This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft File: umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft (raw, json) Hash identifier: 5uy1F8PQ5YZBJWfQJY0/3pawD12+jl7Ovdv1mAxFvRM= Subject key identifier: 36:B0:37:72:B5:15:01:B2:2F:3F:C9:AF:96:DB:BF:9C:CB:54:58:10 Authority key identifier: BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A Certificate issuer: /CN=ba68595997900ded300e9925709da627e93f363a Certificate serial: 019AF163E856328569BE0705A2FABFFF17DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft Manifest number: 0FFE Signing time: Sat 06 Dec 2025 02:00:47 +0000 Manifest this update: Sat 06 Dec 2025 02:00:47 +0000 Manifest next update: Sun 07 Dec 2025 02:00:47 +0000 Files and hashes: 1: Vevc9vrQGyVF5o4NzN0QFHnZAiA.roa (hash: AOWcNE88wNCBWfSzm2+MmaRV4c7usJ5kQGrhyE8Gj6M=) 2: umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl (hash: 44lDyKA99eDj3QpaQ4sq8+rBcJBhxAeHl+G669I2UcE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:63:e8:56:32:85:69:be:07:05:a2:fa:bf:ff:17:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba68595997900ded300e9925709da627e93f363a Validity Not Before: Dec 6 02:00:47 2025 GMT Not After : Dec 7 02:00:47 2025 GMT Subject: CN=36b03772b51501b22f3fc9af96dbbf9ccb545810 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9a:c7:e8:88:3f:71:5d:30:cf:c4:b4:d4:83: a8:1a:2b:18:ed:d1:05:95:e0:f8:16:87:65:17:3b: 99:9c:9a:e3:c0:c4:3b:b3:6c:7c:91:de:ce:cf:14: 24:c0:c2:59:21:fe:a2:58:ee:db:09:d7:36:5e:02: fc:90:4a:43:fe:70:96:00:f5:ba:2c:98:07:bb:fc: cf:64:c3:13:d9:74:e3:94:fb:f9:c1:eb:d3:64:9f: 4c:ad:4f:82:9e:44:b1:c0:aa:07:08:2e:6e:bb:2d: fe:81:8b:49:f0:8b:3c:f5:9c:ec:ae:e1:8a:74:db: 78:30:b0:5d:31:91:f1:05:00:76:4e:db:6e:d4:54: cc:dc:74:23:4b:05:3c:d7:41:9e:8a:af:4f:62:a4: 70:15:e4:bb:cf:c2:48:31:37:be:44:52:98:72:f7: a3:e3:a1:d0:ed:b8:45:8f:52:db:88:a7:b1:9b:9b: 79:fc:67:fc:32:24:64:c2:51:19:e3:93:33:b1:a8: 50:46:18:23:f9:7f:26:ab:0b:a2:09:60:e1:e0:85: 36:19:4c:4f:d5:61:bb:c8:56:0b:73:38:12:8b:30: 38:94:e6:f4:d6:3e:57:bd:e9:f5:a8:2d:06:67:ed: 4a:7b:e2:3b:50:e5:c4:d3:da:9b:d4:4d:1f:cb:a3: 81:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:B0:37:72:B5:15:01:B2:2F:3F:C9:AF:96:DB:BF:9C:CB:54:58:10 X509v3 Authority Key Identifier: keyid:BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:20:19:9d:cf:dc:1a:cb:18:2a:2e:a6:f6:33:f8:3f:dc:94: b1:eb:28:4f:29:1a:b9:63:79:ab:4f:5d:be:d0:04:88:85:88: be:22:91:8f:b9:75:ce:18:44:ef:92:02:5c:c2:40:b4:46:19: 94:a1:4e:2a:28:1d:f0:5f:3d:42:cd:af:51:66:7d:b4:97:08: 6c:25:5e:1e:65:ee:ad:50:35:a6:77:34:28:a8:2b:97:89:c9: 98:6c:b6:b7:70:48:77:62:05:5f:af:b8:76:3d:36:80:c4:20: 82:72:88:54:25:a0:1f:b6:02:8a:de:04:df:d3:93:72:34:cb: a6:3a:f1:36:14:71:16:96:a5:c9:3d:d4:31:b7:93:a7:28:b3: 80:44:ce:a4:fa:03:9d:7d:b8:de:22:6a:6c:68:be:0d:31:8d: e4:eb:17:38:e4:1d:64:7f:88:3f:ed:09:f6:ca:d2:52:33:b9: 3b:ad:23:8c:63:14:21:25:e4:59:57:53:e7:31:28:47:33:05: 3d:d4:15:16:6f:e0:1f:dc:a7:e9:59:49:4f:30:91:d9:92:32: e0:22:26:50:76:fd:5f:7d:49:b3:ac:ec:89:86:65:32:a8:72: 28:d8:bd:1b:0a:31:a8:58:fd:5d:c9:9b:b3:29:33:ce:9d:44: 3b:42:0e:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxY+hWMoVpvgcFovq//xfaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNjg1OTU5OTc5MDBkZWQzMDBlOTkyNTcwOWRhNjI3ZTkz ZjM2M2EwHhcNMjUxMjA2MDIwMDQ3WhcNMjUxMjA3MDIwMDQ3WjAzMTEwLwYDVQQD EygzNmIwMzc3MmI1MTUwMWIyMmYzZmM5YWY5NmRiYmY5Y2NiNTQ1ODEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJrH6Ig/cV0wz8S01IOoGisY7dEF leD4FodlFzuZnJrjwMQ7s2x8kd7OzxQkwMJZIf6iWO7bCdc2XgL8kEpD/nCWAPW6 LJgHu/zPZMMT2XTjlPv5wevTZJ9MrU+CnkSxwKoHCC5uuy3+gYtJ8Is89ZzsruGK dNt4MLBdMZHxBQB2Tttu1FTM3HQjSwU810Geiq9PYqRwFeS7z8JIMTe+RFKYcvej 46HQ7bhFj1LbiKexm5t5/Gf8MiRkwlEZ45MzsahQRhgj+X8mqwuiCWDh4IU2GUxP 1WG7yFYLczgSizA4lOb01j5Xven1qC0GZ+1Ke+I7UOXE09qb1E0fy6OBUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDawN3K1FQGyLz/Jr5bbv5zLVFgQMB8GA1UdIwQY MBaAFLpoWVmXkA3tMA6ZJXCdpifpPzY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5Njct MDJkZWQ5YjJlMGM5LzEvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5NjctMDJkZWQ5YjJlMGM5 LzEvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbiAZnc/c GssYKi6m9jP4P9yUsesoTykauWN5q09dvtAEiIWIviKRj7l1zhhE75ICXMJAtEYZ lKFOKigd8F89Qs2vUWZ9tJcIbCVeHmXurVA1pnc0KKgrl4nJmGy2t3BId2IFX6+4 dj02gMQggnKIVCWgH7YCit4E39OTcjTLpjrxNhRxFpalyT3UMbeTpyizgETOpPoD nX243iJqbGi+DTGN5OsXOOQdZH+IP+0J9srSUjO5O60jjGMUISXkWVdT5zEoRzMF PdQVFm/gH9yn6VlJTzCR2ZIy4CImUHb9X31Js6zsiYZlMqhyKNi9GwoxqFj9Xcmb sykzzp1EO0IOHg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:06:36 2025 by rpki-client