This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft File: SPEmUDG2es3hHypnONAjRpnRgBc.mft (raw, json) Hash identifier: I7ZWgmiJTlvBqu0FTVtY4e2VB1Ui+sNea+yNlIaXHn4= Subject key identifier: 3E:76:0E:A0:82:1C:78:B4:97:5D:88:3B:9A:3E:B9:57:E7:50:B9:5C Authority key identifier: 48:F1:26:50:31:B6:7A:CD:E1:1F:2A:67:38:D0:23:46:99:D1:80:17 Certificate issuer: /CN=48f1265031b67acde11f2a6738d0234699d18017 Certificate serial: 019AF12D27A5B65DA1B86764574285D69FB8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft Manifest number: 0178 Signing time: Sat 06 Dec 2025 01:00:59 +0000 Manifest this update: Sat 06 Dec 2025 01:00:59 +0000 Manifest next update: Sun 07 Dec 2025 01:00:59 +0000 Files and hashes: 1: SPEmUDG2es3hHypnONAjRpnRgBc.crl (hash: Hqymlyx9PlF1w9hlzPNinQ+P4ZNRnRzIl4UyQHWFzAk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:27:a5:b6:5d:a1:b8:67:64:57:42:85:d6:9f:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=48f1265031b67acde11f2a6738d0234699d18017 Validity Not Before: Dec 6 01:00:59 2025 GMT Not After : Dec 7 01:00:59 2025 GMT Subject: CN=3e760ea0821c78b4975d883b9a3eb957e750b95c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:db:8f:83:2d:df:ff:56:22:d4:5a:a3:89:75: 93:f3:9e:c9:c5:53:e2:11:42:43:de:4f:01:d1:16: 8e:90:eb:e0:55:34:fd:54:22:06:e4:21:12:d0:95: 73:a9:7c:eb:8e:3a:b6:16:d5:86:10:dd:e7:5a:d3: dc:f6:3e:2b:ba:a9:05:8a:ce:a6:78:28:94:3d:aa: ed:2c:ed:a0:5f:80:41:3b:fd:bf:8f:cd:06:bb:6e: 24:10:97:a0:0b:39:11:21:9f:ca:dd:c7:a5:64:c6: 38:93:cc:cf:90:38:f4:bb:3c:d4:d1:c1:86:ec:76: af:b7:bb:be:ac:17:94:49:ff:07:ab:ba:29:c1:86: 57:c7:de:49:f1:c7:7d:63:78:ea:38:b9:1d:6a:4f: 2d:46:e9:bf:08:87:02:9f:46:0e:d5:4a:c9:59:f9: 75:b7:96:1d:9b:74:55:5b:4d:f8:9f:fc:bd:7f:33: 8e:72:91:2f:f0:84:b5:50:f0:8b:a0:4b:5a:94:fc: 6b:64:5d:94:f0:7c:31:56:5d:f9:22:6c:cf:6a:22: 0e:76:d0:50:27:ec:3d:b8:f7:a1:48:ff:74:72:3a: 58:ae:ea:5b:27:2a:df:42:36:11:fa:36:25:25:25: 92:cd:c8:12:c3:37:ae:da:90:fe:34:70:f9:5d:5d: db:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:76:0E:A0:82:1C:78:B4:97:5D:88:3B:9A:3E:B9:57:E7:50:B9:5C X509v3 Authority Key Identifier: keyid:48:F1:26:50:31:B6:7A:CD:E1:1F:2A:67:38:D0:23:46:99:D1:80:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:bc:37:c4:27:7a:02:02:31:b4:5e:77:35:e0:16:a7:f2:e3: 4d:63:15:91:fb:6c:86:53:8b:86:ed:b6:fe:73:24:c0:58:cf: 19:f3:8e:06:82:a3:4f:f4:77:ff:76:40:7f:ff:dc:ad:a7:7c: 4a:d9:0f:05:5f:1f:e6:f3:26:08:68:d6:4f:77:98:82:6e:94: 9b:cf:65:ba:ac:66:28:f2:2a:5d:9a:d6:51:bd:17:d3:25:93: 04:18:3d:4c:0b:dc:61:36:13:54:e5:4c:d2:37:9b:07:e9:a9: e5:96:15:98:ea:2c:ed:24:66:54:4b:35:a3:17:24:e3:8b:d1: b4:44:2f:42:74:d9:98:f1:a6:96:54:88:ca:90:73:6f:cc:87: 79:8d:ed:49:14:e5:65:a3:3e:d0:10:7a:28:38:17:c7:86:8b: 56:16:2a:5d:c5:c0:73:be:b4:e3:4f:17:c0:3c:5b:28:de:87: 54:7e:53:9f:bb:ee:91:d2:5d:72:61:aa:97:ab:83:b7:6f:b5: c1:60:79:76:e0:9c:38:12:1e:eb:fc:41:74:1b:67:21:c2:91: d4:ba:c1:9e:dd:04:76:9e:d9:13:5c:23:21:e9:ad:a5:77:8d: 5f:5e:15:a4:bd:83:1e:96:6a:47:c0:60:de:a9:03:ec:ae:9b: e4:ca:59:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLSeltl2huGdkV0KF1p+4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4ZjEyNjUwMzFiNjdhY2RlMTFmMmE2NzM4ZDAyMzQ2OTlk MTgwMTcwHhcNMjUxMjA2MDEwMDU5WhcNMjUxMjA3MDEwMDU5WjAzMTEwLwYDVQQD EygzZTc2MGVhMDgyMWM3OGI0OTc1ZDg4M2I5YTNlYjk1N2U3NTBiOTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9uPgy3f/1Yi1FqjiXWT857JxVPi EUJD3k8B0RaOkOvgVTT9VCIG5CES0JVzqXzrjjq2FtWGEN3nWtPc9j4ruqkFis6m eCiUPartLO2gX4BBO/2/j80Gu24kEJegCzkRIZ/K3celZMY4k8zPkDj0uzzU0cGG 7Havt7u+rBeUSf8Hq7opwYZXx95J8cd9Y3jqOLkdak8tRum/CIcCn0YO1UrJWfl1 t5Ydm3RVW034n/y9fzOOcpEv8IS1UPCLoEtalPxrZF2U8HwxVl35ImzPaiIOdtBQ J+w9uPehSP90cjpYrupbJyrfQjYR+jYlJSWSzcgSwzeu2pD+NHD5XV3bqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD52DqCCHHi0l12IO5o+uVfnULlcMB8GA1UdIwQY MBaAFEjxJlAxtnrN4R8qZzjQI0aZ0YAXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zMGJhMzYtODM0ZS00YzA0LWE3MDIt NzJlYzMwODZmMGU4LzEvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy8zMGJhMzYtODM0ZS00YzA0LWE3MDItNzJlYzMwODZmMGU4 LzEvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLw3xCd6 AgIxtF53NeAWp/LjTWMVkftshlOLhu22/nMkwFjPGfOOBoKjT/R3/3ZAf//crad8 StkPBV8f5vMmCGjWT3eYgm6Um89luqxmKPIqXZrWUb0X0yWTBBg9TAvcYTYTVOVM 0jebB+mp5ZYVmOos7SRmVEs1oxck44vRtEQvQnTZmPGmllSIypBzb8yHeY3tSRTl ZaM+0BB6KDgXx4aLVhYqXcXAc760408XwDxbKN6HVH5Tn7vukdJdcmGql6uDt2+1 wWB5duCcOBIe6/xBdBtnIcKR1LrBnt0Edp7ZE1wjIemtpXeNX14VpL2DHpZqR8Bg 3qkD7K6b5MpZTA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:14 2025 by rpki-client