This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft File: UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json) Hash identifier: c3IXciPRLHd70WAmBOXKlUP9CBU35++SMUt/KMfVdME= Subject key identifier: 92:9D:09:B8:6B:B4:4F:EC:02:D0:E1:4A:9B:87:51:AB:64:57:D2:CD Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2 Certificate issuer: /CN=5205f586d8263bb06d64050f8f484c14e803c4b2 Certificate serial: 019AF12D1E1256C26B9E68058B83A12B960A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft Manifest number: 0D9F Signing time: Sat 06 Dec 2025 01:00:57 +0000 Manifest this update: Sat 06 Dec 2025 01:00:57 +0000 Manifest next update: Sun 07 Dec 2025 01:00:57 +0000 Files and hashes: 1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: MwDguRPvDtm3MuADgGwglgCckgtxMBbJpjWBccJ2tNI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:1e:12:56:c2:6b:9e:68:05:8b:83:a1:2b:96:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2 Validity Not Before: Dec 6 01:00:57 2025 GMT Not After : Dec 7 01:00:57 2025 GMT Subject: CN=929d09b86bb44fec02d0e14a9b8751ab6457d2cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:48:d9:01:f7:6e:28:0b:75:b1:bf:17:9e:8a: 9b:d0:36:75:eb:7c:72:81:a5:5b:75:d5:d6:9d:e9: 93:75:67:fb:d9:22:86:aa:bc:52:6a:41:a5:eb:61: bb:70:ed:7a:3b:62:66:b3:66:96:37:ab:b9:c1:0b: 31:7c:58:de:71:cd:85:77:af:2e:0b:66:c1:6c:b1: e2:bd:83:d4:8e:59:dd:0d:63:6e:a5:ff:28:62:76: 07:f9:d5:f5:3d:73:8b:af:6e:9c:2f:40:a1:fd:70: d1:b0:04:7b:5a:12:d5:6d:c0:e1:e6:f9:ba:b3:c7: 30:a8:64:55:d6:d6:de:e9:37:21:b7:10:6a:c5:c6: 80:08:e7:c5:82:c7:dd:b9:dc:00:6c:74:cd:4e:c4: 0e:bf:59:e0:88:80:f0:19:80:cd:f5:82:e5:d0:4d: fe:06:e2:92:e7:3b:20:81:95:07:ed:5d:74:6e:99: ee:87:28:22:f1:57:07:39:be:a1:71:34:65:66:00: 87:27:4b:1e:1f:a7:e6:2b:4d:24:2e:21:9b:19:af: 3b:0f:30:a8:75:2b:7d:51:eb:5b:9b:34:28:01:c1: 30:5a:71:91:88:ec:0e:b1:4c:cc:b9:ac:9f:df:4c: 20:ee:1d:5a:3c:0d:b9:55:b1:92:3f:60:3f:b5:0b: 74:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:9D:09:B8:6B:B4:4F:EC:02:D0:E1:4A:9B:87:51:AB:64:57:D2:CD X509v3 Authority Key Identifier: keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:e6:15:9d:7f:92:31:74:e5:6a:22:ac:0a:fa:33:bc:13:f4: af:24:05:5c:a6:2f:52:28:36:9d:1f:87:8e:d5:f4:77:bf:83: e9:f5:1b:97:66:49:2e:b2:dc:a9:25:01:b1:87:b9:65:27:67: a0:7a:ec:48:f2:35:41:3a:4b:83:6c:e8:2e:2f:88:3f:ed:67: ae:e8:c4:1a:07:a9:04:1f:bc:ff:e9:24:60:a2:fb:dd:b8:20: 8a:78:a7:01:13:44:a5:d3:03:8e:11:e8:07:16:0f:fc:12:fa: f1:95:72:88:87:ad:2c:ee:cb:f1:d4:42:fa:d2:43:df:e6:f9: db:c0:60:93:89:57:23:85:31:f0:00:64:5d:01:94:60:68:59: 2b:a5:9a:6d:52:d5:59:d6:e0:18:be:d9:8a:99:7a:bb:c7:57: 6d:a4:0a:99:d8:7d:9d:eb:62:85:48:23:69:01:dc:b9:72:ce: 94:8e:e7:c8:55:07:5b:71:7c:eb:6a:71:ad:ad:b5:c0:c9:8b: 91:4c:74:fb:d8:79:a8:c2:05:3f:be:59:bb:fb:90:cd:c4:99: 61:92:80:f0:5a:27:5a:93:68:38:9a:9e:da:2d:e7:32:d2:e6: 6f:2f:34:00:93:93:34:32:3c:12:86:ac:ec:6c:ea:fb:fe:2a: 2f:ba:66:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLR4SVsJrnmgFi4OhK5YKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw M2M0YjIwHhcNMjUxMjA2MDEwMDU3WhcNMjUxMjA3MDEwMDU3WjAzMTEwLwYDVQQD Eyg5MjlkMDliODZiYjQ0ZmVjMDJkMGUxNGE5Yjg3NTFhYjY0NTdkMmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0jZAfduKAt1sb8Xnoqb0DZ163xy gaVbddXWnemTdWf72SKGqrxSakGl62G7cO16O2Jms2aWN6u5wQsxfFjecc2Fd68u C2bBbLHivYPUjlndDWNupf8oYnYH+dX1PXOLr26cL0Ch/XDRsAR7WhLVbcDh5vm6 s8cwqGRV1tbe6TchtxBqxcaACOfFgsfdudwAbHTNTsQOv1ngiIDwGYDN9YLl0E3+ BuKS5zsggZUH7V10bpnuhygi8VcHOb6hcTRlZgCHJ0seH6fmK00kLiGbGa87DzCo dSt9UetbmzQoAcEwWnGRiOwOsUzMuayf30wg7h1aPA25VbGSP2A/tQt0vwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJKdCbhrtE/sAtDhSpuHUatkV9LNMB8GA1UdIwQY MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0 LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGeYVnX+S MXTlaiKsCvozvBP0ryQFXKYvUig2nR+HjtX0d7+D6fUbl2ZJLrLcqSUBsYe5ZSdn oHrsSPI1QTpLg2zoLi+IP+1nrujEGgepBB+8/+kkYKL73bggininARNEpdMDjhHo BxYP/BL68ZVyiIetLO7L8dRC+tJD3+b528Bgk4lXI4Ux8ABkXQGUYGhZK6WabVLV WdbgGL7Zipl6u8dXbaQKmdh9netihUgjaQHcuXLOlI7nyFUHW3F862pxra21wMmL kUx0+9h5qMIFP75Zu/uQzcSZYZKA8FonWpNoOJqe2i3nMtLmby80AJOTNDI8Eoas 7Gzq+/4qL7pmVw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:07:19 2025 by rpki-client