This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft File: UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json) Hash identifier: x3pxXK0z9rljWAHHl1B9mGIrLvLCwkmOedwFepOBUn0= Subject key identifier: 8E:E4:BC:5F:68:3A:5C:E6:60:96:78:A1:C2:66:3E:7C:DC:41:3D:CC Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64 Certificate issuer: /CN=50da2bafc37a3988dd294c913ae5220e038db964 Certificate serial: 019B360E1431CA12225C4ABFAD176B592ACA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft Manifest number: 16D1 Signing time: Fri 19 Dec 2025 10:00:50 +0000 Manifest this update: Fri 19 Dec 2025 10:00:50 +0000 Manifest next update: Sat 20 Dec 2025 10:00:50 +0000 Files and hashes: 1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: C2uhfoqH8IHd5bB8jv2Tsy3LZR1AoE0WLNSN14BEtb8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0e:14:31:ca:12:22:5c:4a:bf:ad:17:6b:59:2a:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964 Validity Not Before: Dec 19 10:00:50 2025 GMT Not After : Dec 20 10:00:50 2025 GMT Subject: CN=8ee4bc5f683a5ce6609678a1c2663e7cdc413dcc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:77:8f:df:90:6f:f3:ff:b4:ae:04:c3:08:f9: 2b:97:5a:e3:a6:b6:45:9b:cb:29:c5:78:47:39:e2: 04:76:5c:77:19:2a:e5:40:db:6a:5a:42:0e:84:9b: 63:1a:14:d1:40:2b:48:a6:9a:d1:8a:6c:8c:2d:f1: 4e:94:9d:9d:b8:2b:02:64:43:49:51:ba:26:fd:82: 05:41:2e:79:f0:71:74:83:61:43:d2:76:30:06:89: d3:64:4c:22:dd:ab:75:16:a8:fe:43:fb:5f:81:1a: 55:c3:67:f4:67:e1:bc:fc:b6:ca:86:c6:68:8c:43: 39:84:7d:89:cf:a6:37:73:94:1c:84:92:d5:72:8b: 84:a7:cc:f0:c7:91:2a:11:1e:6a:37:1d:e4:f9:77: 97:41:0e:61:64:07:35:c5:ff:f6:b3:2d:c7:f2:69: 3e:54:ca:cd:fd:ed:aa:9c:3f:db:d8:6e:eb:22:b6: 8f:e0:74:91:22:ea:c7:ac:c2:9e:01:27:ae:a9:65: 92:3b:64:61:94:57:f4:0a:be:d0:f6:f2:0b:82:45: f4:49:fb:70:37:51:31:e5:0c:20:2d:9b:e2:2b:94: 95:48:11:be:34:a2:4b:f9:fc:4d:57:0d:10:bf:73: 56:6c:11:bf:c7:73:fd:6b:b1:40:72:c0:fb:3a:3f: 92:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E4:BC:5F:68:3A:5C:E6:60:96:78:A1:C2:66:3E:7C:DC:41:3D:CC X509v3 Authority Key Identifier: keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:15:12:e9:4e:bb:41:a4:6a:38:79:45:93:fe:3b:0e:b6:53: 35:87:5a:ad:93:0e:01:68:3e:7b:e1:f5:fe:0f:19:32:30:9e: a6:37:1b:c4:90:78:29:0f:a2:e7:f2:6d:aa:87:4a:26:fe:75: 46:9f:b7:8c:aa:a0:7f:21:6f:9a:1b:55:b1:d2:11:ba:b6:8d: 7f:e2:b4:45:e3:4f:b9:ea:6c:ac:30:04:b2:ba:f8:70:fb:56: d5:b7:0c:d4:12:6d:9e:9e:f6:de:19:bf:db:59:95:5f:03:7d: eb:af:84:cc:f2:dd:ae:a7:4f:e2:56:69:bb:80:9e:5c:10:fe: fb:86:d4:51:c6:38:90:1f:d6:08:fa:73:6b:4f:3a:62:d4:95: ba:54:10:6a:33:2b:13:9f:c3:5b:52:8d:ac:6f:8f:fc:05:ae: b5:aa:ec:e9:60:49:6e:03:26:9c:56:d2:08:f4:9f:6f:9f:2d: 32:35:03:c5:68:d1:d0:bb:4d:4d:8c:b5:7d:d9:ed:1c:3f:c5: 78:5b:4b:7a:32:ec:bc:5c:5c:ac:fc:61:b2:09:8f:be:fe:dd: 87:54:30:c1:cc:ef:7f:72:bb:d5:13:23:d2:04:69:44:2c:d3: 6a:c8:5c:2b:3e:ac:17:dc:43:e7:57:49:e2:be:7a:df:d5:15: d2:cf:03:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DhQxyhIiXEq/rRdrWSrKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4 ZGI5NjQwHhcNMjUxMjE5MTAwMDUwWhcNMjUxMjIwMTAwMDUwWjAzMTEwLwYDVQQD Eyg4ZWU0YmM1ZjY4M2E1Y2U2NjA5Njc4YTFjMjY2M2U3Y2RjNDEzZGNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHeP35Bv8/+0rgTDCPkrl1rjprZF m8spxXhHOeIEdlx3GSrlQNtqWkIOhJtjGhTRQCtIpprRimyMLfFOlJ2duCsCZENJ Ubom/YIFQS558HF0g2FD0nYwBonTZEwi3at1Fqj+Q/tfgRpVw2f0Z+G8/LbKhsZo jEM5hH2Jz6Y3c5QchJLVcouEp8zwx5EqER5qNx3k+XeXQQ5hZAc1xf/2sy3H8mk+ VMrN/e2qnD/b2G7rIraP4HSRIurHrMKeASeuqWWSO2RhlFf0Cr7Q9vILgkX0Sftw N1Ex5QwgLZviK5SVSBG+NKJL+fxNVw0Qv3NWbBG/x3P9a7FAcsD7Oj+SRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI7kvF9oOlzmYJZ4ocJmPnzcQT3MMB8GA1UdIwQY MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhUS6U67 QaRqOHlFk/47DrZTNYdarZMOAWg+e+H1/g8ZMjCepjcbxJB4KQ+i5/JtqodKJv51 Rp+3jKqgfyFvmhtVsdIRuraNf+K0ReNPuepsrDAEsrr4cPtW1bcM1BJtnp723hm/ 21mVXwN966+EzPLdrqdP4lZpu4CeXBD++4bUUcY4kB/WCPpza086YtSVulQQajMr E5/DW1KNrG+P/AWutars6WBJbgMmnFbSCPSfb58tMjUDxWjR0LtNTYy1fdntHD/F eFtLejLsvFxcrPxhsgmPvv7dh1Qwwczvf3K71RMj0gRpRCzTashcKz6sF9xD51dJ 4r5639UV0s8Dsw== -----END CERTIFICATE-----Generated at Fri Dec 19 14:51:03 2025 by rpki-client