This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft File: cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json) Hash identifier: CVxlq+wFL3K29xmuhewyCmOWpo0r7iDPkb5vCNlWiuc= Subject key identifier: 5E:0E:33:0F:2B:0E:3B:00:10:52:01:AA:95:08:98:27:4E:10:E1:80 Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB Certificate issuer: /CN=714b7c388033e1623fc6d8beb7af5c39425191db Certificate serial: 019B19BBAD2865C65C8DE4CD9F15CEFD9DC1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft Manifest number: 092D Signing time: Sat 13 Dec 2025 22:01:28 +0000 Manifest this update: Sat 13 Dec 2025 22:01:28 +0000 Manifest next update: Sun 14 Dec 2025 22:01:28 +0000 Files and hashes: 1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: yzy6z2ZgWMvdvlp/N/j1TJBImRUNe9rR/x5O+fyo7oY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:ad:28:65:c6:5c:8d:e4:cd:9f:15:ce:fd:9d:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db Validity Not Before: Dec 13 22:01:28 2025 GMT Not After : Dec 14 22:01:28 2025 GMT Subject: CN=5e0e330f2b0e3b00105201aa950898274e10e180 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e1:59:56:08:63:5a:77:6e:06:6d:02:e7:f2: be:48:bd:1d:6c:bf:8a:fc:ec:ca:0d:89:b8:d2:25: c3:87:32:38:9d:68:a5:28:ea:4f:a9:63:15:4d:10: e0:fa:4d:06:01:38:18:37:28:d7:ac:71:d0:13:10: dd:a2:64:63:81:0c:1e:32:9b:77:b4:46:49:91:3c: 5d:e2:12:7c:d6:f8:08:cc:c0:58:44:ac:23:7a:16: 84:cf:7f:fb:1c:84:93:06:5c:a9:58:94:c6:c2:f8: 4d:80:e8:39:ca:b7:66:9c:36:32:9a:11:ee:cb:42: c9:bf:ab:7a:0c:7c:3d:d3:99:7f:f3:27:52:52:09: e6:b1:d6:79:fa:0a:6f:95:be:cf:d5:8e:f0:1f:ff: 8a:a7:3c:6b:4e:9c:45:c0:a9:97:2c:9f:bc:fe:ad: 16:24:0e:82:e5:24:f2:89:88:2b:4a:40:75:fa:0f: 7a:42:d3:5c:cc:75:81:0f:e0:f1:73:b6:62:35:83: 43:77:93:05:43:fc:fd:35:dd:28:2e:cc:f4:40:fd: 91:10:a8:80:c1:bf:10:40:6a:26:75:35:f7:b8:aa: 8f:c3:4d:34:46:ab:2e:33:e6:e0:9d:91:0d:5d:d9: 9a:2a:1c:28:b8:fe:8a:a0:4d:50:08:dc:20:a3:ab: 0b:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0E:33:0F:2B:0E:3B:00:10:52:01:AA:95:08:98:27:4E:10:E1:80 X509v3 Authority Key Identifier: keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:8b:af:b5:10:0b:fc:34:e3:27:55:f9:7a:2a:39:9f:47:89: c5:68:02:09:15:ec:03:de:ea:6f:70:ec:df:f8:fd:e5:a1:ce: f2:c5:3b:44:b9:ae:23:a1:2d:35:c5:35:cf:53:64:38:75:6c: 90:ab:0c:59:0b:79:e6:c8:96:50:ea:fa:bf:4b:cb:99:12:17: 17:ac:c3:33:dc:38:e7:12:92:f8:85:a2:e3:ee:b4:2d:30:44: 73:af:58:8d:d2:00:f2:76:5d:d3:f7:57:25:f3:3e:d5:55:43: 85:7c:f5:4f:68:35:79:79:ac:ca:06:3c:51:e8:44:e2:b6:80: 9e:57:00:7b:1f:7b:9e:47:f8:6d:d4:a4:22:30:28:75:ca:49: e9:69:57:97:96:17:3e:41:78:9a:d9:b0:78:11:9a:d8:55:38: 39:2a:6e:a1:d5:64:c4:5b:7a:b3:1a:f7:a9:06:7f:ff:c6:8b: ef:4c:5a:29:32:d1:bd:1e:13:3b:7a:bb:06:47:d7:59:db:c4: 71:1f:06:ae:b0:88:64:7d:6f:dc:33:6d:45:69:5f:a6:aa:a8: fd:58:a7:d0:80:a2:2a:5f:d5:ee:15:c1:be:e1:22:12:56:92: 75:c5:71:cc:5a:41:05:8e:d7:e9:8b:63:5d:f5:1b:c2:29:d1: 03:24:3a:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZu60oZcZcjeTNnxXO/Z3BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1 MTkxZGIwHhcNMjUxMjEzMjIwMTI4WhcNMjUxMjE0MjIwMTI4WjAzMTEwLwYDVQQD Eyg1ZTBlMzMwZjJiMGUzYjAwMTA1MjAxYWE5NTA4OTgyNzRlMTBlMTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuFZVghjWnduBm0C5/K+SL0dbL+K /OzKDYm40iXDhzI4nWilKOpPqWMVTRDg+k0GATgYNyjXrHHQExDdomRjgQweMpt3 tEZJkTxd4hJ81vgIzMBYRKwjehaEz3/7HISTBlypWJTGwvhNgOg5yrdmnDYymhHu y0LJv6t6DHw905l/8ydSUgnmsdZ5+gpvlb7P1Y7wH/+KpzxrTpxFwKmXLJ+8/q0W JA6C5STyiYgrSkB1+g96QtNczHWBD+Dxc7ZiNYNDd5MFQ/z9Nd0oLsz0QP2REKiA wb8QQGomdTX3uKqPw000RqsuM+bgnZENXdmaKhwouP6KoE1QCNwgo6sL0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF4OMw8rDjsAEFIBqpUImCdOEOGAMB8GA1UdIwQY MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4uvtRAL /DTjJ1X5eio5n0eJxWgCCRXsA97qb3Ds3/j95aHO8sU7RLmuI6EtNcU1z1NkOHVs kKsMWQt55siWUOr6v0vLmRIXF6zDM9w45xKS+IWi4+60LTBEc69YjdIA8nZd0/dX JfM+1VVDhXz1T2g1eXmsygY8UehE4raAnlcAex97nkf4bdSkIjAodcpJ6WlXl5YX PkF4mtmweBGa2FU4OSpuodVkxFt6sxr3qQZ//8aL70xaKTLRvR4TO3q7BkfXWdvE cR8GrrCIZH1v3DNtRWlfpqqo/Vin0ICiKl/V7hXBvuEiElaSdcVxzFpBBY7X6Ytj XfUbwinRAyQ6jQ== -----END CERTIFICATE-----Generated at Sun Dec 14 01:54:06 2025 by rpki-client