This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft File: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json) Hash identifier: upDWveO0ItGuHxuDhqJvEb3/q1fkkF//HkYgGz8/Yho= Subject key identifier: F1:7C:62:26:6C:A2:49:A1:11:A3:E4:EA:2C:BD:27:13:C4:8B:C3:7C Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6 Certificate issuer: /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6 Certificate serial: 019AF1D23FADCCE88A43DA11D676DDB67495 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft Manifest number: 1484 Signing time: Sat 06 Dec 2025 04:01:19 +0000 Manifest this update: Sat 06 Dec 2025 04:01:19 +0000 Manifest next update: Sun 07 Dec 2025 04:01:19 +0000 Files and hashes: 1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: zz4Te0jEiEqrqRZyhUufZ2eYXihfRWztrwsKj0nb5EY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:3f:ad:cc:e8:8a:43:da:11:d6:76:dd:b6:74:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6 Validity Not Before: Dec 6 04:01:19 2025 GMT Not After : Dec 7 04:01:19 2025 GMT Subject: CN=f17c62266ca249a111a3e4ea2cbd2713c48bc37c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:4c:09:7d:6e:37:e3:2c:db:3a:2b:03:f5:36: 7a:d9:f0:83:9e:ee:33:31:bd:ad:e0:44:e1:ed:8d: 5c:d6:70:4f:3f:6c:00:9e:15:9e:6b:75:7e:f9:7b: 86:d2:5d:d3:9a:13:9b:f5:e9:f3:07:11:76:a0:5a: 5f:b8:91:c1:c9:ae:b1:c4:25:da:22:9d:bb:d3:f9: de:75:0b:1a:5b:c6:6a:e3:52:3b:11:3c:96:8f:d5: c6:37:b2:35:fd:12:eb:27:d5:0f:97:d3:2c:cd:86: 13:04:5f:05:c4:ca:81:19:3f:a9:6c:fc:13:6a:1f: 6b:2a:3d:fc:86:2c:8f:7b:50:b4:cf:89:2f:1d:a1: b5:a3:40:36:d7:c9:3d:46:c9:5b:40:70:52:22:47: 18:a8:38:e2:4c:3f:4e:f6:54:90:e9:7d:9a:3e:9a: 1a:6e:ed:d7:af:2d:0c:87:e8:4c:8e:ef:4b:15:1a: d0:fc:c7:3d:e9:29:83:52:15:91:f2:81:bd:21:c6: 49:52:01:20:01:fc:fa:b9:85:83:74:c1:9e:4c:f7: b0:30:1d:83:90:c8:a5:ab:69:8f:f1:b1:82:a9:a0: 3b:fb:2c:d3:50:38:aa:66:0d:89:9a:42:76:43:1e: 20:c7:9a:3f:f0:66:f0:a2:13:c3:d9:61:57:1e:f6: 01:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:7C:62:26:6C:A2:49:A1:11:A3:E4:EA:2C:BD:27:13:C4:8B:C3:7C X509v3 Authority Key Identifier: keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:78:7b:d4:2a:32:77:18:10:b0:ea:67:c6:81:7f:b6:31:bc: d8:6f:9c:93:f9:a1:3e:7c:f5:61:07:db:0e:4d:c7:d4:ba:06: 3f:2e:b8:d0:e5:0a:aa:79:ba:c5:9b:23:03:44:cb:a5:33:96: b9:7a:13:dd:9c:c2:1c:55:67:6e:7c:9c:c7:12:71:d6:56:7c: 5d:38:ef:c9:03:ec:38:f0:5e:45:cf:ac:e1:60:c4:76:8e:79: f6:ef:04:2e:54:0b:f2:d6:19:13:a8:f2:33:05:d5:b4:3f:25: 2f:74:ab:14:f9:1c:b5:6f:40:73:da:e1:5e:09:7f:d4:14:a3: ae:d8:4c:8e:7f:78:36:00:8d:73:a0:a7:35:41:53:a1:fe:4f: 00:b3:5f:51:25:cd:77:15:fe:b4:7b:1e:94:d7:d6:01:df:b4: 94:a5:19:d1:54:45:56:47:f6:bb:f5:cc:19:b0:0a:87:72:06: 50:f9:f5:a1:dd:ed:d6:e0:87:4b:34:31:0a:4d:12:e8:17:2b: 64:46:66:5e:8e:84:62:50:fb:32:d0:0a:ce:e7:1e:77:0c:de: b6:c4:cb:3a:20:4a:70:8c:6a:fe:56:47:73:e3:88:dc:7e:86: f2:04:80:87:58:b2:4a:c0:96:21:3e:f6:ce:ad:45:d7:46:ac: 5b:b8:b9:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0j+tzOiKQ9oR1nbdtnSVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5 ZDk3YjYwHhcNMjUxMjA2MDQwMTE5WhcNMjUxMjA3MDQwMTE5WjAzMTEwLwYDVQQD EyhmMTdjNjIyNjZjYTI0OWExMTFhM2U0ZWEyY2JkMjcxM2M0OGJjMzdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUwJfW434yzbOisD9TZ62fCDnu4z Mb2t4ETh7Y1c1nBPP2wAnhWea3V++XuG0l3TmhOb9enzBxF2oFpfuJHBya6xxCXa Ip270/nedQsaW8Zq41I7ETyWj9XGN7I1/RLrJ9UPl9MszYYTBF8FxMqBGT+pbPwT ah9rKj38hiyPe1C0z4kvHaG1o0A218k9RslbQHBSIkcYqDjiTD9O9lSQ6X2aPpoa bu3Xry0Mh+hMju9LFRrQ/Mc96SmDUhWR8oG9IcZJUgEgAfz6uYWDdMGeTPewMB2D kMilq2mP8bGCqaA7+yzTUDiqZg2JmkJ2Qx4gx5o/8GbwohPD2WFXHvYBLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPF8YiZsokmhEaPk6iy9JxPEi8N8MB8GA1UdIwQY MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKHh71Coy dxgQsOpnxoF/tjG82G+ck/mhPnz1YQfbDk3H1LoGPy640OUKqnm6xZsjA0TLpTOW uXoT3ZzCHFVnbnycxxJx1lZ8XTjvyQPsOPBeRc+s4WDEdo559u8ELlQL8tYZE6jy MwXVtD8lL3SrFPkctW9Ac9rhXgl/1BSjrthMjn94NgCNc6CnNUFTof5PALNfUSXN dxX+tHselNfWAd+0lKUZ0VRFVkf2u/XMGbAKh3IGUPn1od3t1uCHSzQxCk0S6Bcr ZEZmXo6EYlD7MtAKzucedwzetsTLOiBKcIxq/lZHc+OI3H6G8gSAh1iySsCWIT72 zq1F10asW7i59Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:05:53 2025 by rpki-client