This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft File: USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json) Hash identifier: dd/NiWoFRGoCYDExoDjnD9QjRuXu37x/BPOHwhRdqFs= Subject key identifier: 53:A7:1C:4A:38:26:BC:40:01:84:0B:7B:E1:C4:F7:04:79:91:12:69 Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47 Certificate issuer: /CN=5121996654a0bb4f00858c402a820bb64be09547 Certificate serial: 019AF50AEDD279D43D5973F705A2805EAC49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft Manifest number: 09E2 Signing time: Sat 06 Dec 2025 19:02:05 +0000 Manifest this update: Sat 06 Dec 2025 19:02:05 +0000 Manifest next update: Sun 07 Dec 2025 19:02:05 +0000 Files and hashes: 1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: NKuHNOOzzlOmEXygvKvAoc7k95zIZ8aTrVSGX0JgmAA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:ed:d2:79:d4:3d:59:73:f7:05:a2:80:5e:ac:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547 Validity Not Before: Dec 6 19:02:05 2025 GMT Not After : Dec 7 19:02:05 2025 GMT Subject: CN=53a71c4a3826bc4001840b7be1c4f70479911269 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c9:92:50:c9:57:08:92:06:33:2f:38:e4:41: 21:c4:b5:18:93:19:d5:c6:21:2d:c9:a8:43:de:b5: b3:29:3d:50:83:97:53:32:16:4d:0c:12:f1:61:bb: 54:e2:00:fa:ba:2f:f3:77:62:d3:20:6a:c0:a7:fd: bb:43:61:37:cf:b5:c3:94:e0:10:37:4a:bb:23:c5: 0b:5c:56:fe:d9:24:b8:85:c1:81:de:5a:3e:a9:6b: a7:be:bb:17:0c:e0:ed:af:68:ee:11:a4:91:fe:66: 08:72:9e:a8:c6:f0:47:84:9b:2d:db:e3:31:5a:8b: 40:b1:70:1a:51:13:65:7f:97:a1:8e:dd:b6:56:0e: f8:23:15:9c:48:49:33:0d:d7:e7:2b:45:ef:59:e1: 19:1a:7e:53:be:d3:6f:2f:e8:84:81:d5:5a:b7:94: de:41:78:58:d8:aa:a9:d1:e5:34:6b:d5:ea:70:86: 13:81:da:b3:42:43:b8:bc:31:60:c9:f8:bc:89:b5: 82:13:61:8a:a4:4c:5d:b5:71:85:8e:66:93:44:43: d9:4c:91:8c:60:39:96:67:1a:e2:68:91:ba:11:ea: 2d:22:e7:61:74:65:00:a0:f8:a2:8c:d6:7b:ea:32: d1:c3:9a:45:2e:fd:a9:a3:9f:ba:b0:07:65:8d:d4: d2:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:A7:1C:4A:38:26:BC:40:01:84:0B:7B:E1:C4:F7:04:79:91:12:69 X509v3 Authority Key Identifier: keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:b7:0f:46:67:db:d1:85:42:bb:7c:b4:a7:19:c9:8f:9b:a8: d2:2d:81:44:0d:84:23:26:69:a5:21:8e:5b:ae:38:d5:e0:ff: d5:89:21:7e:83:9e:00:45:d2:8a:9d:26:c9:b5:ea:48:6d:ba: 1e:c3:fd:85:39:a9:68:d7:17:c7:38:a7:5f:1f:d1:bc:32:d0: 97:71:be:84:67:a4:e6:42:73:e3:f0:41:c3:5c:8b:6a:b0:74: cd:20:b5:5e:04:b7:42:e0:f4:2b:a2:13:ae:1a:08:55:31:ac: b3:d3:f8:71:08:12:70:46:93:80:20:2a:c8:1c:d4:15:4a:f1: ce:09:2f:15:1b:1c:0b:12:1c:8a:d4:b6:46:06:a6:07:24:af: 9a:8e:0f:b3:34:ca:04:6d:40:be:2e:5a:0e:df:9d:6d:b8:c4: 1d:39:e9:37:ce:5c:9c:3e:2b:74:f8:be:90:78:f9:62:6d:d5: d2:89:d0:8d:e6:43:63:62:95:f0:6c:dd:2b:2a:f6:49:c5:63: bf:e4:f8:11:1b:d1:32:68:05:fc:70:c0:36:72:40:8c:8c:d9: 53:5e:b0:ef:3f:0b:36:43:1a:3a:f2:f6:c9:a7:ae:08:6f:29: b9:9a:67:e4:95:df:d4:91:8a:10:b5:fc:e4:54:dc:8f:79:03: 8c:0d:2d:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cu3SedQ9WXP3BaKAXqxJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl MDk1NDcwHhcNMjUxMjA2MTkwMjA1WhcNMjUxMjA3MTkwMjA1WjAzMTEwLwYDVQQD Eyg1M2E3MWM0YTM4MjZiYzQwMDE4NDBiN2JlMWM0ZjcwNDc5OTExMjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsmSUMlXCJIGMy845EEhxLUYkxnV xiEtyahD3rWzKT1Qg5dTMhZNDBLxYbtU4gD6ui/zd2LTIGrAp/27Q2E3z7XDlOAQ N0q7I8ULXFb+2SS4hcGB3lo+qWunvrsXDODtr2juEaSR/mYIcp6oxvBHhJst2+Mx WotAsXAaURNlf5ehjt22Vg74IxWcSEkzDdfnK0XvWeEZGn5TvtNvL+iEgdVat5Te QXhY2Kqp0eU0a9XqcIYTgdqzQkO4vDFgyfi8ibWCE2GKpExdtXGFjmaTREPZTJGM YDmWZxriaJG6EeotIudhdGUAoPiijNZ76jLRw5pFLv2po5+6sAdljdTSKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFOnHEo4JrxAAYQLe+HE9wR5kRJpMB8GA1UdIwQY MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA7cPRmfb 0YVCu3y0pxnJj5uo0i2BRA2EIyZppSGOW6441eD/1YkhfoOeAEXSip0mybXqSG26 HsP9hTmpaNcXxzinXx/RvDLQl3G+hGek5kJz4/BBw1yLarB0zSC1XgS3QuD0K6IT rhoIVTGss9P4cQgScEaTgCAqyBzUFUrxzgkvFRscCxIcitS2RgamBySvmo4PszTK BG1Avi5aDt+dbbjEHTnpN85cnD4rdPi+kHj5Ym3V0onQjeZDY2KV8GzdKyr2ScVj v+T4ERvRMmgF/HDANnJAjIzZU16w7z8LNkMaOvL2yaeuCG8puZpn5JXf1JGKELX8 5FTcj3kDjA0tEw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:25:05 2025 by rpki-client