This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json) Hash identifier: k7Cw57vl6nuYmnPJGz+76P+Iun8pSPIaoq4LUuumlO0= Subject key identifier: B8:EF:5B:69:1A:45:42:E1:C0:81:8A:68:5E:6C:13:CD:0B:CD:88:D9 Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Certificate serial: 019B2D0AD5495D363CF71503249D44F25047 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft Manifest number: 0CB6 Signing time: Wed 17 Dec 2025 16:00:43 +0000 Manifest this update: Wed 17 Dec 2025 16:00:43 +0000 Manifest next update: Thu 18 Dec 2025 16:00:43 +0000 Files and hashes: 1: 5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa (hash: o7jn9b/bWLBA/ntIWwkYzFbMhpkdc8Mhco9rAn9gsO0=) 2: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: JhR3W+/lqOlQXg18z/8KoEH4dSuttfMmikyECSCiP98=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 16:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0a:d5:49:5d:36:3c:f7:15:03:24:9d:44:f2:50:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Validity Not Before: Dec 17 16:00:43 2025 GMT Not After : Dec 18 16:00:43 2025 GMT Subject: CN=b8ef5b691a4542e1c0818a685e6c13cd0bcd88d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:70:8d:42:59:b3:1c:be:00:89:21:e0:00:5a: e2:69:6c:d7:e5:84:ce:f2:e3:b1:99:c4:d8:1e:d4: ab:7f:bc:5c:78:34:66:0c:11:ff:d2:6c:a2:ff:89: c6:c0:59:09:35:9b:16:3c:0c:8f:2b:36:5e:ea:ee: 31:c8:5c:c2:9d:cf:b7:12:89:26:49:1d:74:63:7d: b8:1d:a3:f0:a5:26:94:e1:99:01:6b:ad:cb:60:8f: ac:73:0b:09:af:24:54:f0:6d:f1:2c:40:e8:48:81: 8c:d2:a2:a8:17:c5:6d:c5:b8:5f:ef:93:86:85:09: 68:3d:f5:b8:8a:23:1a:06:78:46:65:7e:35:bb:c1: f6:d9:2b:70:aa:2d:66:f2:d6:cd:9f:d1:db:80:e5: 1f:32:68:fa:ec:47:72:c6:0e:4d:af:02:d5:ea:d8: 81:42:0f:9e:de:af:4a:55:1c:ca:d3:1d:a3:fd:77: 94:79:a7:08:66:49:fd:70:97:ea:31:23:63:cd:6e: bf:38:4c:09:8f:a1:99:e1:1c:d3:d5:2d:a1:a7:5b: 81:f8:0c:d7:63:f9:ec:e4:c4:45:94:1d:8c:e6:48: 19:e4:df:fb:9c:98:3a:ea:3f:2b:cd:7f:fb:1a:c9: 31:f4:ba:9c:dc:eb:b7:63:b6:99:9b:46:c4:14:0d: 51:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:EF:5B:69:1A:45:42:E1:C0:81:8A:68:5E:6C:13:CD:0B:CD:88:D9 X509v3 Authority Key Identifier: keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:2a:5c:4e:fe:60:a7:39:b9:95:6a:ea:f9:4a:f9:c6:06:07: 19:e2:d6:99:04:20:b4:a6:fb:04:ea:b5:5d:08:5f:19:a4:49: ff:af:c3:e6:30:a0:b0:10:a1:c1:b0:a3:c5:6a:db:d9:a5:cc: 9d:c0:6a:9a:26:e1:64:f5:65:78:00:df:00:49:8f:4d:e7:f2: d6:63:6b:6b:28:bf:4b:3d:df:1b:3a:0b:83:bd:09:b4:fc:a8: 2b:8a:87:a8:0d:20:83:b6:ce:af:32:5c:12:77:f7:2d:99:3e: 5d:e1:e1:bd:d0:d0:bf:54:36:28:b2:50:fb:68:c1:ab:9f:c6: 6c:c3:3d:cb:a6:51:55:92:77:b0:67:26:9b:93:62:e3:bc:ca: da:76:e8:d7:4d:1d:c9:0a:0c:47:84:87:a2:73:1c:ce:1f:3e: 05:36:30:32:ab:8a:8d:09:58:b9:07:04:e9:02:5f:1f:2b:4a: 0c:fb:59:a3:33:b8:55:35:bd:d5:46:e6:34:78:64:80:90:78: 3c:81:de:f0:e8:5a:27:9a:ef:bf:b8:bd:ec:de:1f:8f:bd:09: 14:ba:54:b4:32:d6:b1:45:9e:08:81:97:87:07:fb:a1:9d:b9: 2a:79:48:a9:9f:d3:81:b0:91:32:b0:35:df:0e:49:85:8b:12: 2e:fa:4a:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstCtVJXTY89xUDJJ1E8lBHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5 ZGYzZDYwHhcNMjUxMjE3MTYwMDQzWhcNMjUxMjE4MTYwMDQzWjAzMTEwLwYDVQQD EyhiOGVmNWI2OTFhNDU0MmUxYzA4MThhNjg1ZTZjMTNjZDBiY2Q4OGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXCNQlmzHL4AiSHgAFriaWzX5YTO 8uOxmcTYHtSrf7xceDRmDBH/0myi/4nGwFkJNZsWPAyPKzZe6u4xyFzCnc+3Eokm SR10Y324HaPwpSaU4ZkBa63LYI+scwsJryRU8G3xLEDoSIGM0qKoF8Vtxbhf75OG hQloPfW4iiMaBnhGZX41u8H22Stwqi1m8tbNn9HbgOUfMmj67Edyxg5NrwLV6tiB Qg+e3q9KVRzK0x2j/XeUeacIZkn9cJfqMSNjzW6/OEwJj6GZ4RzT1S2hp1uB+AzX Y/ns5MRFlB2M5kgZ5N/7nJg66j8rzX/7Gskx9Lqc3Ou3Y7aZm0bEFA1RewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLjvW2kaRULhwIGKaF5sE80LzYjZMB8GA1UdIwQY MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWipcTv5g pzm5lWrq+Ur5xgYHGeLWmQQgtKb7BOq1XQhfGaRJ/6/D5jCgsBChwbCjxWrb2aXM ncBqmibhZPVleADfAEmPTefy1mNrayi/Sz3fGzoLg70JtPyoK4qHqA0gg7bOrzJc Enf3LZk+XeHhvdDQv1Q2KLJQ+2jBq5/GbMM9y6ZRVZJ3sGcmm5Ni47zK2nbo100d yQoMR4SHonMczh8+BTYwMquKjQlYuQcE6QJfHytKDPtZozO4VTW91UbmNHhkgJB4 PIHe8OhaJ5rvv7i97N4fj70JFLpUtDLWsUWeCIGXhwf7oZ25KnlIqZ/TgbCRMrA1 3w5JhYsSLvpKtQ== -----END CERTIFICATE-----Generated at Wed Dec 17 22:39:52 2025 by rpki-client