This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft File: UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json) Hash identifier: JY4KO0GOP+bAPcdP5GMD/uQdO0NLR+XHMiUSnRHl89I= Subject key identifier: D7:52:55:C0:AF:4B:87:C9:11:4F:B5:E5:A0:72:3C:35:77:21:8B:8E Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D Certificate issuer: /CN=5061bdf7da55676d971882beee9021bc5fb3172d Certificate serial: 019AF208BC31673E728CDCB2500F60643B28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft Manifest number: 0A18 Signing time: Sat 06 Dec 2025 05:00:49 +0000 Manifest this update: Sat 06 Dec 2025 05:00:49 +0000 Manifest next update: Sun 07 Dec 2025 05:00:49 +0000 Files and hashes: 1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: amUdaKTIcaKbZ9nanzy3bAQNp8xZtlkvWgVagi6+AdM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:bc:31:67:3e:72:8c:dc:b2:50:0f:60:64:3b:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d Validity Not Before: Dec 6 05:00:49 2025 GMT Not After : Dec 7 05:00:49 2025 GMT Subject: CN=d75255c0af4b87c9114fb5e5a0723c3577218b8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:33:9f:37:a8:55:a6:d7:f8:ab:db:bb:56:15: 0f:6f:0e:0f:84:24:45:e7:cd:16:4e:7d:1a:13:6b: 66:6a:cf:0f:38:f8:7d:af:bd:c1:6a:1f:71:5d:23: c2:c5:9e:b1:dc:31:a8:6f:93:8d:14:96:4c:d3:96: 07:35:6e:c0:e3:a2:48:62:b5:18:8a:f6:12:dd:b1: d1:c2:f7:d5:d1:5f:3a:cd:99:d1:fe:c3:a3:04:b7: 5f:6a:84:25:58:83:ae:56:98:65:f9:02:76:98:03: 3d:c5:39:5c:37:e7:c2:dd:d2:6e:f7:8d:42:e4:0b: 39:c5:91:fc:3c:f5:bc:08:48:7f:97:a5:c0:1e:c8: 36:52:d3:0c:72:b0:3f:37:bc:9a:20:9d:cb:a9:e4: 1e:af:bf:3e:cb:26:c8:e4:47:14:5d:a9:9d:2a:dd: d3:2f:a6:01:5b:39:5f:74:a4:11:3b:d2:85:32:68: a8:ac:6b:05:82:63:fb:bb:09:14:4b:16:30:0a:1d: 9f:2a:16:14:d5:81:a2:03:b4:78:bc:0f:81:da:c6: b1:0d:47:c4:8c:24:c9:d1:3e:a5:d4:22:03:d6:9b: 3b:6b:6b:dd:6a:9f:ff:14:c6:e5:2c:75:fc:3c:c0: 93:a4:e8:6e:0a:2a:97:4c:cc:a5:68:b7:32:93:a8: 2e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:52:55:C0:AF:4B:87:C9:11:4F:B5:E5:A0:72:3C:35:77:21:8B:8E X509v3 Authority Key Identifier: keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:90:c4:5f:e6:e9:40:00:42:79:52:85:ba:a0:bb:d3:53:ee: 92:ac:3c:ab:8c:dc:46:50:e8:43:7c:be:96:4b:be:ee:ab:43: 5f:75:99:88:c4:cb:a5:49:ec:ca:54:5a:67:5c:7a:ea:4d:1f: 06:e9:74:07:a3:60:b5:bb:c5:82:14:d6:8e:5f:e0:fc:97:93: 1a:ad:92:70:53:eb:72:07:7b:22:f6:5a:39:c0:de:e4:07:29: 5c:43:95:33:aa:f2:6e:ec:c2:ff:21:8d:37:11:3b:52:25:bf: 09:d6:9a:84:22:9b:4c:1f:7e:a1:39:af:83:37:ad:f3:ac:ce: 22:93:84:a9:2a:3b:e5:ed:4e:58:b9:02:0d:e9:fa:a6:85:09: dc:7e:3c:f6:4c:5a:c2:17:cd:fa:bc:a6:9b:7c:6e:1d:8c:3c: ca:14:4c:68:f5:d2:77:60:07:b7:c3:77:0e:16:56:91:dc:59: ca:13:55:f4:d0:85:bd:53:6e:ac:bd:47:7a:07:29:87:3e:9d: 5e:91:5e:fa:0c:01:94:68:55:50:b0:28:2c:ad:f1:f1:32:bd: 52:13:75:3c:59:5a:c7:6c:1a:72:9e:1a:51:bf:54:9f:06:cd: 1a:76:fa:3a:a4:24:64:33:a1:65:27:e5:c3:95:d4:05:b8:5e: 75:38:9f:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCLwxZz5yjNyyUA9gZDsoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi MzE3MmQwHhcNMjUxMjA2MDUwMDQ5WhcNMjUxMjA3MDUwMDQ5WjAzMTEwLwYDVQQD EyhkNzUyNTVjMGFmNGI4N2M5MTE0ZmI1ZTVhMDcyM2MzNTc3MjE4YjhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DOfN6hVptf4q9u7VhUPbw4PhCRF 580WTn0aE2tmas8POPh9r73Bah9xXSPCxZ6x3DGob5ONFJZM05YHNW7A46JIYrUY ivYS3bHRwvfV0V86zZnR/sOjBLdfaoQlWIOuVphl+QJ2mAM9xTlcN+fC3dJu941C 5As5xZH8PPW8CEh/l6XAHsg2UtMMcrA/N7yaIJ3LqeQer78+yybI5EcUXamdKt3T L6YBWzlfdKQRO9KFMmiorGsFgmP7uwkUSxYwCh2fKhYU1YGiA7R4vA+B2saxDUfE jCTJ0T6l1CID1ps7a2vdap//FMblLHX8PMCTpOhuCiqXTMylaLcyk6gu6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNdSVcCvS4fJEU+15aByPDV3IYuOMB8GA1UdIwQY MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJDEX+bp QABCeVKFuqC701Pukqw8q4zcRlDoQ3y+lku+7qtDX3WZiMTLpUnsylRaZ1x66k0f Bul0B6NgtbvFghTWjl/g/JeTGq2ScFPrcgd7IvZaOcDe5AcpXEOVM6rybuzC/yGN NxE7UiW/CdaahCKbTB9+oTmvgzet86zOIpOEqSo75e1OWLkCDen6poUJ3H489kxa whfN+rymm3xuHYw8yhRMaPXSd2AHt8N3DhZWkdxZyhNV9NCFvVNurL1Hegcphz6d XpFe+gwBlGhVULAoLK3x8TK9UhN1PFlax2wacp4aUb9UnwbNGnb6OqQkZDOhZSfl w5XUBbhedTif0g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:58:33 2025 by rpki-client