This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft File: U1UECuknhr8XJ7a07MEJO4p0Aes.mft (raw, json) Hash identifier: 9h2lICcHqdG/QA5Bbe7fl4PwPciYcgxzfhWHm1uc+/I= Subject key identifier: A0:94:99:ED:CE:6B:B8:3C:83:94:A1:32:58:DC:B2:8F:DA:D8:FC:95 Authority key identifier: 53:55:04:0A:E9:27:86:BF:17:27:B6:B4:EC:C1:09:3B:8A:74:01:EB Certificate issuer: /CN=5355040ae92786bf1727b6b4ecc1093b8a7401eb Certificate serial: 019AF5AF0B7E51ACD5ACDBD1E324EF4A3358 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft Manifest number: 0BC6 Signing time: Sat 06 Dec 2025 22:01:20 +0000 Manifest this update: Sat 06 Dec 2025 22:01:20 +0000 Manifest next update: Sun 07 Dec 2025 22:01:20 +0000 Files and hashes: 1: GBm75ZmZioJB2ocCMhAt7gwcAjo.roa (hash: gsh5fLNtNPH78sBeeVxRzXrv6jA9hVTz/xvnQZtNCkc=) 2: U1UECuknhr8XJ7a07MEJO4p0Aes.crl (hash: qtXgvcYwwxzZsMfug4Db+gcaPPvQAS/l7KmUjqMw93w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:af:0b:7e:51:ac:d5:ac:db:d1:e3:24:ef:4a:33:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5355040ae92786bf1727b6b4ecc1093b8a7401eb Validity Not Before: Dec 6 22:01:20 2025 GMT Not After : Dec 7 22:01:20 2025 GMT Subject: CN=a09499edce6bb83c8394a13258dcb28fdad8fc95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ae:5d:3c:ad:e0:90:6a:0a:1d:8d:07:f9:17: 0f:20:2a:3f:68:23:aa:e4:95:68:cb:02:33:e9:6a: 70:06:da:ec:8f:60:39:e2:0b:be:b7:56:03:5e:35: 4a:a8:a7:d6:5f:8c:13:12:0a:98:7e:5e:b4:a6:c8: aa:8d:1b:2f:b2:30:fc:e7:59:86:11:20:6d:60:66: 95:b7:1a:70:dd:fa:bc:33:a7:23:37:83:67:71:62: 6c:b2:e4:3a:c5:ea:ae:4e:d8:63:fc:01:5a:2b:6c: 0f:a6:9e:72:9a:69:8c:fd:74:e5:73:ff:dc:f9:7a: d6:9f:28:a2:c9:54:9e:ae:d8:09:e8:6a:71:25:1d: 50:db:f0:86:90:70:ec:66:40:36:d3:66:f5:68:d4: 54:ab:df:16:db:36:56:b7:bb:ac:3a:67:8c:c5:ef: 4c:94:ef:4d:97:93:52:e0:e3:75:3c:87:ee:9a:17: 83:bf:ae:87:79:7f:82:4f:58:db:91:31:86:69:66: 9c:be:fc:c0:8c:2f:cf:05:7f:63:db:8a:32:46:cf: 51:95:87:7a:30:27:a9:8b:d7:87:c4:44:e7:01:05: df:59:d3:34:d5:1b:32:f6:75:84:c5:c3:f3:cf:2f: a8:94:55:7f:9c:6a:a8:38:e8:eb:65:7a:d6:ea:00: 2c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:94:99:ED:CE:6B:B8:3C:83:94:A1:32:58:DC:B2:8F:DA:D8:FC:95 X509v3 Authority Key Identifier: keyid:53:55:04:0A:E9:27:86:BF:17:27:B6:B4:EC:C1:09:3B:8A:74:01:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1UECuknhr8XJ7a07MEJO4p0Aes.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af5657-c8b2-4855-82a7-1dd57e3f3d97/1/U1UECuknhr8XJ7a07MEJO4p0Aes.