This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft File: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft (raw, json) Hash identifier: sWjz2UA+MO0JOO21d1cpvzVsfQqNKECDfIXWRdAtFN0= Subject key identifier: 5A:CF:0A:CE:4A:CB:AA:BF:CA:FE:C3:64:F1:FD:84:7F:FC:24:D4:89 Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F Certificate issuer: /CN=53e3aedd91be82451342dcd1c9828345db661a5f Certificate serial: 019B22F5A29653390658385E3E45CC596748 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft Manifest number: 0A06 Signing time: Mon 15 Dec 2025 17:01:21 +0000 Manifest this update: Mon 15 Dec 2025 17:01:21 +0000 Manifest next update: Tue 16 Dec 2025 17:01:21 +0000 Files and hashes: 1: If5j4KjsWFg3kwDUxrHpbFCCjpg.roa (hash: iGbVOgQjxfoZ4tZTHfIMlZvCv27war8Yd/ywUcGl39o=) 2: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl (hash: 05eaqnUq97STM8HAYDJersogg7wzdkjACqEkudkVCWY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:f5:a2:96:53:39:06:58:38:5e:3e:45:cc:59:67:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f Validity Not Before: Dec 15 17:01:21 2025 GMT Not After : Dec 16 17:01:21 2025 GMT Subject: CN=5acf0ace4acbaabfcafec364f1fd847ffc24d489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:25:f3:65:80:49:1c:c5:ad:23:3b:4c:fa:ac: 49:28:e4:d3:b6:2c:27:12:3e:c9:e4:4c:90:8f:f8: be:cd:d5:a1:a9:b2:56:bf:21:f3:35:9e:ae:85:23: b4:49:7b:c2:b8:cd:ff:c2:b2:86:da:cf:79:70:03: ef:a7:fb:19:82:2c:4f:30:91:0d:fd:ad:33:00:12: 57:18:c4:3b:e9:0f:ef:cf:a4:5d:27:c5:ed:75:95: a1:2b:ab:dc:1d:d2:a0:55:07:1a:34:45:1d:7b:20: c1:31:7f:54:bd:9c:2f:34:c7:07:5b:5a:23:41:31: dd:d3:ae:0e:08:1e:2d:e4:b0:ee:bf:f2:a7:40:86: 0c:89:0f:a6:90:da:79:73:ae:4a:8a:70:86:23:6f: 33:08:81:b8:25:d8:d9:24:1d:8f:50:6a:51:d2:de: 5e:c5:5b:86:13:a6:06:4a:b6:ba:13:8c:d6:70:b6: 2f:f6:8c:ea:ab:bd:cd:6b:3e:08:f1:c2:66:17:b9: 43:2e:e7:79:1e:a9:50:bd:7a:a9:44:56:70:58:e5: 0c:08:ee:c9:7e:e9:76:d7:60:5b:8e:d0:22:88:56: af:7c:5d:3f:99:9b:0e:33:34:55:3a:d8:76:55:4c: 54:eb:bb:2c:5e:a7:1a:1b:32:90:4b:54:ca:6f:c7: 0e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:CF:0A:CE:4A:CB:AA:BF:CA:FE:C3:64:F1:FD:84:7F:FC:24:D4:89 X509v3 Authority Key Identifier: keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:b9:d2:43:c9:5d:c5:a2:9c:57:32:d5:f9:bb:4d:2f:9f:c3: ce:9f:a6:76:5c:28:e5:e4:bc:12:2d:f1:6f:bf:9c:83:e7:3e: f1:24:32:16:60:f5:6e:ad:4a:6c:ac:fb:f8:bd:bc:b2:70:a6: 13:c1:52:b5:d6:7f:ae:ae:45:21:85:bc:fc:5c:40:15:6a:11: da:f5:de:db:1d:36:18:cd:1c:18:b8:03:cc:3d:41:d7:e6:88: 9c:6d:e7:a0:29:73:e8:a5:2d:3c:db:b8:ef:15:29:fa:ca:1b: 42:fa:d0:c0:b5:21:b1:b2:f9:15:85:1a:8f:e1:83:ed:2c:43: 61:20:d2:35:d7:3d:e5:77:9e:bb:a7:b4:af:f0:c7:ac:79:6a: 26:24:70:6e:7e:83:ec:78:31:e1:d5:55:bc:0e:b7:92:c6:45: 94:35:15:f2:30:89:0e:eb:70:f6:39:9a:17:f7:d1:f6:c3:57: 7c:d1:ad:a6:3e:5c:69:d4:b5:49:87:f0:04:d9:81:86:85:92: 38:3a:45:a9:cb:5d:d6:94:de:39:d8:ac:95:f6:78:e0:ea:c2: d3:a6:52:55:a0:90:48:fa:7e:29:f6:d5:3c:28:36:4a:b0:3a: ca:ff:a2:9e:08:47:83:17:0f:69:a1:d4:ce:bb:e2:b2:4a:7c: dc:01:43:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsi9aKWUzkGWDhePkXMWWdIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2 NjFhNWYwHhcNMjUxMjE1MTcwMTIxWhcNMjUxMjE2MTcwMTIxWjAzMTEwLwYDVQQD Eyg1YWNmMGFjZTRhY2JhYWJmY2FmZWMzNjRmMWZkODQ3ZmZjMjRkNDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSXzZYBJHMWtIztM+qxJKOTTtiwn Ej7J5EyQj/i+zdWhqbJWvyHzNZ6uhSO0SXvCuM3/wrKG2s95cAPvp/sZgixPMJEN /a0zABJXGMQ76Q/vz6RdJ8XtdZWhK6vcHdKgVQcaNEUdeyDBMX9UvZwvNMcHW1oj QTHd064OCB4t5LDuv/KnQIYMiQ+mkNp5c65KinCGI28zCIG4JdjZJB2PUGpR0t5e xVuGE6YGSra6E4zWcLYv9ozqq73Naz4I8cJmF7lDLud5HqlQvXqpRFZwWOUMCO7J ful212BbjtAiiFavfF0/mZsOMzRVOth2VUxU67ssXqcaGzKQS1TKb8cOnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFrPCs5Ky6q/yv7DZPH9hH/8JNSJMB8GA1UdIwQY MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt YTdkOTQ1YWYxNGU1LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1 LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATrnSQ8ld xaKcVzLV+btNL5/Dzp+mdlwo5eS8Ei3xb7+cg+c+8SQyFmD1bq1KbKz7+L28snCm E8FStdZ/rq5FIYW8/FxAFWoR2vXe2x02GM0cGLgDzD1B1+aInG3noClz6KUtPNu4 7xUp+sobQvrQwLUhsbL5FYUaj+GD7SxDYSDSNdc95Xeeu6e0r/DHrHlqJiRwbn6D 7Hgx4dVVvA63ksZFlDUV8jCJDutw9jmaF/fR9sNXfNGtpj5cadS1SYfwBNmBhoWS ODpFqctd1pTeOdislfZ44OrC06ZSVaCQSPp+KfbVPCg2SrA6yv+inghHgxcPaaHU zrviskp83AFDeg== -----END CERTIFICATE-----Generated at Mon Dec 15 23:02:31 2025 by rpki-client