This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft File: UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json) Hash identifier: Rjt7DUBzq7sf+W1xSehAN+jZIeGBI5az/m5FUZCKnvI= Subject key identifier: 13:45:47:E2:BD:54:22:12:5D:0C:94:A6:68:F5:B7:FE:25:B8:9F:99 Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D Certificate issuer: /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d Certificate serial: 019AF2095DA178C7063DD0B8D459171BC656 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft Manifest number: 16BF Signing time: Sat 06 Dec 2025 05:01:31 +0000 Manifest this update: Sat 06 Dec 2025 05:01:31 +0000 Manifest next update: Sun 07 Dec 2025 05:01:31 +0000 Files and hashes: 1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: yaG0e1aSsQ99C+NFyhDRFQChRxccf40yXxU248foHC0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:5d:a1:78:c7:06:3d:d0:b8:d4:59:17:1b:c6:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d Validity Not Before: Dec 6 05:01:31 2025 GMT Not After : Dec 7 05:01:31 2025 GMT Subject: CN=134547e2bd5422125d0c94a668f5b7fe25b89f99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:76:d6:20:cb:44:2d:97:12:7b:44:f3:d2:60: 97:9e:99:b9:b1:e4:bd:60:fb:e9:79:b0:b8:9c:3f: 35:33:47:09:6d:b3:63:81:3f:5f:47:95:7d:14:21: 55:99:7a:0f:79:f6:53:68:bf:18:a2:c1:c7:20:b7: e1:15:a2:41:a9:44:c3:77:84:50:22:f4:0f:31:a7: 95:0f:fc:a8:f7:c6:ec:cb:d9:f9:0e:81:b5:f1:64: 75:e3:17:2e:24:4e:02:0f:f0:b2:44:6c:ac:ce:d3: 6e:11:b7:96:38:f5:2b:13:a0:9f:52:5f:38:e8:cd: 12:63:e8:66:ea:7a:e1:6a:6a:15:03:b9:91:7a:fa: a4:f3:cb:23:10:13:9c:ff:d8:c3:50:f6:88:b0:30: 37:10:2e:d6:62:84:3e:6e:e4:9b:06:a4:d8:74:99: f3:9e:42:6b:d9:b5:a4:fd:bf:0a:bd:77:d3:59:19: 24:eb:01:50:b1:41:52:39:13:2a:b1:6e:0d:a0:01: ab:4e:a0:7e:cf:d8:5f:b5:ec:24:10:3e:81:cd:db: 8d:2d:12:36:84:2e:78:d4:6c:4b:8c:c4:93:80:47: f1:ba:6f:57:a3:7c:aa:6a:ff:a8:4c:1f:ca:92:32: 1a:5b:e9:ae:f4:18:31:18:e1:20:49:4a:e0:40:27: 9b:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:45:47:E2:BD:54:22:12:5D:0C:94:A6:68:F5:B7:FE:25:B8:9F:99 X509v3 Authority Key Identifier: keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:f9:cc:d5:f4:c6:0f:bd:a9:e2:ae:7b:68:0f:83:a1:d3:ce: 3f:c1:19:5a:d2:c0:b1:84:ab:57:47:7c:f4:7a:90:89:e7:16: 0f:38:ee:02:2b:72:36:03:59:1f:a0:4c:e5:cd:34:f2:b6:c8: 83:c8:f1:e3:24:3c:34:ae:7d:cf:83:07:33:9c:2c:dc:b3:98: b7:52:ba:c0:fb:7d:31:45:54:57:dd:7d:22:f9:75:63:ac:c7: 1a:06:90:60:29:ac:ad:fd:99:a0:9a:53:18:3c:15:f4:7d:dc: 0e:ba:e2:67:9a:17:f0:24:41:a3:f4:55:aa:9b:3a:e8:a6:47: c9:78:69:9d:93:a2:20:4c:8c:24:b2:c3:45:98:b2:3e:fe:b5: db:9c:97:61:5d:66:b1:ba:ca:dd:fa:9d:00:a9:68:40:09:07: 5e:83:8b:0e:9e:2a:31:c0:89:e2:a9:07:49:cf:ce:50:07:c8: 8b:93:e4:e6:b4:a1:1c:ca:4f:37:8f:6b:f3:cc:cd:f1:ff:a0: ba:98:58:de:27:68:81:f0:36:0b:4b:dd:95:c2:91:9e:23:13: 02:ce:51:d5:a3:57:ad:a6:10:69:d1:6c:ae:37:60:76:00:a9: 79:79:2b:0c:56:49:51:68:ee:57:b7:70:19:66:28:89:ae:37: 33:75:21:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCV2heMcGPdC41FkXG8ZWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm YjQ5N2QwHhcNMjUxMjA2MDUwMTMxWhcNMjUxMjA3MDUwMTMxWjAzMTEwLwYDVQQD EygxMzQ1NDdlMmJkNTQyMjEyNWQwYzk0YTY2OGY1YjdmZTI1Yjg5Zjk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3bWIMtELZcSe0Tz0mCXnpm5seS9 YPvpebC4nD81M0cJbbNjgT9fR5V9FCFVmXoPefZTaL8YosHHILfhFaJBqUTDd4RQ IvQPMaeVD/yo98bsy9n5DoG18WR14xcuJE4CD/CyRGysztNuEbeWOPUrE6CfUl84 6M0SY+hm6nrhamoVA7mRevqk88sjEBOc/9jDUPaIsDA3EC7WYoQ+buSbBqTYdJnz nkJr2bWk/b8KvXfTWRkk6wFQsUFSORMqsW4NoAGrTqB+z9hftewkED6BzduNLRI2 hC541GxLjMSTgEfxum9Xo3yqav+oTB/KkjIaW+mu9BgxGOEgSUrgQCebhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBNFR+K9VCISXQyUpmj1t/4luJ+ZMB8GA1UdIwQY MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfnM1fTG D72p4q57aA+DodPOP8EZWtLAsYSrV0d89HqQiecWDzjuAityNgNZH6BM5c008rbI g8jx4yQ8NK59z4MHM5ws3LOYt1K6wPt9MUVUV919Ivl1Y6zHGgaQYCmsrf2ZoJpT GDwV9H3cDrriZ5oX8CRBo/RVqps66KZHyXhpnZOiIEyMJLLDRZiyPv6125yXYV1m sbrK3fqdAKloQAkHXoOLDp4qMcCJ4qkHSc/OUAfIi5Pk5rShHMpPN49r88zN8f+g uphY3idogfA2C0vdlcKRniMTAs5R1aNXraYQadFsrjdgdgCpeXkrDFZJUWjuV7dw GWYoia43M3Uhnw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:16:53 2025 by rpki-client