This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft File: uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json) Hash identifier: +lWH8aGgleIHnaPelk7b8DAeBzzd0N4poZjIUa+CmX0= Subject key identifier: 1D:39:BB:E8:53:33:14:4A:24:50:1D:70:A6:53:F7:F5:B3:E1:5B:A5 Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB Certificate issuer: /CN=b94f30a07694a21139648725a26eb34ce4a16bab Certificate serial: 019B2219DD55679B530C681BE58D3A1A0A74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft Manifest number: 040E Signing time: Mon 15 Dec 2025 13:01:18 +0000 Manifest this update: Mon 15 Dec 2025 13:01:18 +0000 Manifest next update: Tue 16 Dec 2025 13:01:18 +0000 Files and hashes: 1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: eamsFdenm7pQdRJgrN7pYPtjKH/i/OGvILoEtu/oCj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 13:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:19:dd:55:67:9b:53:0c:68:1b:e5:8d:3a:1a:0a:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab Validity Not Before: Dec 15 13:01:18 2025 GMT Not After : Dec 16 13:01:18 2025 GMT Subject: CN=1d39bbe85333144a24501d70a653f7f5b3e15ba5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:77:30:4f:f2:3f:6c:8e:0f:7b:4c:ef:43:85: 71:30:00:48:df:f2:e6:c1:19:eb:22:e0:82:16:85: 21:16:a2:ef:8b:85:d9:74:48:a9:a3:33:e0:5e:9f: ff:17:57:cc:55:c8:4d:59:77:bf:74:70:b2:45:14: 64:6d:5c:18:e0:6c:1a:a1:c5:e0:73:b2:03:98:b1: b3:dc:17:27:2c:08:7c:ef:fc:b3:72:27:51:4b:be: 44:da:4f:7b:02:6e:1d:5f:71:91:a4:03:f5:97:ac: bb:5b:30:25:84:5f:b2:a1:1a:3f:88:2a:76:40:2e: fd:5d:a1:ed:2d:2b:9a:01:6f:aa:1c:fe:b3:bf:62: b3:3d:c7:37:06:f1:2b:41:a5:3f:2d:2a:fd:47:1e: a0:af:f4:bd:6b:6a:37:0b:5b:44:92:cc:70:30:8d: ae:f6:f1:ab:7c:15:ae:b5:c6:6d:f1:05:01:49:37: 66:0e:0b:d6:62:8c:c0:aa:b6:62:59:32:d8:93:0a: 0d:ec:07:0f:5c:ba:99:3d:b5:0a:1c:66:5d:f6:d0: 2c:26:37:82:ff:1c:0b:78:f4:16:9d:2b:39:43:ed: b0:9a:d7:7c:a2:4e:bb:de:18:95:98:19:6e:92:b1: bf:2a:f8:62:27:29:3a:5e:11:d3:16:ce:bb:da:25: d5:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:39:BB:E8:53:33:14:4A:24:50:1D:70:A6:53:F7:F5:B3:E1:5B:A5 X509v3 Authority Key Identifier: keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:5a:dc:24:97:05:90:7a:48:a0:1f:5a:a4:c7:fe:1e:02:f8: ba:2e:c3:29:82:67:e2:65:7f:04:6e:90:cc:7a:c5:9b:c4:b0: 9d:32:5d:70:b3:5a:19:d0:91:74:b6:42:23:ad:6b:6d:60:e0: d6:1f:80:b6:3c:7f:34:8a:8a:b4:45:a3:ed:20:63:f0:40:6e: 12:b3:1f:51:4d:8d:46:b3:4d:7d:52:29:08:3a:f1:70:0f:15: 49:2e:b2:1a:ae:cc:d1:4d:d2:18:cb:89:6f:be:75:01:97:91: 3c:60:e6:ff:17:77:65:22:72:55:5b:a5:ef:76:33:18:5c:f0: 92:04:90:22:55:53:83:d6:23:07:25:a8:92:32:47:6a:f8:14: 00:44:ac:c4:bc:02:ee:30:85:6d:3c:81:8b:41:b2:a2:db:89: 24:4f:2b:7d:77:51:66:44:08:93:12:b8:bb:f1:e0:61:4b:df: 0b:cc:37:c6:0f:d6:d2:e1:db:96:13:1d:1f:33:d6:34:ec:03: 7c:9b:ed:37:c5:0f:c2:93:e9:81:ad:37:2e:02:19:30:2b:7e: ce:d2:d4:98:24:e7:30:9f:bd:21:13:64:dd:4e:7e:cb:22:f9: 3a:36:f8:cb:58:b3:86:6a:04:aa:89:9d:fa:83:04:bb:59:00: af:d6:f7:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsiGd1VZ5tTDGgb5Y06Ggp0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh MTZiYWIwHhcNMjUxMjE1MTMwMTE4WhcNMjUxMjE2MTMwMTE4WjAzMTEwLwYDVQQD EygxZDM5YmJlODUzMzMxNDRhMjQ1MDFkNzBhNjUzZjdmNWIzZTE1YmE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3cwT/I/bI4Pe0zvQ4VxMABI3/Lm wRnrIuCCFoUhFqLvi4XZdEipozPgXp//F1fMVchNWXe/dHCyRRRkbVwY4GwaocXg c7IDmLGz3BcnLAh87/yzcidRS75E2k97Am4dX3GRpAP1l6y7WzAlhF+yoRo/iCp2 QC79XaHtLSuaAW+qHP6zv2KzPcc3BvErQaU/LSr9Rx6gr/S9a2o3C1tEksxwMI2u 9vGrfBWutcZt8QUBSTdmDgvWYozAqrZiWTLYkwoN7AcPXLqZPbUKHGZd9tAsJjeC /xwLePQWnSs5Q+2wmtd8ok673hiVmBlukrG/KvhiJyk6XhHTFs672iXV7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB05u+hTMxRKJFAdcKZT9/Wz4VulMB8GA1UdIwQY MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlrcJJcF kHpIoB9apMf+HgL4ui7DKYJn4mV/BG6QzHrFm8SwnTJdcLNaGdCRdLZCI61rbWDg 1h+Atjx/NIqKtEWj7SBj8EBuErMfUU2NRrNNfVIpCDrxcA8VSS6yGq7M0U3SGMuJ b751AZeRPGDm/xd3ZSJyVVul73YzGFzwkgSQIlVTg9YjByWokjJHavgUAESsxLwC 7jCFbTyBi0GyotuJJE8rfXdRZkQIkxK4u/HgYUvfC8w3xg/W0uHblhMdHzPWNOwD fJvtN8UPwpPpga03LgIZMCt+ztLUmCTnMJ+9IRNk3U5+yyL5Ojb4y1izhmoEqomd +oMEu1kAr9b33Q== -----END CERTIFICATE-----Generated at Mon Dec 15 16:52:20 2025 by rpki-client