This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.mft File: uah5UDfdQPAYNz9HxZ4EohL1oFU.mft (raw, json) Hash identifier: sIH3G59LzzMoYq1Wh055eb5UbPC45bNF+x1aXjk7bLk= Subject key identifier: C8:71:DC:C2:09:72:7F:0B:65:D1:01:FA:4A:FE:39:5E:19:43:20:77 Authority key identifier: B9:A8:79:50:37:DD:40:F0:18:37:3F:47:C5:9E:04:A2:12:F5:A0:55 Certificate issuer: /CN=b9a8795037dd40f018373f47c59e04a212f5a055 Certificate serial: 019B5ABFB45D64D0F9EC41DEE4685864D9AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uah5UDfdQPAYNz9HxZ4EohL1oFU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.mft Manifest number: 128B Signing time: Fri 26 Dec 2025 13:01:11 +0000 Manifest this update: Fri 26 Dec 2025 13:01:11 +0000 Manifest next update: Sat 27 Dec 2025 13:01:11 +0000 Files and hashes: 1: M1itbXmnZylV5aQUWr69aXiCwXg.roa (hash: oXiWWV28pZSLXwASeR4LLqDCm3LTnJMuWV3NYCvwU8Q=) 2: uah5UDfdQPAYNz9HxZ4EohL1oFU.crl (hash: bM3PvGkAdEAIu9o0CKYhlKEPDGKGHEPAEzGpLxi4F/4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.mft rsync://rpki.ripe.net/repository/DEFAULT/uah5UDfdQPAYNz9HxZ4EohL1oFU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:b4:5d:64:d0:f9:ec:41:de:e4:68:58:64:d9:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9a8795037dd40f018373f47c59e04a212f5a055 Validity Not Before: Dec 26 13:01:11 2025 GMT Not After : Dec 27 13:01:11 2025 GMT Subject: CN=c871dcc209727f0b65d101fa4afe395e19432077 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5e:9e:54:74:8c:0e:40:bc:09:18:44:95:a9: 43:ce:9a:bd:8f:8f:d0:3d:a3:cc:f2:78:98:44:a7: 35:9e:e3:55:e9:47:91:8c:9a:d2:c3:f6:31:e9:84: 95:1f:2d:84:d2:74:a1:94:fc:34:37:5b:ba:03:80: e6:4b:8a:d5:8e:64:fc:b2:9d:67:32:13:53:fe:91: 41:bc:f0:91:24:f5:d9:43:05:69:ef:c0:4a:cb:24: 52:98:61:1f:16:d0:46:b9:35:e0:1d:62:6c:e8:4e: 83:52:a7:ea:25:ad:17:4b:74:29:15:50:62:3c:c7: 17:85:e6:e0:04:37:9b:1d:ea:e5:58:ed:62:4d:ac: 44:dc:4d:86:3c:38:aa:6d:a1:4e:c5:84:83:81:c9: 4e:c9:22:91:74:a3:c0:a8:99:72:fc:ea:bd:da:2b: 3f:3d:44:22:b0:7b:69:43:b3:5f:70:fa:08:d3:25: 5a:6a:7c:da:78:74:ee:01:45:bf:96:a0:33:78:c2: 7b:8a:dd:8a:b0:3c:c9:d0:43:4c:b5:2f:68:7c:22: 3c:a5:88:43:b2:1e:40:69:18:e2:4a:0a:18:9d:04: 5c:f3:83:3e:a8:72:93:18:3b:8f:49:c4:8c:27:68: 37:6e:95:3c:0f:93:ab:29:38:50:11:ae:25:3d:c9: 57:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:71:DC:C2:09:72:7F:0B:65:D1:01:FA:4A:FE:39:5E:19:43:20:77 X509v3 Authority Key Identifier: