This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft File: UnFDjiPOkl5mwlmYEiG1toOi8I8.mft (raw, json) Hash identifier: 9xVz11rlgAL9+3gPFU9L8ZmGq7sKJoBV5r29La2g8DY= Subject key identifier: 19:6B:2E:86:65:B0:6E:62:05:1A:C1:A2:5A:70:49:ED:C9:99:A7:45 Authority key identifier: 52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F Certificate issuer: /CN=5271438e23ce925e66c259981221b5b683a2f08f Certificate serial: 019B405A8C6CB9947C2CAF01C330C8DDB549 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft Manifest number: 0CEE Signing time: Sun 21 Dec 2025 10:00:34 +0000 Manifest this update: Sun 21 Dec 2025 10:00:34 +0000 Manifest next update: Mon 22 Dec 2025 10:00:34 +0000 Files and hashes: 1: UnFDjiPOkl5mwlmYEiG1toOi8I8.crl (hash: WNrjnagVJwr7YUWiPRi5gT3dEk4SQNdlUCsBondIAD0=) 2: b23Ppzc40t1gh2jcC0tEEtTjq-Y.roa (hash: PLO31FJDvhLM1rCGRuVKcX7pZ7U9Xsy2KrFDiy0XrKY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:8c:6c:b9:94:7c:2c:af:01:c3:30:c8:dd:b5:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5271438e23ce925e66c259981221b5b683a2f08f Validity Not Before: Dec 21 10:00:34 2025 GMT Not After : Dec 22 10:00:34 2025 GMT Subject: CN=196b2e8665b06e62051ac1a25a7049edc999a745 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e3:e4:99:33:0a:b2:e3:8c:12:64:ed:99:8b: 10:69:64:e7:85:0e:f8:b5:5f:c3:17:80:88:c1:d8: 15:5b:f8:b5:8a:eb:77:68:6a:21:23:e4:01:8f:af: d9:d1:5f:ba:02:7e:4f:f2:a3:49:d1:49:b4:06:ac: e0:27:eb:fa:39:ff:7e:4e:ee:94:c4:ac:5b:ab:30: dc:19:23:bb:4d:9a:a4:9e:6e:24:0c:42:05:d0:0f: a1:b7:65:8f:0c:4c:ce:6a:49:91:9e:68:ee:fb:88: 70:6b:11:d0:c0:5e:d4:98:12:05:ed:f6:47:1d:b3: 2c:90:60:be:3f:bf:14:c5:5e:5c:6f:37:8c:11:1c: 2c:16:62:df:7e:6a:60:6e:ea:43:41:33:dc:d4:c0: 46:bf:3a:e4:3c:3a:21:6c:ab:45:34:e0:b8:a2:5c: e8:7e:25:30:a8:13:33:d8:6e:15:a5:4c:6d:c1:fd: 28:49:3d:87:4b:50:78:da:40:ee:df:28:20:f2:c1: 66:00:b4:67:7a:75:ab:03:3d:21:b5:95:f2:93:44: 4c:1a:5f:b7:a6:f3:10:01:49:d1:26:01:5d:95:23: ef:11:2a:75:84:58:63:2d:da:df:80:35:99:d9:b0: d9:fa:71:5c:0d:3d:bd:94:84:1c:94:8b:8a:11:8b: 23:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:6B:2E:86:65:B0:6E:62:05:1A:C1:A2:5A:70:49:ED:C9:99:A7:45 X509v3 Authority Key Identifier: keyid:52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:9c:d3:9a:ce:8e:b2:21:3d:ab:93:f4:f5:f6:33:56:00:ce: 31:cb:57:87:28:fc:35:4a:dd:6b:78:f3:06:af:4d:ab:f2:d9: 2b:d2:8a:01:35:26:18:c3:1f:f5:d3:d4:e7:f7:83:92:27:23: fd:3d:93:80:ab:82:33:e7:cb:5a:ed:99:d4:c9:1c:4f:31:a6: 04:76:56:7b:7d:3f:15:53:90:a2:45:30:5a:6c:4d:ff:86:5d: 93:c5:6f:2c:5e:16:37:55:68:88:01:78:80:6e:16:5e:21:8c: fa:c6:93:29:82:47:02:84:fd:93:64:af:f0:19:7e:ed:7d:e1: f7:2f:54:6b:45:10:df:4b:a6:83:4b:6c:10:62:18:66:4f:6a: 75:86:f6:9f:25:51:97:f2:91:40:2b:16:d7:0d:09:c8:34:99: dc:d4:72:6b:c9:16:9a:45:ac:bb:7d:e8:1d:f8:12:3f:5f:fc: 82:20:94:2d:70:75:83:2e:67:f7:82:33:8e:61:0d:3d:13:da: 63:c9:1c:5e:c5:44:b9:28:3f:e0:86:cd:7e:c3:b4:dd:f9:6e: fc:6f:f5:37:9b:6c:6d:d1:85:6e:d5:29:73:ce:67:71:5f:5d: e2:0b:a6:05:3f:d4:99:14:4e:76:63:53:1e:b1:e8:06:fd:a1: 38:21:0a:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWoxsuZR8LK8BwzDI3bVJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyNzE0MzhlMjNjZTkyNWU2NmMyNTk5ODEyMjFiNWI2ODNh MmYwOGYwHhcNMjUxMjIxMTAwMDM0WhcNMjUxMjIyMTAwMDM0WjAzMTEwLwYDVQQD EygxOTZiMmU4NjY1YjA2ZTYyMDUxYWMxYTI1YTcwNDllZGM5OTlhNzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOPkmTMKsuOMEmTtmYsQaWTnhQ74 tV/DF4CIwdgVW/i1iut3aGohI+QBj6/Z0V+6An5P8qNJ0Um0BqzgJ+v6Of9+Tu6U xKxbqzDcGSO7TZqknm4kDEIF0A+ht2WPDEzOakmRnmju+4hwaxHQwF7UmBIF7fZH HbMskGC+P78UxV5cbzeMERwsFmLffmpgbupDQTPc1MBGvzrkPDohbKtFNOC4olzo fiUwqBMz2G4VpUxtwf0oST2HS1B42kDu3ygg8sFmALRnenWrAz0htZXyk0RMGl+3 pvMQAUnRJgFdlSPvESp1hFhjLdrfgDWZ2bDZ+nFcDT29lIQclIuKEYsj7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBlrLoZlsG5iBRrBolpwSe3JmadFMB8GA1UdIwQY MBaAFFJxQ44jzpJeZsJZmBIhtbaDovCPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMt OWFkMDM1NDc0MTE0LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMtOWFkMDM1NDc0MTE0 LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5zTms6O siE9q5P09fYzVgDOMctXhyj8NUrda3jzBq9Nq/LZK9KKATUmGMMf9dPU5/eDkicj /T2TgKuCM+fLWu2Z1MkcTzGmBHZWe30/FVOQokUwWmxN/4Zdk8VvLF4WN1VoiAF4 gG4WXiGM+saTKYJHAoT9k2Sv8Bl+7X3h9y9Ua0UQ30umg0tsEGIYZk9qdYb2nyVR l/KRQCsW1w0JyDSZ3NRya8kWmkWsu33oHfgSP1/8giCULXB1gy5n94IzjmENPRPa Y8kcXsVEuSg/4IbNfsO03flu/G/1N5tsbdGFbtUpc85ncV9d4gumBT/UmRROdmNT HrHoBv2hOCEKtQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:32:11 2025 by rpki-client