This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft File: Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json) Hash identifier: FpqIjp+8kz+75VAslp75gYXYjK+X3tpuikYmIOWGc1M= Subject key identifier: 0F:63:A6:90:79:93:52:48:51:6F:70:93:42:54:69:7C:AC:BB:03:75 Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C Certificate issuer: /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c Certificate serial: 019B32D5CD18367B29D11903497823E52540 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft Manifest number: 0237 Signing time: Thu 18 Dec 2025 19:00:31 +0000 Manifest this update: Thu 18 Dec 2025 19:00:31 +0000 Manifest next update: Fri 19 Dec 2025 19:00:31 +0000 Files and hashes: 1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: xX4Hl5e9BNTxGQqFeU1d/6azFDM9z1iZnpC1jLhAizo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:cd:18:36:7b:29:d1:19:03:49:78:23:e5:25:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c Validity Not Before: Dec 18 19:00:31 2025 GMT Not After : Dec 19 19:00:31 2025 GMT Subject: CN=0f63a69079935248516f70934254697cacbb0375 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:91:0e:5d:67:ee:a7:03:87:23:c9:59:7d:b3: 51:69:2a:73:02:ae:fa:53:c6:38:79:79:f7:53:03: 47:d6:70:e4:5d:03:58:e1:75:8e:78:52:e7:bb:6b: 18:df:3c:74:2c:a8:00:ac:2e:53:4e:de:9b:83:ce: ba:33:dd:f7:6f:ad:0e:9d:35:18:81:24:49:10:59: fa:49:ad:5c:b2:3a:d7:57:29:3f:37:ac:7e:f3:7a: b6:9f:04:61:be:6c:29:b3:83:84:fd:2a:d1:f2:c6: 5f:63:0f:0b:b1:a9:ef:df:77:00:d1:24:54:45:68: 36:fe:d8:df:2f:fa:bf:29:b9:97:d6:0b:2c:b2:31: f8:35:f1:d4:c1:2e:70:c6:d7:6f:ea:b7:60:28:1f: 2f:d4:75:60:25:53:6f:af:af:68:30:84:54:5e:dc: 5a:d7:47:d4:c4:55:dc:b2:65:65:a4:7d:1c:d6:8d: 2d:2c:cb:4d:10:f2:12:92:2c:ab:d6:d4:10:7e:1e: c6:b7:23:c6:99:1a:6e:48:8c:53:1b:bf:b6:a2:80: 0b:9d:c3:1a:4b:cf:6f:4f:0d:b3:1d:a8:ce:0c:34: 62:93:15:42:e5:48:09:a8:f7:07:2d:18:57:d6:e5: f7:ba:f0:3a:2a:f7:04:e8:0a:3b:e8:44:bc:11:a7: 01:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:63:A6:90:79:93:52:48:51:6F:70:93:42:54:69:7C:AC:BB:03:75 X509v3 Authority Key Identifier: keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:3c:2b:1d:e4:59:3c:37:f7:61:01:91:86:2d:12:98:91:82: c8:3e:e9:8d:66:09:8c:73:76:d9:fd:6d:cb:74:69:03:08:97: 82:01:e1:ad:3b:e0:ec:c1:a2:47:61:c9:a7:0b:2a:93:94:a3: e0:b2:d8:ee:fd:bb:60:e5:bf:42:e1:ae:fe:a5:21:6e:6f:55: a8:ef:83:18:fd:8a:96:aa:81:d2:87:33:fd:3d:59:a4:86:4f: b8:6e:48:88:8e:e6:ae:32:e4:58:78:c7:66:58:48:96:00:76: e6:c3:7c:8c:24:2f:cf:4e:ff:15:66:1a:51:c1:b7:01:dc:40: 58:08:4f:7a:21:8e:83:96:b3:29:a8:a1:57:40:3c:15:b3:91: d7:80:cf:5b:a5:6a:21:9f:0c:27:10:d7:59:af:ff:c2:ce:05: 08:76:7b:3a:eb:de:93:86:04:d9:19:3f:02:1a:e7:65:cd:9f: ba:35:9a:6a:45:52:4c:4f:43:1c:20:8e:8e:d0:11:ca:a1:6f: e7:4c:60:99:d7:1b:19:aa:d5:4e:f5:96:0c:d8:0f:90:dc:fc: f5:77:44:fe:a3:b1:fe:7a:d3:f6:da:dc:5a:74:aa:70:35:e4: c8:16:ca:0f:c1:60:49:83:c2:be:29:12:e9:af:8f:3a:b1:88: 14:ff:6f:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1c0YNnsp0RkDSXgj5SVAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh MWQ3OGMwHhcNMjUxMjE4MTkwMDMxWhcNMjUxMjE5MTkwMDMxWjAzMTEwLwYDVQQD EygwZjYzYTY5MDc5OTM1MjQ4NTE2ZjcwOTM0MjU0Njk3Y2FjYmIwMzc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5EOXWfupwOHI8lZfbNRaSpzAq76 U8Y4eXn3UwNH1nDkXQNY4XWOeFLnu2sY3zx0LKgArC5TTt6bg866M933b60OnTUY gSRJEFn6Sa1csjrXVyk/N6x+83q2nwRhvmwps4OE/SrR8sZfYw8Lsanv33cA0SRU RWg2/tjfL/q/KbmX1gsssjH4NfHUwS5wxtdv6rdgKB8v1HVgJVNvr69oMIRUXtxa 10fUxFXcsmVlpH0c1o0tLMtNEPISkiyr1tQQfh7GtyPGmRpuSIxTG7+2ooALncMa S89vTw2zHajODDRikxVC5UgJqPcHLRhX1uX3uvA6KvcE6Ao76ES8EacBmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA9jppB5k1JIUW9wk0JUaXysuwN1MB8GA1UdIwQY MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzwrHeRZ PDf3YQGRhi0SmJGCyD7pjWYJjHN22f1ty3RpAwiXggHhrTvg7MGiR2HJpwsqk5Sj 4LLY7v27YOW/QuGu/qUhbm9VqO+DGP2KlqqB0ocz/T1ZpIZPuG5IiI7mrjLkWHjH ZlhIlgB25sN8jCQvz07/FWYaUcG3AdxAWAhPeiGOg5azKaihV0A8FbOR14DPW6Vq IZ8MJxDXWa//ws4FCHZ7Ouvek4YE2Rk/AhrnZc2fujWaakVSTE9DHCCOjtARyqFv 50xgmdcbGarVTvWWDNgPkNz89XdE/qOx/nrT9trcWnSqcDXkyBbKD8FgSYPCvikS 6a+POrGIFP9v4g== -----END CERTIFICATE-----Generated at Fri Dec 19 00:12:54 2025 by rpki-client