This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft File: U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json) Hash identifier: 6sO/JEDsi6p254SvKB8H3+VavgtchqCWaZ58duefwzw= Subject key identifier: 1E:EA:C9:88:73:27:CA:77:62:74:1C:96:4B:94:0C:55:3F:A0:D0:F4 Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30 Certificate issuer: /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230 Certificate serial: 019AF12E312527BA8805EAE814C06CE0F40C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft Manifest number: 0BB8 Signing time: Sat 06 Dec 2025 01:02:07 +0000 Manifest this update: Sat 06 Dec 2025 01:02:07 +0000 Manifest next update: Sun 07 Dec 2025 01:02:07 +0000 Files and hashes: 1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: kgVK8DqmaG4YZj6vfOHtDzgK66bUCiWqsmWORCHrkq0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:31:25:27:ba:88:05:ea:e8:14:c0:6c:e0:f4:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230 Validity Not Before: Dec 6 01:02:07 2025 GMT Not After : Dec 7 01:02:07 2025 GMT Subject: CN=1eeac9887327ca7762741c964b940c553fa0d0f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:59:94:43:b8:dc:d7:d1:ee:80:26:4f:46:c6: 9c:66:3b:e6:14:61:52:2e:44:42:c3:3e:8c:dc:44: 5a:04:8c:4f:db:ef:ff:d9:6a:24:51:6a:0b:b3:e0: 24:2b:82:c4:14:17:7e:24:51:03:89:77:4a:c1:10: 44:dd:83:b8:0b:81:d0:61:ce:20:ca:1c:30:0a:24: ec:94:89:6d:c5:fa:7f:e5:2c:b8:df:72:4e:a8:bb: 60:86:1c:21:d5:18:0a:e5:bc:56:76:14:8d:57:0a: d6:f0:ef:3b:19:f7:82:2c:9e:6b:73:20:72:1a:6d: ea:e0:36:72:ad:98:ae:0f:ec:b4:23:6b:fe:0d:f6: e2:8c:46:4d:dc:26:e4:c9:06:93:a4:87:c8:ed:4d: 92:77:94:04:2a:f2:8f:20:e9:17:0e:72:05:59:01: 12:89:2c:49:19:87:70:6e:94:45:98:a4:90:96:a4: 0b:3c:16:f1:a7:19:c7:cd:83:06:58:59:11:b6:7e: a7:35:f6:e4:7a:33:8d:04:d8:61:4e:fe:51:ca:45: cf:49:48:91:f7:bf:f6:a6:9d:da:a2:5c:33:7e:1a: 1c:1f:6b:93:dc:12:21:1b:4a:9e:c1:88:40:81:8c: ec:5a:f9:1d:31:87:96:47:8b:d4:2a:a9:7b:bc:de: ef:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:EA:C9:88:73:27:CA:77:62:74:1C:96:4B:94:0C:55:3F:A0:D0:F4 X509v3 Authority Key Identifier: keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:5f:37:95:a5:a8:0c:c5:80:1f:fc:78:cf:6d:15:f1:1d:00: 11:70:12:d2:43:57:72:10:98:21:ba:41:2f:32:ff:cf:22:08: 6a:f2:6f:24:b7:87:79:22:89:1d:c8:4d:37:1b:fa:23:c9:a9: 64:27:e2:87:55:2c:db:e0:d8:a9:d7:96:3c:29:fe:bc:27:b3: f5:ba:07:bf:2f:93:ed:70:56:62:0b:27:ac:de:ac:33:8e:4b: 10:00:4c:e0:4b:50:15:c2:18:92:26:53:f7:74:b3:5d:dd:ae: 66:6b:ae:28:ca:ff:5c:9c:55:2f:34:27:7e:44:59:b7:97:20: 4b:b5:0e:4b:48:20:04:85:4a:43:52:26:fa:2b:d1:d6:79:6b: 5a:71:3d:ea:01:46:13:c6:93:de:d8:97:f6:3a:ed:f7:30:2b: c6:b4:39:21:dd:25:88:89:08:90:7b:0a:d0:13:c2:b5:e6:d5: 4d:17:22:75:ef:b5:1a:0e:cc:f3:70:0b:98:c2:8d:e6:e4:fa: 34:86:75:76:77:09:6d:3b:21:ca:b5:79:fa:0a:34:df:b9:8f: 32:04:99:01:e0:f8:53:e2:cf:c3:4f:6e:d1:9a:08:f5:d8:58: 3f:de:0d:da:2f:82:de:e4:43:3a:2d:46:af:8c:32:e0:1c:34: 61:11:78:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLjElJ7qIBeroFMBs4PQMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj NWQyMzAwHhcNMjUxMjA2MDEwMjA3WhcNMjUxMjA3MDEwMjA3WjAzMTEwLwYDVQQD EygxZWVhYzk4ODczMjdjYTc3NjI3NDFjOTY0Yjk0MGM1NTNmYTBkMGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFmUQ7jc19HugCZPRsacZjvmFGFS LkRCwz6M3ERaBIxP2+//2WokUWoLs+AkK4LEFBd+JFEDiXdKwRBE3YO4C4HQYc4g yhwwCiTslIltxfp/5Sy433JOqLtghhwh1RgK5bxWdhSNVwrW8O87GfeCLJ5rcyBy Gm3q4DZyrZiuD+y0I2v+DfbijEZN3CbkyQaTpIfI7U2Sd5QEKvKPIOkXDnIFWQES iSxJGYdwbpRFmKSQlqQLPBbxpxnHzYMGWFkRtn6nNfbkejONBNhhTv5RykXPSUiR 97/2pp3aolwzfhocH2uT3BIhG0qewYhAgYzsWvkdMYeWR4vUKql7vN7vowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7qyYhzJ8p3YnQclkuUDFU/oND0MB8GA1UdIwQY MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYF83laWo DMWAH/x4z20V8R0AEXAS0kNXchCYIbpBLzL/zyIIavJvJLeHeSKJHchNNxv6I8mp ZCfih1Us2+DYqdeWPCn+vCez9boHvy+T7XBWYgsnrN6sM45LEABM4EtQFcIYkiZT 93SzXd2uZmuuKMr/XJxVLzQnfkRZt5cgS7UOS0ggBIVKQ1Im+ivR1nlrWnE96gFG E8aT3tiX9jrt9zArxrQ5Id0liIkIkHsK0BPCtebVTRcide+1Gg7M83ALmMKN5uT6 NIZ1dncJbTshyrV5+go037mPMgSZAeD4U+LPw09u0ZoI9dhYP94N2i+C3uRDOi1G r4wy4Bw0YRF4Ng== -----END CERTIFICATE-----Generated at Sat Dec 6 08:33:36 2025 by rpki-client