This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft File: ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json) Hash identifier: C/0QQd04DIctZaqVO5d2QVLO03lT4aOrfphmDklVvZk= Subject key identifier: 79:76:9C:FC:9E:01:6C:A5:40:B8:DC:B1:47:37:CE:35:52:E2:9E:2A Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17 Certificate issuer: /CN=b9f1d5b06f5701555ff5888154dd141b48896117 Certificate serial: 019AF12D8A5C51BC04C40B95279AD0D22F67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft Manifest number: 1778 Signing time: Sat 06 Dec 2025 01:01:24 +0000 Manifest this update: Sat 06 Dec 2025 01:01:24 +0000 Manifest next update: Sun 07 Dec 2025 01:01:24 +0000 Files and hashes: 1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: KGurpCibImzVtnhl1equ/YSFBoBuvY1C1Ib3WNTV24o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:8a:5c:51:bc:04:c4:0b:95:27:9a:d0:d2:2f:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117 Validity Not Before: Dec 6 01:01:24 2025 GMT Not After : Dec 7 01:01:24 2025 GMT Subject: CN=79769cfc9e016ca540b8dcb14737ce3552e29e2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:07:c6:95:14:66:0b:a4:b9:04:f2:e1:33:99: 51:08:5c:6f:30:90:73:64:34:d1:55:fe:f0:ca:22: 9a:39:de:d5:e7:0d:b9:a6:f8:7d:58:58:e6:1f:58: 6e:4e:e9:e0:17:9f:66:bd:60:61:cc:22:1f:73:4a: 2e:a6:d5:8f:0c:b7:3c:a2:fa:c7:a1:7e:aa:bf:4b: 6e:5d:76:f0:c0:38:6b:ff:dd:7d:5d:54:9a:ea:b3: bb:b4:db:fd:e9:41:4d:62:b6:a5:5a:8d:38:28:11: 03:82:44:3b:3b:6c:2e:25:05:3f:fe:6d:f7:7a:cf: c1:d6:ad:4a:51:78:2b:d5:a1:37:9f:3c:b3:b5:e9: 6f:ae:5d:2a:80:73:e7:8e:df:eb:c5:ae:b2:99:a8: 90:da:e9:19:cb:c7:63:10:52:41:d9:6d:de:36:be: 3f:50:de:bf:6a:92:a8:f1:b5:5b:6c:cf:4a:f7:8c: e9:4e:47:4c:11:a9:f2:ca:5f:25:d4:d9:d3:8f:5b: c7:fb:42:13:62:54:bc:c1:ae:ba:77:2c:68:c0:07: c0:2f:e1:5e:9c:d0:e6:b3:37:7b:30:26:41:14:ae: 5a:40:ea:13:ae:17:86:80:34:f7:40:c5:be:3b:af: d9:8a:aa:47:d8:ed:94:c9:6f:98:13:49:73:35:57: af:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:76:9C:FC:9E:01:6C:A5:40:B8:DC:B1:47:37:CE:35:52:E2:9E:2A X509v3 Authority Key Identifier: keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:5d:be:76:7d:94:6f:b8:84:cc:4b:33:06:a7:63:3e:b7:1b: b7:51:fc:7b:8a:fe:2f:e4:1a:5d:45:88:7c:9d:5b:47:06:77: bb:86:05:95:ef:b7:78:c5:fe:ee:b4:e0:88:79:e5:81:c9:b8: ed:d6:32:84:ba:0d:16:bb:48:38:be:4f:63:f9:49:5b:7c:fa: af:92:bc:6b:30:72:9a:93:9a:d5:4b:04:7d:ff:94:5e:0c:9f: 6f:67:39:e3:c9:f8:24:a8:7f:0d:b2:95:ec:4e:9f:ca:91:0e: 8b:82:14:97:e8:bc:46:63:cc:f9:50:1e:91:9b:38:38:5a:af: d7:19:94:2a:a3:0f:63:26:c4:99:c3:2a:d3:2c:22:47:f1:fe: 8c:e8:dd:d1:bf:cb:3a:4f:14:1d:e4:a8:83:0c:9b:cb:8f:c0: 1a:d5:85:7f:df:68:c0:8c:51:1b:ee:4a:b4:15:f8:e8:9a:cb: be:98:b5:56:ca:1d:58:03:ac:c2:84:cb:9e:77:fd:9a:ea:9c: 92:18:0f:e2:45:cb:20:fd:89:d1:f7:09:49:3a:23:ee:3b:bc: 3b:36:90:ab:d8:c2:85:76:07:83:7b:53:89:3f:f2:34:55:31: 03:74:63:db:6c:33:fe:d7:e3:68:39:48:93:70:94:d0:bb:be: 7b:a7:41:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYpcUbwExAuVJ5rQ0i9nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4 OTYxMTcwHhcNMjUxMjA2MDEwMTI0WhcNMjUxMjA3MDEwMTI0WjAzMTEwLwYDVQQD Eyg3OTc2OWNmYzllMDE2Y2E1NDBiOGRjYjE0NzM3Y2UzNTUyZTI5ZTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gfGlRRmC6S5BPLhM5lRCFxvMJBz ZDTRVf7wyiKaOd7V5w25pvh9WFjmH1huTungF59mvWBhzCIfc0ouptWPDLc8ovrH oX6qv0tuXXbwwDhr/919XVSa6rO7tNv96UFNYralWo04KBEDgkQ7O2wuJQU//m33 es/B1q1KUXgr1aE3nzyztelvrl0qgHPnjt/rxa6ymaiQ2ukZy8djEFJB2W3eNr4/ UN6/apKo8bVbbM9K94zpTkdMEanyyl8l1NnTj1vH+0ITYlS8wa66dyxowAfAL+Fe nNDmszd7MCZBFK5aQOoTrheGgDT3QMW+O6/ZiqpH2O2UyW+YE0lzNVevuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHl2nPyeAWylQLjcsUc3zjVS4p4qMB8GA1UdIwQY MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhV2+dn2U b7iEzEszBqdjPrcbt1H8e4r+L+QaXUWIfJ1bRwZ3u4YFle+3eMX+7rTgiHnlgcm4 7dYyhLoNFrtIOL5PY/lJW3z6r5K8azBympOa1UsEff+UXgyfb2c548n4JKh/DbKV 7E6fypEOi4IUl+i8RmPM+VAekZs4OFqv1xmUKqMPYybEmcMq0ywiR/H+jOjd0b/L Ok8UHeSogwyby4/AGtWFf99owIxRG+5KtBX46JrLvpi1VsodWAOswoTLnnf9muqc khgP4kXLIP2J0fcJSToj7ju8OzaQq9jChXYHg3tTiT/yNFUxA3Rj22wz/tfjaDlI k3CU0Lu+e6dBNQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:43:55 2025 by rpki-client