This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft File: uT2pHx9TY0JyxZEQh85my602FKM.mft (raw, json) Hash identifier: axN1gQrjXzt22ba/9j3pMycSxHY/+VdebHBB5LAMbb8= Subject key identifier: 88:67:38:3D:12:20:D4:DD:8A:C5:DD:DB:F7:09:77:11:F8:B7:9E:4B Authority key identifier: B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3 Certificate issuer: /CN=b93da91f1f53634272c5911087ce66cbad3614a3 Certificate serial: 019B4A0298C6CAA9DD9BEA58480D1F47D533 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft Manifest number: 092D Signing time: Tue 23 Dec 2025 07:00:42 +0000 Manifest this update: Tue 23 Dec 2025 07:00:42 +0000 Manifest next update: Wed 24 Dec 2025 07:00:42 +0000 Files and hashes: 1: 0386LGj4Sidbyca8KneFkNR54TI.roa (hash: jcV5FqK/anJpS83+3AC/ntYQGRcWnZsS3JRi5ZH9EXg=) 2: uT2pHx9TY0JyxZEQh85my602FKM.crl (hash: jPd6fqLBNU43RrE6U87YTOVrOV1tboq38JQqgnCcrvk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:02:98:c6:ca:a9:dd:9b:ea:58:48:0d:1f:47:d5:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b93da91f1f53634272c5911087ce66cbad3614a3 Validity Not Before: Dec 23 07:00:42 2025 GMT Not After : Dec 24 07:00:42 2025 GMT Subject: CN=8867383d1220d4dd8ac5dddbf7097711f8b79e4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:79:1e:ee:1f:92:79:91:67:b4:c2:27:aa:2c: 6e:c2:4a:2d:cc:10:97:c1:5a:d0:14:31:b7:0b:57: 95:33:19:66:bf:c6:3d:43:6c:c7:80:a2:e8:a1:97: 5e:41:f7:b3:b5:03:c0:07:e2:2b:6b:29:00:55:d6: 39:29:9e:18:d4:b1:b2:1b:1a:f3:3d:42:c8:f9:0e: 0f:90:32:1e:29:55:09:6d:50:a9:27:49:2a:2e:4f: 6b:17:d4:35:8f:19:86:1a:08:7c:b3:28:d9:07:64: 25:f2:e2:98:05:a6:3f:b2:de:6e:02:52:b2:3c:d6: 30:17:d6:73:2e:4a:ab:e2:c8:6c:0b:90:a4:bc:21: d8:45:3f:45:4d:8c:01:ab:98:98:86:ce:3b:62:44: 9d:2b:e3:57:16:d8:79:f5:33:38:60:7c:02:42:1f: c3:f7:51:7b:ea:be:9f:ef:16:e7:e8:e0:f8:e3:3b: 97:d6:9d:37:6f:54:61:28:f3:64:3a:81:fe:8b:15: 91:2f:ba:49:3d:89:ce:50:b3:21:23:85:bf:11:c3: 4a:8a:82:cb:74:6d:eb:a7:d4:0e:8a:6a:aa:83:4a: c1:7a:c2:7d:11:3f:4d:d8:49:e7:5a:34:b9:28:38: 6b:a5:85:43:6c:b3:ce:fe:00:25:12:d2:92:78:bf: 63:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:67:38:3D:12:20:D4:DD:8A:C5:DD:DB:F7:09:77:11:F8:B7:9E:4B X509v3 Authority Key Identifier: keyid:B9:3D:A9:1F:1F:53:63:42:72:C5:91:10:87:CE:66:CB:AD:36:14:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT2pHx9TY0JyxZEQh85my602FKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ca4471-34d0-4816-81d1-8bf5b1ed1209/1/uT2pHx9TY0JyxZEQh85my602FKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:70:59:45:97:60:a0:6d:55:d3:df:21:29:55:c8:32:02:f3: 