This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.mft File: UvJb0FrBSIUfoqRjrQ3gcIGEBPc.mft (raw, json) Hash identifier: 6jJjVyV2pOiv7JRn1fXjNmvci6Jms29TrAbjRuPAWQY= Subject key identifier: 1D:44:8E:DC:C5:9F:0D:74:70:F8:EB:4E:F1:F1:B8:DE:6B:7B:51:91 Authority key identifier: 52:F2:5B:D0:5A:C1:48:85:1F:A2:A4:63:AD:0D:E0:70:81:84:04:F7 Certificate issuer: /CN=52f25bd05ac148851fa2a463ad0de070818404f7 Certificate serial: 019AF31CFF70BDD4C81783E56D8C7EC83F6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.mft Manifest number: 0B8C Signing time: Sat 06 Dec 2025 10:02:34 +0000 Manifest this update: Sat 06 Dec 2025 10:02:34 +0000 Manifest next update: Sun 07 Dec 2025 10:02:34 +0000 Files and hashes: 1: UvJb0FrBSIUfoqRjrQ3gcIGEBPc.crl (hash: xgONGBK1cc9VrIuwUBXz3JyUef3PPpWmzrwgaQjCY00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.mft rsync://rpki.ripe.net/repository/DEFAULT/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:ff:70:bd:d4:c8:17:83:e5:6d:8c:7e:c8:3f:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52f25bd05ac148851fa2a463ad0de070818404f7 Validity Not Before: Dec 6 10:02:34 2025 GMT Not After : Dec 7 10:02:34 2025 GMT Subject: CN=1d448edcc59f0d7470f8eb4ef1f1b8de6b7b5191 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:17:cd:43:66:ba:07:6d:d8:bd:fa:2f:37:e1: 87:ba:dc:bb:3f:af:e5:43:d6:d6:eb:cd:d2:06:54: f2:83:b2:d6:c9:98:1a:3e:56:d3:59:3b:aa:a2:a5: d8:e7:8c:24:3a:f4:8e:70:79:06:d5:ed:b9:ce:b4: 6a:2f:db:df:bd:a1:22:cf:76:87:16:6e:f5:65:e6: ea:73:7c:d7:45:d4:c0:09:89:7e:31:52:dd:41:25: da:86:c4:bf:b4:e8:12:de:81:a2:71:68:60:1e:59: e7:c8:fa:39:7b:e8:41:96:70:20:bd:be:21:f0:c6: bb:83:d6:23:20:71:17:41:8a:0a:55:30:a8:56:e6: 66:7e:db:4a:65:eb:e9:53:5f:84:23:1a:12:a5:9f: d1:45:1e:a5:55:44:87:90:9a:8f:f1:be:31:4f:2b: ab:9a:d2:8f:44:0c:7a:b8:3b:69:1e:4e:0c:d5:ae: a3:e6:06:25:95:64:e2:3d:49:55:71:cb:9a:4c:65: 6c:d9:dc:5e:e7:c3:ae:a2:f2:2e:ea:9a:15:12:c4: 41:63:81:92:cc:ac:c6:76:a1:99:f9:ce:a9:34:82: e9:19:03:6f:e3:85:b9:de:90:61:34:39:60:94:c7: 03:bb:be:97:6f:59:97:cf:e1:b4:d7:ea:dd:5f:4a: 5e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:44:8E:DC:C5:9F:0D:74:70:F8:EB:4E:F1:F1:B8:DE:6B:7B:51:91 X509v3 Authority Key Identifier: keyid:52:F2:5B:D0:5A:C1:48:85:1F:A2:A4:63:AD:0D:E0:70:81:84:04:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/12d4f2-5028-44fb-bdf3-c822155acfa6/1/UvJb0FrBSIUfoqRjrQ3gcIGEBPc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:55:6a:a7:b2:9d:15:5d:1d:76:1d:17:7a:47:21:d5:a6:4d: 