This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft File: uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json) Hash identifier: B9tTNAAc59wsw63eiUP/Wf6jGWP7EK0z5GM5MKEqh2A= Subject key identifier: 7F:0F:8F:87:CB:10:F8:D6:A0:14:4A:7E:42:64:28:FF:7B:48:A9:89 Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E Certificate issuer: /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e Certificate serial: 019AF61C61CCF2D20C27C797118AC2B34957 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft Manifest number: 06E5 Signing time: Sun 07 Dec 2025 00:00:46 +0000 Manifest this update: Sun 07 Dec 2025 00:00:46 +0000 Manifest next update: Mon 08 Dec 2025 00:00:46 +0000 Files and hashes: 1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: LsZL+RCSaJF7DhRPNemAMnMdTZMKnrzZgSdjDzC9/5I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:61:cc:f2:d2:0c:27:c7:97:11:8a:c2:b3:49:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e Validity Not Before: Dec 7 00:00:46 2025 GMT Not After : Dec 8 00:00:46 2025 GMT Subject: CN=7f0f8f87cb10f8d6a0144a7e426428ff7b48a989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b1:bf:83:b2:1a:2b:00:28:64:34:d4:3c:2e: b5:8a:b7:4c:cd:71:fc:48:90:74:ce:df:d3:60:83: 88:1c:e5:5f:00:b0:0a:13:dc:79:9d:a8:ef:64:9e: ee:fd:2b:69:2d:13:12:69:59:6f:a3:5d:ea:9a:df: 6c:88:4d:c3:bc:db:c4:74:8a:f4:41:69:a4:dd:97: 12:33:c5:2b:ac:14:1e:82:6f:e0:80:ff:fa:33:9f: 43:e8:6f:e1:48:91:51:1f:50:61:67:fa:24:64:bc: 00:43:89:a3:a5:18:70:ba:c6:0d:f1:bb:0c:b0:cc: 0c:89:c3:b3:80:2f:d1:ac:e3:0f:8d:be:2f:bd:d1: 62:6b:9d:a1:c4:b2:a5:de:f1:ac:51:87:84:b2:52: fc:5d:c5:29:89:ae:f3:37:29:41:bc:29:54:78:88: 4e:6e:fb:0c:5a:87:54:bd:05:1f:7b:53:0b:bb:c8: 97:fe:f1:45:dc:f2:2a:0c:ba:2d:b8:5e:3b:9e:5e: 13:20:ff:c2:2b:26:b5:45:22:79:c9:7c:e3:42:79: 6a:d5:a6:8c:fc:73:c2:ae:bb:66:21:b5:ab:0a:e0: 68:92:c9:45:da:7d:07:f0:c6:0b:9f:82:37:fb:c1: 31:e8:77:1b:d0:57:24:c7:8b:dd:6f:7e:73:c3:d4: 67:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:0F:8F:87:CB:10:F8:D6:A0:14:4A:7E:42:64:28:FF:7B:48:A9:89 X509v3 Authority Key Identifier: keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:17:db:48:70:0e:68:39:7d:a8:03:02:d0:1a:c5:42:c4:83: 2c:ed:d1:bd:43:3d:be:a8:9c:1a:ac:06:11:f1:31:cd:ed:d8: 9c:d7:db:0d:9d:e5:e7:aa:cd:06:44:c8:4b:e3:61:9b:e2:db: 30:25:1b:f6:17:f8:b4:0e:3d:b5:51:24:4f:c3:d2:33:eb:f9: 3a:e1:b4:96:31:c4:a2:9c:b7:d9:a1:43:35:85:ac:4a:e8:97: e7:29:b3:9c:c5:2c:88:27:bd:bd:8d:b5:a5:c9:1e:49:a6:7c: d2:2f:0f:f3:44:bb:e8:5e:a3:bc:8a:3b:df:cd:05:bf:91:8b: 7e:f1:72:45:ea:98:64:9a:e8:35:e7:01:5a:a9:9d:7e:12:5e: dc:65:ef:93:f5:9f:ca:ea:3d:8f:98:db:30:e5:d5:f0:bb:e2: 72:a1:92:10:5b:df:da:2b:a7:c2:e9:c7:93:4a:35:6d:ec:86: 5e:5a:ee:ad:1f:7f:6d:42:f0:97:8e:66:89:1e:fa:09:fd:4a: 93:4f:dd:41:f9:45:e0:68:6d:5d:2b:ba:ca:43:61:60:80:89: 9d:47:6b:1b:c0:c8:5c:ba:b5:f6:2c:cb:07:4f:d0:62:68:05: 62:55:4f:a6:3f:05:8b:03:2d:cb:94:d2:f2:d7:cf:07:d4:04: f7:f0:66:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HGHM8tIMJ8eXEYrCs0lXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2 ODExOGUwHhcNMjUxMjA3MDAwMDQ2WhcNMjUxMjA4MDAwMDQ2WjAzMTEwLwYDVQQD Eyg3ZjBmOGY4N2NiMTBmOGQ2YTAxNDRhN2U0MjY0MjhmZjdiNDhhOTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrG/g7IaKwAoZDTUPC61irdMzXH8 SJB0zt/TYIOIHOVfALAKE9x5najvZJ7u/StpLRMSaVlvo13qmt9siE3DvNvEdIr0 QWmk3ZcSM8UrrBQegm/ggP/6M59D6G/hSJFRH1BhZ/okZLwAQ4mjpRhwusYN8bsM sMwMicOzgC/RrOMPjb4vvdFia52hxLKl3vGsUYeEslL8XcUpia7zNylBvClUeIhO bvsMWodUvQUfe1MLu8iX/vFF3PIqDLotuF47nl4TIP/CKya1RSJ5yXzjQnlq1aaM /HPCrrtmIbWrCuBokslF2n0H8MYLn4I3+8Ex6Hcb0Fckx4vdb35zw9RnYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH8Pj4fLEPjWoBRKfkJkKP97SKmJMB8GA1UdIwQY MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAahfbSHAO aDl9qAMC0BrFQsSDLO3RvUM9vqicGqwGEfExze3YnNfbDZ3l56rNBkTIS+Nhm+Lb MCUb9hf4tA49tVEkT8PSM+v5OuG0ljHEopy32aFDNYWsSuiX5ymznMUsiCe9vY21 pckeSaZ80i8P80S76F6jvIo7380Fv5GLfvFyReqYZJroNecBWqmdfhJe3GXvk/Wf yuo9j5jbMOXV8LvicqGSEFvf2iunwunHk0o1beyGXlrurR9/bULwl45miR76Cf1K k0/dQflF4GhtXSu6ykNhYICJnUdrG8DIXLq19izLB0/QYmgFYlVPpj8FiwMty5TS 8tfPB9QE9/Bm7w== -----END CERTIFICATE-----Generated at Sun Dec 7 01:49:14 2025 by rpki-client