39:f4:ff:c1:ed:a9:db:35:a5:94:f0:3d:9e:d9:b2:85:c8:e8: 86:93:50:6b:43:36:b7:97:5c:73:47:10:95:9b:1c:3f:d5:57: 51:b8:af:88:56:64:6e:1b:da:92:2c:08:83:85:a2:13:9d:ec: 4a:94:13:33:56:f9:ab:cc:27:66:f1:a2:d2:c9:d5:38:f9:f2: 69:41:2d:8a:56:14:e9:b8:f6:38:fb:18:0e:5f:d7:6c:f9:7b: 5f:c1:36:43:1b:61:7b:59:36:9f:00:a5:4a:f4:8c:91:7c:81: f3:9e:b5:52:32:3e:b8:22:7a:43:29:ca:c2:14:0f:0c:f8:b5: 85:8a:a1:89:fb:3b:bb:29:a5:18:2b:99:61:5a:38:c6:b5:b6: f1:cc:da:32:47:a1:c1:da:59:af:21:c6:1f:fd:a0:d2:05:e8: 80:08:53:aa:4b:12:fb:d8:64:db:e9:a0:06:0d:51:35:59:cb: 88:59:0f:f3:b4:88:8b:31:c6:d0:1d:12:dc:6a:3a:ad:cd:9c: 6f:b4:e2:f9:d2:42:71:06:d7:78:af:bd:4b:7e:57:6e:39:7f: b7:12:26:60:f2:67:45:eb:2f:b2:f5:a1:77:38:a4:56:6b:82: 8d:ec:05:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKApjGyqndm+pYSA0fR9UzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5M2RhOTFmMWY1MzYzNDI3MmM1OTExMDg3Y2U2NmNiYWQz NjE0YTMwHhcNMjUxMjIzMDcwMDQyWhcNMjUxMjI0MDcwMDQyWjAzMTEwLwYDVQQD Eyg4ODY3MzgzZDEyMjBkNGRkOGFjNWRkZGJmNzA5NzcxMWY4Yjc5ZTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXke7h+SeZFntMInqixuwkotzBCX wVrQFDG3C1eVMxlmv8Y9Q2zHgKLooZdeQfeztQPAB+IraykAVdY5KZ4Y1LGyGxrz PULI+Q4PkDIeKVUJbVCpJ0kqLk9rF9Q1jxmGGgh8syjZB2Ql8uKYBaY/st5uAlKy PNYwF9ZzLkqr4shsC5CkvCHYRT9FTYwBq5iYhs47YkSdK+NXFth59TM4YHwCQh/D 91F76r6f7xbn6OD44zuX1p03b1RhKPNkOoH+ixWRL7pJPYnOULMhI4W/EcNKioLL dG3rp9QOimqqg0rBesJ9ET9N2EnnWjS5KDhrpYVDbLPO/gAlEtKSeL9j8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIhnOD0SINTdisXd2/cJdxH4t55LMB8GA1UdIwQY MBaAFLk9qR8fU2NCcsWREIfOZsutNhSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEt OGJmNWIxZWQxMjA5LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9jYTQ0NzEtMzRkMC00ODE2LTgxZDEtOGJmNWIxZWQxMjA5 LzEvdVQycEh4OVRZMEp5eFpFUWg4NW15NjAyRktNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXBZRZdg oG1V098hKVXIMgLzOfT/we2p2zWllPA9ntmyhcjohpNQa0M2t5dcc0cQlZscP9VX UbiviFZkbhvakiwIg4WiE53sSpQTM1b5q8wnZvGi0snVOPnyaUEtilYU6bj2OPsY Dl/XbPl7X8E2Qxthe1k2nwClSvSMkXyB8561UjI+uCJ6QynKwhQPDPi1hYqhifs7 uymlGCuZYVo4xrW28czaMkehwdpZryHGH/2g0gXogAhTqksS+9hk2+mgBg1RNVnL iFkP87SIizHG0B0S3Go6rc2cb7Ti+dJCcQbXeK+9S35Xbjl/txImYPJnResvsvWh dzikVmuCjewFtQ== -----END CERTIFICATE-----Generated at Tue Dec 23 11:21:33 2025 by rpki-client