7c:8d:d8:a1:6a:ad:fa:cc:6d:7e:55:19:06:44:ea:fb:5e:83: db:69:90:42:bb:08:9c:11:83:30:d5:8e:9e:96:75:dd:ff:b1: 47:88:18:58:3e:9b:79:28:21:92:05:37:22:3f:8b:9d:d8:34: 5f:a3:9d:25:4e:3e:af:42:50:a2:e4:d8:93:d8:5c:ed:de:cc: 93:5b:22:19:7d:fc:89:77:5b:b4:ec:f6:93:1c:a5:c8:40:ef: 90:8c:29:dc:aa:6f:ac:48:7a:8f:26:ff:34:84:64:7a:b1:a0: 4b:f3:de:43:36:41:22:a4:69:26:27:a3:7d:a3:cc:bf:37:d2: e2:46:a5:ed:87:40:0f:b3:fa:ec:96:9b:0d:c4:df:2f:c0:f5: 74:b9:d8:bf:46:da:36:40:4e:12:c6:ad:7a:ad:bd:ef:c4:72: af:32:02:38:fa:84:a4:ac:0a:99:95:33:49:d4:a7:9a:b9:aa: 0c:d0:1e:38:a9:27:62:3a:50:f8:92:76:16:72:c9:6a:24:fa: 23:c2:d8:8d:d5:fc:b3:a4:fc:e4:14:d2:e3:bf:d1:fa:0a:da: f1:30:0a:87:d8:f3:4a:d4:b6:31:dd:51:3b:45:67:82:c5:60: 6d:6d:05:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHP9wvdTIF4PlbYx+yD9rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyZjI1YmQwNWFjMTQ4ODUxZmEyYTQ2M2FkMGRlMDcwODE4 NDA0ZjcwHhcNMjUxMjA2MTAwMjM0WhcNMjUxMjA3MTAwMjM0WjAzMTEwLwYDVQQD EygxZDQ0OGVkY2M1OWYwZDc0NzBmOGViNGVmMWYxYjhkZTZiN2I1MTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRfNQ2a6B23YvfovN+GHuty7P6/l Q9bW683SBlTyg7LWyZgaPlbTWTuqoqXY54wkOvSOcHkG1e25zrRqL9vfvaEiz3aH Fm71Zebqc3zXRdTACYl+MVLdQSXahsS/tOgS3oGicWhgHlnnyPo5e+hBlnAgvb4h 8Ma7g9YjIHEXQYoKVTCoVuZmfttKZevpU1+EIxoSpZ/RRR6lVUSHkJqP8b4xTyur mtKPRAx6uDtpHk4M1a6j5gYllWTiPUlVccuaTGVs2dxe58OuovIu6poVEsRBY4GS zKzGdqGZ+c6pNILpGQNv44W53pBhNDlglMcDu76Xb1mXz+G01+rdX0peMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB1EjtzFnw10cPjrTvHxuN5re1GRMB8GA1UdIwQY MBaAFFLyW9BawUiFH6KkY60N4HCBhAT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXZKYjBGckJTSVVmb3FSanJRM2djSUdFQlBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xMmQ0ZjItNTAyOC00NGZiLWJkZjMt YzgyMjE1NWFjZmE2LzEvVXZKYjBGckJTSVVmb3FSanJRM2djSUdFQlBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8xMmQ0ZjItNTAyOC00NGZiLWJkZjMtYzgyMjE1NWFjZmE2 LzEvVXZKYjBGckJTSVVmb3FSanJRM2djSUdFQlBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1Vqp7Kd FV0ddh0Xekch1aZNfI3YoWqt+sxtflUZBkTq+16D22mQQrsInBGDMNWOnpZ13f+x R4gYWD6beSghkgU3Ij+Lndg0X6OdJU4+r0JQouTYk9hc7d7Mk1siGX38iXdbtOz2 kxylyEDvkIwp3KpvrEh6jyb/NIRkerGgS/PeQzZBIqRpJiejfaPMvzfS4kal7YdA D7P67JabDcTfL8D1dLnYv0baNkBOEsateq2978RyrzICOPqEpKwKmZUzSdSnmrmq DNAeOKknYjpQ+JJ2FnLJaiT6I8LYjdX8s6T85BTS47/R+gra8TAKh9jzStS2Md1R O0VngsVgbW0Fug== -----END CERTIFICATE-----Generated at Sat Dec 6 12:58:36 2025 by rpki-client