keyid:B9:A8:79:50:37:DD:40:F0:18:37:3F:47:C5:9E:04:A2:12:F5:A0:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uah5UDfdQPAYNz9HxZ4EohL1oFU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f3d326-154e-412e-b344-7d22b7684479/1/uah5UDfdQPAYNz9HxZ4EohL1oFU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:8c:ca:3c:ef:a6:09:23:95:36:d8:ed:d4:74:56:52:b0:9e: 66:07:95:c1:18:34:d8:4a:94:44:33:5f:5a:6c:1c:14:7f:24: 10:05:81:70:5e:34:3d:4e:4d:d5:01:ca:a5:f7:97:34:8e:6d: f8:c3:6b:be:dd:41:83:87:ca:d4:a8:85:ea:ad:fe:e0:31:f0: 12:d4:61:9d:17:2b:6f:37:26:78:57:4e:c3:8d:ff:f5:75:ad: f5:7b:03:ae:34:d2:7b:8e:55:3b:30:e5:09:b8:29:4c:1c:e7: 45:a0:c1:ea:20:20:07:08:8a:c8:fd:ac:3d:f4:5b:57:f8:f7: 73:e2:02:55:cc:10:c5:3d:c2:d2:7d:6e:c1:b8:9d:52:a5:48: 8b:c0:bf:2e:b1:9f:d5:35:d8:1e:e3:e7:ce:c4:40:08:31:87: 97:4c:67:90:c7:98:29:1c:3d:42:69:d2:07:6a:07:99:c7:b0: 4f:ec:96:4e:df:55:a8:d6:87:5c:da:fa:a2:1f:c1:2a:ca:d7: 19:cd:92:33:62:d2:50:2f:ae:f5:e4:27:7d:96:67:ac:49:e5: f8:e9:0a:ef:7f:e9:22:6c:b7:73:b2:d6:72:86:60:c3:cd:33: 74:be:6e:6a:c6:98:85:0d:fd:64:aa:3a:e1:0c:17:93:23:a6: 5d:bd:a1:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav7RdZND57EHe5GhYZNmqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5YTg3OTUwMzdkZDQwZjAxODM3M2Y0N2M1OWUwNGEyMTJm NWEwNTUwHhcNMjUxMjI2MTMwMTExWhcNMjUxMjI3MTMwMTExWjAzMTEwLwYDVQQD EyhjODcxZGNjMjA5NzI3ZjBiNjVkMTAxZmE0YWZlMzk1ZTE5NDMyMDc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul6eVHSMDkC8CRhElalDzpq9j4/Q PaPM8niYRKc1nuNV6UeRjJrSw/Yx6YSVHy2E0nShlPw0N1u6A4DmS4rVjmT8sp1n MhNT/pFBvPCRJPXZQwVp78BKyyRSmGEfFtBGuTXgHWJs6E6DUqfqJa0XS3QpFVBi PMcXhebgBDebHerlWO1iTaxE3E2GPDiqbaFOxYSDgclOySKRdKPAqJly/Oq92is/ PUQisHtpQ7NfcPoI0yVaanzaeHTuAUW/lqAzeMJ7it2KsDzJ0ENMtS9ofCI8pYhD sh5AaRjiSgoYnQRc84M+qHKTGDuPScSMJ2g3bpU8D5OrKThQEa4lPclXTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMhx3MIJcn8LZdEB+kr+OV4ZQyB3MB8GA1UdIwQY MBaAFLmoeVA33UDwGDc/R8WeBKIS9aBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWFoNVVEZmRRUEFZTno5SHhaNEVvaEwxb0ZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mM2QzMjYtMTU0ZS00MTJlLWIzNDQt N2QyMmI3Njg0NDc5LzEvdWFoNVVEZmRRUEFZTno5SHhaNEVvaEwxb0ZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9mM2QzMjYtMTU0ZS00MTJlLWIzNDQtN2QyMmI3Njg0NDc5 LzEvdWFoNVVEZmRRUEFZTno5SHhaNEVvaEwxb0ZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYzKPO+m CSOVNtjt1HRWUrCeZgeVwRg02EqURDNfWmwcFH8kEAWBcF40PU5N1QHKpfeXNI5t +MNrvt1Bg4fK1KiF6q3+4DHwEtRhnRcrbzcmeFdOw43/9XWt9XsDrjTSe45VOzDl CbgpTBznRaDB6iAgBwiKyP2sPfRbV/j3c+ICVcwQxT3C0n1uwbidUqVIi8C/LrGf 1TXYHuPnzsRACDGHl0xnkMeYKRw9QmnSB2oHmcewT+yWTt9VqNaHXNr6oh/BKsrX Gc2SM2LSUC+u9eQnfZZnrEnl+OkK73/pImy3c7LWcoZgw80zdL5uasaYhQ39ZKo6 4QwXkyOmXb2hXQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:28 2025 by rpki-client