This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft File: udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json) Hash identifier: pEEwnFmcZWxZsfUKScbg8RIy/uekn64pf2QYQiNs5cE= Subject key identifier: F8:4E:F1:F5:13:CC:A0:38:DD:BA:04:32:35:81:57:A0:8B:7C:E5:DE Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21 Certificate issuer: /CN=b9d095cce35b3a36bef108ef762a621af4662621 Certificate serial: 019B3268931382FB766F4AB49DA026F1F3DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft Manifest number: 04D7 Signing time: Thu 18 Dec 2025 17:01:12 +0000 Manifest this update: Thu 18 Dec 2025 17:01:12 +0000 Manifest next update: Fri 19 Dec 2025 17:01:12 +0000 Files and hashes: 1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: uPdbTWPfsMhBv6LPOfiHYxvhPZ8OtVJJcJydd5h0LzE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:93:13:82:fb:76:6f:4a:b4:9d:a0:26:f1:f3:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621 Validity Not Before: Dec 18 17:01:12 2025 GMT Not After : Dec 19 17:01:12 2025 GMT Subject: CN=f84ef1f513cca038ddba0432358157a08b7ce5de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7a:f1:41:15:af:2c:92:88:4e:91:33:80:b8: 92:5c:a4:26:03:d1:05:a5:19:ec:0c:5d:93:13:81: b4:28:68:cf:13:7c:f8:0d:c7:d4:c3:d5:a1:c9:6d: 97:3e:e4:a7:61:7b:af:5f:17:b5:4e:e9:c4:e4:1e: fb:c5:19:93:8a:92:c1:1f:32:bb:2c:04:68:cf:05: 8b:b0:09:e3:dc:49:e3:30:dc:a5:7b:0f:b0:6a:5a: 0c:a7:d5:84:0e:34:74:59:30:8d:f4:f5:1d:6b:02: 62:12:ef:71:83:6c:29:0d:2a:b2:3b:b6:f0:72:fb: 1f:27:4c:e6:23:29:e5:34:24:45:ce:61:86:74:e4: a8:60:35:88:a6:91:cf:00:8b:9f:dc:10:ba:0d:ca: 93:f1:a8:a0:74:fb:e9:83:39:34:77:d8:90:ec:b6: 34:59:53:e4:e3:94:57:70:f7:e1:f2:3b:f6:13:2f: db:98:57:fb:db:49:a0:2c:36:20:28:84:e3:9c:29: 78:41:75:05:4b:de:88:f5:9c:64:d3:5f:f1:e3:f3: 0d:54:c1:b6:55:b0:f5:51:36:9f:67:d1:be:58:9b: 0c:b5:35:ef:8b:c2:1c:e0:fc:22:cd:eb:94:7f:4b: 9d:f9:96:07:aa:4b:1c:53:7f:00:41:51:9c:68:14: f9:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:4E:F1:F5:13:CC:A0:38:DD:BA:04:32:35:81:57:A0:8B:7C:E5:DE X509v3 Authority Key Identifier: keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:9c:a0:f1:55:25:e7:1b:a6:68:fd:e7:0e:b4:0a:45:bc:cc: 17:e2:cc:ef:3f:08:f6:aa:d1:9e:0e:6c:2d:3c:9a:f3:28:01: ab:c6:e3:f4:33:6a:7a:5e:91:fe:d7:a7:60:a6:87:fd:7c:da: 8e:a4:4f:0a:c1:7d:78:ba:74:51:03:29:67:3f:d7:51:b1:ac: 83:b2:1a:1d:ca:33:1e:2b:b8:69:35:b0:0c:81:0e:b4:5b:33: e4:85:f0:25:2a:bc:aa:a2:60:67:74:88:51:27:3f:df:08:b0: c2:03:53:24:a3:7d:87:55:a3:2d:2d:09:bc:c5:a3:10:8f:d8: 09:7f:16:33:5d:65:41:e2:2b:ba:dc:f5:f5:69:c8:bc:60:9d: 61:e0:48:30:36:d5:81:84:9b:6d:f6:fc:46:a1:1c:88:97:55: ef:e1:8c:ad:d9:7b:80:74:b9:bc:c3:a3:a6:9d:6b:9f:88:0d: ec:a3:1c:1d:4c:41:c2:8d:2a:72:88:6c:3c:45:aa:44:a6:b9: 80:fb:08:50:23:a9:ea:88:92:01:f8:94:8d:ed:9c:76:64:6a: 93:0b:81:5f:41:6c:2f:0a:fe:8d:6a:da:06:79:b5:4b:8f:63: d4:d8:20:ea:e8:e7:7b:42:fb:44:20:0d:e1:0f:de:ba:e8:11: 3b:48:a7:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaJMTgvt2b0q0naAm8fPcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2 NjI2MjEwHhcNMjUxMjE4MTcwMTEyWhcNMjUxMjE5MTcwMTEyWjAzMTEwLwYDVQQD EyhmODRlZjFmNTEzY2NhMDM4ZGRiYTA0MzIzNTgxNTdhMDhiN2NlNWRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXrxQRWvLJKITpEzgLiSXKQmA9EF pRnsDF2TE4G0KGjPE3z4DcfUw9WhyW2XPuSnYXuvXxe1TunE5B77xRmTipLBHzK7 LARozwWLsAnj3EnjMNylew+waloMp9WEDjR0WTCN9PUdawJiEu9xg2wpDSqyO7bw cvsfJ0zmIynlNCRFzmGGdOSoYDWIppHPAIuf3BC6DcqT8aigdPvpgzk0d9iQ7LY0 WVPk45RXcPfh8jv2Ey/bmFf720mgLDYgKITjnCl4QXUFS96I9Zxk01/x4/MNVMG2 VbD1UTafZ9G+WJsMtTXvi8Ic4PwizeuUf0ud+ZYHqkscU38AQVGcaBT56QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPhO8fUTzKA43boEMjWBV6CLfOXeMB8GA1UdIwQY MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1 LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJyg8VUl 5xumaP3nDrQKRbzMF+LM7z8I9qrRng5sLTya8ygBq8bj9DNqel6R/tenYKaH/Xza jqRPCsF9eLp0UQMpZz/XUbGsg7IaHcozHiu4aTWwDIEOtFsz5IXwJSq8qqJgZ3SI USc/3wiwwgNTJKN9h1WjLS0JvMWjEI/YCX8WM11lQeIrutz19WnIvGCdYeBIMDbV gYSbbfb8RqEciJdV7+GMrdl7gHS5vMOjpp1rn4gN7KMcHUxBwo0qcohsPEWqRKa5 gPsIUCOp6oiSAfiUje2cdmRqkwuBX0FsLwr+jWraBnm1S49j1Ngg6ujne0L7RCAN 4Q/euugRO0inFQ== -----END CERTIFICATE-----Generated at Fri Dec 19 00:54:24 2025 by rpki-client