This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft File: 0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json) Hash identifier: lg2nqEQh1TPxrzc76m3eGIAUSwBzcvtlmHhBOscA3nQ= Subject key identifier: 29:FD:BA:8E:E6:DE:AA:24:91:AB:F6:76:5E:AA:D5:A3:10:08:63:0C Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A Certificate issuer: /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a Certificate serial: 019AF209929F5E200AF5B2796352C832866B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft Manifest number: 1613 Signing time: Sat 06 Dec 2025 05:01:44 +0000 Manifest this update: Sat 06 Dec 2025 05:01:44 +0000 Manifest next update: Sun 07 Dec 2025 05:01:44 +0000 Files and hashes: 1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: W0UJfJu2R/aUJ5roTxOZRNSgK1XXG1gv3AuE1/ilHHw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:92:9f:5e:20:0a:f5:b2:79:63:52:c8:32:86:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a Validity Not Before: Dec 6 05:01:44 2025 GMT Not After : Dec 7 05:01:44 2025 GMT Subject: CN=29fdba8ee6deaa2491abf6765eaad5a31008630c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:28:49:50:6a:2d:68:98:88:62:a4:da:90:8e: 2e:01:7c:d1:65:a0:24:4a:f6:1c:09:91:46:70:82: 8a:72:26:7b:55:ac:35:29:86:0d:87:d2:4e:8a:a5: 47:85:b6:88:94:e6:ca:87:91:6c:f5:3c:b3:f8:c0: 72:9b:7f:92:da:d0:37:4c:41:71:cd:33:5c:d0:0d: 02:f6:6f:e8:02:20:39:e2:d3:3f:36:46:1e:df:e3: db:ad:9f:5d:f8:38:31:88:09:4c:b2:d4:a4:e3:c8: 59:49:37:21:f6:51:24:20:f0:64:5c:be:85:01:a3: 56:28:10:ce:79:51:ef:20:f8:8b:09:92:9b:14:f0: 81:38:ff:4c:5f:40:84:e1:6b:d6:1f:d5:33:54:d6: 43:fa:27:c2:9b:51:b1:8a:5e:2f:82:ee:2a:c3:a9: 32:0b:7f:8c:65:d6:47:3d:48:60:cc:f0:65:d3:a4: fa:ba:51:e4:dc:b8:dc:96:d0:16:18:ed:a2:61:8b: 92:ea:c2:5e:d6:71:36:97:d8:9a:79:d9:38:ba:7c: 05:ae:95:89:56:f8:c2:2a:21:b3:17:7e:18:02:7c: 88:fa:96:d3:83:17:7b:81:b6:9b:eb:79:16:c6:44: 57:75:07:73:2b:20:6b:c4:1b:b5:01:da:d1:b8:dd: 31:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:FD:BA:8E:E6:DE:AA:24:91:AB:F6:76:5E:AA:D5:A3:10:08:63:0C X509v3 Authority Key Identifier: keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:e9:0d:1f:2e:6f:0f:7b:83:58:d1:73:ae:82:36:bb:27:0e: 8a:60:b4:40:30:e4:2d:fd:1b:b1:25:47:98:67:a8:8d:b8:7b: a8:56:69:e4:93:ca:c1:92:b3:10:a4:ed:72:84:80:07:c4:e2: 6f:3a:de:d0:1c:ff:fa:94:2c:82:f6:83:ec:52:92:5e:8a:14: 78:69:6e:e0:b1:5d:75:90:27:84:70:1d:c4:9b:06:9f:4e:9f: 43:8c:b3:57:db:3f:f8:51:dd:e3:46:fe:4e:0d:87:dc:c9:84: 92:65:a0:e7:62:fe:6d:5f:47:55:f8:3e:1f:a8:da:1c:24:0c: 09:26:92:11:2a:e9:e5:7a:f1:e8:5f:36:2a:34:d1:2a:4b:a2: 15:36:ab:30:f3:09:e8:4f:b5:d9:31:4f:ff:96:30:a6:10:54: 5a:0f:55:06:8b:30:fd:51:fa:a3:db:4c:17:13:9a:bd:6e:0e: a8:16:8b:4d:11:cb:a4:84:e0:cb:d6:20:2b:c1:27:ce:aa:8c: 0c:bf:11:61:e3:6e:a0:ed:d1:b3:5f:ad:48:69:a1:74:5e:7e: 0d:e2:d8:5d:27:5b:ca:b5:f4:b9:ff:eb:13:0f:3f:0f:f0:f4: e2:e0:6c:d6:cf:25:85:83:20:47:b5:fe:79:20:f0:40:74:35: 22:3e:d5:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCZKfXiAK9bJ5Y1LIMoZrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx OWQzNWEwHhcNMjUxMjA2MDUwMTQ0WhcNMjUxMjA3MDUwMTQ0WjAzMTEwLwYDVQQD EygyOWZkYmE4ZWU2ZGVhYTI0OTFhYmY2NzY1ZWFhZDVhMzEwMDg2MzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyhJUGotaJiIYqTakI4uAXzRZaAk SvYcCZFGcIKKciZ7Vaw1KYYNh9JOiqVHhbaIlObKh5Fs9Tyz+MBym3+S2tA3TEFx zTNc0A0C9m/oAiA54tM/NkYe3+PbrZ9d+DgxiAlMstSk48hZSTch9lEkIPBkXL6F AaNWKBDOeVHvIPiLCZKbFPCBOP9MX0CE4WvWH9UzVNZD+ifCm1Gxil4vgu4qw6ky C3+MZdZHPUhgzPBl06T6ulHk3LjcltAWGO2iYYuS6sJe1nE2l9iaedk4unwFrpWJ VvjCKiGzF34YAnyI+pbTgxd7gbab63kWxkRXdQdzKyBrxBu1AdrRuN0x9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCn9uo7m3qokkav2dl6q1aMQCGMMMB8GA1UdIwQY MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHekNHy5v D3uDWNFzroI2uycOimC0QDDkLf0bsSVHmGeojbh7qFZp5JPKwZKzEKTtcoSAB8Ti bzre0Bz/+pQsgvaD7FKSXooUeGlu4LFddZAnhHAdxJsGn06fQ4yzV9s/+FHd40b+ Tg2H3MmEkmWg52L+bV9HVfg+H6jaHCQMCSaSESrp5Xrx6F82KjTRKkuiFTarMPMJ 6E+12TFP/5YwphBUWg9VBosw/VH6o9tMFxOavW4OqBaLTRHLpITgy9YgK8EnzqqM DL8RYeNuoO3Rs1+tSGmhdF5+DeLYXSdbyrX0uf/rEw8/D/D04uBs1s8lhYMgR7X+ eSDwQHQ1Ij7VTg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:20:43 2025 by rpki-client