db:57:e8:24:d1:a3:30:5e:25:ae:0c:1f:ca:d7: 28:e9:6f:9a:61:39:6b:7f:ec:1b:bd:99:1c:b8:35:71:4b:05: c3:20:81:7f:fc:61:7c:61:06:49:91:8b:ae:66:85:5b:ff:32: 2a:17:49:cf:4f:8c:4e:de:79:68:c4:4d:6b:49:f4:53:50:f7: f4:7a:63:64:2f:8e:d3:17:28:fd:3f:a6:5e:74:a9:88:ee:c4: e6:21:fa:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLtSre+55XaiS2CjcbrJHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl NTMxMDQwHhcNMjUxMjA2MDEwMjQ5WhcNMjUxMjA3MDEwMjQ5WjAzMTEwLwYDVQQD Eyg3MjllOTRlMWVmYzI1N2I1MWMyNWExOTQxZjkyNWEyNGEwOTc4OTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+XiL4ff5v93Y/bwXKUKEITd6OGH 5XkPigTqngQgOuHopKV0s02Cg5j1W1sFtIMXJafmyso2PW3A0BAO9APujZG3gKLg dkS+yHJzZH2uGU+WCi1wpkudXlXrVESBoAaL5//wd8KPDI/Et+dt5HR4q0XbEhvm 3vrCaiEDAUL5au6SLXNP0Pjzwn2tJ72sZmKD2mMLiODgN2BaKFbVeL2E4D5OjKRN KyDI3ULRRJNWZV1bcMQlWSPwQmQzAS/n54XZPUzJ5Pic1ZadovETTpf9V3IySRJJ QPoBES7XSxO805cZuR8isvos7P7RpsbhVkr2f5t3nbzBRRHGhA7s0/NQvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKelOHvwle1HCWhlB+SWiSgl4l6MB8GA1UdIwQY MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcD2nLTfH /UrYCxID/LYOV8Nx1hsuiavVifWdkg2WIf0SIvM3jvX++lUunIdBPp5Z2/V0kYQ6 yMG3pQFcleTv+PvV/YKf7w2aVry/0Y73tin2QqKOsTLtMbjz9yDRbFXZSiJkonuA gLAFCXdyVfBFzClRZnSekss0zxXsBKgweWGPwFBzk8a9MJ5qD4x/q5rQ0wTvWvfy THm1qF/MPIXMkqSWrcIYRttX6CTRozBeJa4MH8rXKOlvmmE5a3/sG72ZHLg1cUsF wyCBf/xhfGEGSZGLrmaFW/8yKhdJz0+MTt55aMRNa0n0U1D39HpjZC+O0xco/T+m XnSpiO7E5iH6zw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:33 2025 by rpki-client