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:f7:e8:48:07:aa:da:33:16:e6:2c:cc:9c:b6:72:fd:be:55: 56:50:f6:9a:90:64:74:b3:f7:47:12:d8:0f:0b:5e:7e:cb:9c: ae:f4:d9:af:a8:71:7c:d7:83:b8:35:25:c9:cc:e4:86:b5:9e: a6:20:dc:eb:63:10:70:94:c2:e3:04:7f:60:e4:85:a5:35:85: b9:c4:5c:b6:1f:91:35:2e:b9:96:84:6a:d3:f6:36:86:b2:ef: fa:9c:8b:f5:54:0e:5b:b7:43:a7:b8:bd:89:55:98:19:49:c1: 08:7f:61:e1:27:c9:de:3e:5d:6b:d9:be:ba:46:67:b2:e8:38: 60:04:93:68:ac:9f:c4:4f:35:56:ad:1d:1c:22:1b:7b:36:4d: 08:b0:4b:50:74:1b:dd:37:e3:3c:83:f0:63:0d:33:3a:2f:7f: 06:d5:53:cb:23:bc:91:02:22:d6:32:cd:ae:09:ff:30:d1:1d: 68:fa:af:a7:13:e0:33:29:12:75:e5:21:90:fe:6b:87:b7:df: d0:1b:90:0c:18:0b:ee:e1:b5:f1:b2:c6:0a:6f:22:65:e2:f2: ce:cd:81:8e:36:de:05:45:67:79:fd:ae:7d:b2:14:ab:ed:31: dc:b2:3b:86:ba:07:61:c3:46:3b:9f:da:5a:a3:84:dd:4f:4c: ac:3a:16:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rwt+UazVrNvR4yTvSjNYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNTUwNDBhZTkyNzg2YmYxNzI3YjZiNGVjYzEwOTNiOGE3 NDAxZWIwHhcNMjUxMjA2MjIwMTIwWhcNMjUxMjA3MjIwMTIwWjAzMTEwLwYDVQQD EyhhMDk0OTllZGNlNmJiODNjODM5NGExMzI1OGRjYjI4ZmRhZDhmYzk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK5dPK3gkGoKHY0H+RcPICo/aCOq 5JVoywIz6WpwBtrsj2A54gu+t1YDXjVKqKfWX4wTEgqYfl60psiqjRsvsjD851mG ESBtYGaVtxpw3fq8M6cjN4NncWJssuQ6xequTthj/AFaK2wPpp5ymmmM/XTlc//c +XrWnyiiyVSertgJ6GpxJR1Q2/CGkHDsZkA202b1aNRUq98W2zZWt7usOmeMxe9M lO9Nl5NS4ON1PIfumheDv66HeX+CT1jbkTGGaWacvvzAjC/PBX9j24oyRs9RlYd6 MCepi9eHxETnAQXfWdM01Rsy9nWExcPzzy+olFV/nGqoOOjrZXrW6gAsEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKCUme3Oa7g8g5ShMljcso/a2PyVMB8GA1UdIwQY MBaAFFNVBArpJ4a/Fye2tOzBCTuKdAHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hZjU2NTctYzhiMi00ODU1LTgyYTct MWRkNTdlM2YzZDk3LzEvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC9hZjU2NTctYzhiMi00ODU1LTgyYTctMWRkNTdlM2YzZDk3 LzEvVTFVRUN1a25ocjhYSjdhMDdNRUpPNHAwQWVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPfoSAeq 2jMW5izMnLZy/b5VVlD2mpBkdLP3RxLYDwtefsucrvTZr6hxfNeDuDUlyczkhrWe piDc62MQcJTC4wR/YOSFpTWFucRcth+RNS65loRq0/Y2hrLv+pyL9VQOW7dDp7i9 iVWYGUnBCH9h4SfJ3j5da9m+ukZnsug4YASTaKyfxE81Vq0dHCIbezZNCLBLUHQb 3TfjPIPwYw0zOi9/BtVTyyO8kQIi1jLNrgn/MNEdaPqvpxPgMykSdeUhkP5rh7ff 0BuQDBgL7uG18bLGCm8iZeLyzs2BjjbeBUVnef2ufbIUq+0x3LI7hroHYcNGO5/a WqOE3U9MrDoWfw== -----END CERTIFICATE-----Generated at Sat Dec 6 23:38:02 2025 by rpki-client