This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft File: UpJ4MtOYUOhR7staBRFpKZHdpdk.mft (raw, json) Hash identifier: rEkK5gNM0DKIi9k3jknHcODUfbCW1Js0jzMgh2S8aCg= Subject key identifier: F0:5D:7D:4F:80:D0:54:CF:6B:2D:2F:F2:B7:7C:6F:16:5E:5C:8C:CF Authority key identifier: 52:92:78:32:D3:98:50:E8:51:EE:CB:5A:05:11:69:29:91:DD:A5:D9 Certificate issuer: /CN=52927832d39850e851eecb5a0511692991dda5d9 Certificate serial: 019B19BCC113709FC0FE5A29928831FDCC88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft Manifest number: 1772 Signing time: Sat 13 Dec 2025 22:02:39 +0000 Manifest this update: Sat 13 Dec 2025 22:02:39 +0000 Manifest next update: Sun 14 Dec 2025 22:02:39 +0000 Files and hashes: 1: UpJ4MtOYUOhR7staBRFpKZHdpdk.crl (hash: eH9Ym7bLETkIg5AWA0eeOfadpgK/U2hXBh3TeoyS37U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bc:c1:13:70:9f:c0:fe:5a:29:92:88:31:fd:cc:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52927832d39850e851eecb5a0511692991dda5d9 Validity Not Before: Dec 13 22:02:39 2025 GMT Not After : Dec 14 22:02:39 2025 GMT Subject: CN=f05d7d4f80d054cf6b2d2ff2b77c6f165e5c8ccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d9:37:46:f1:50:07:5a:ab:b3:80:6d:6b:4e: 07:eb:cc:54:b7:15:0a:2e:94:c7:4e:97:ae:a6:41: e4:92:ec:5a:e8:14:2a:61:16:19:16:08:c3:4d:8a: 08:c8:d3:ae:fe:ee:66:78:89:df:a3:c8:b5:38:a5: 5f:c6:b4:f6:9c:73:ba:32:2f:f3:3b:44:8d:a0:1c: 7c:01:9e:34:d1:83:92:84:51:7d:13:1f:42:ee:23: 37:38:fc:72:a9:b7:bf:c1:4c:44:71:e0:72:51:08: 51:75:c5:f5:f4:c5:18:93:0b:6e:49:41:a1:b0:51: bd:1d:59:80:cf:e4:06:ff:64:f2:8c:80:f1:e6:b4: 70:54:54:39:75:28:4b:14:4a:1e:a0:aa:17:4c:0b: a6:bb:bc:80:73:fb:6e:f7:0b:58:2c:46:d0:bb:2a: 86:1a:33:a1:bc:7b:63:b3:e7:ca:3e:59:24:0d:55: c1:bd:21:58:dc:dd:77:e4:1e:63:e2:d2:4e:36:db: a5:66:33:51:13:22:b8:c5:90:70:97:32:c8:85:1a: 27:49:0d:6e:f6:17:79:a5:3e:b0:8d:7f:3c:c7:c3: 64:41:14:79:38:70:e8:53:ec:96:91:d8:2b:09:0d: 3d:4c:7f:d5:e8:ae:da:d0:16:6b:37:bd:93:ea:cf: f1:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:5D:7D:4F:80:D0:54:CF:6B:2D:2F:F2:B7:7C:6F:16:5E:5C:8C:CF X509v3 Authority Key Identifier: keyid:52:92:78:32:D3:98:50:E8:51:EE:CB:5A:05:11:69:29:91:DD:A5:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpJ4MtOYUOhR7staBRFpKZHdpdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/10429b-8049-47a2-ab99-256db3ed8335/1/UpJ4MtOYUOhR7staBRFpKZHdpdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:3e:6b:e2:2c:2f:81:d1:f5:12:15:4f:fb:44:c7:18:5b:fa: ca:c0:ab:39:a2:e2:ba:a3:05:1e:99:2c:5a:b5:27:5d:a0:82: 71:87:21:a4:24:2c:fb:27:6b:59:d3:bd:d6:a9:24:a0:31:df: 43:65:14:c2:ba:d3:e3:c2:b2:0b:0d:9d:4e:92:eb:f4:ef:fe: 0e:6e:c0:55:0d:22:d4:89:37:5c:8f:05:cd:95:86:ef:f4:84: a9:08:39:24:52:a4:79:2d:b9:11:d1:e7:42:ed:16:a0:27:04: e7:1e:3b:cb:0a:0b:d2:2a:75:8c:7f:15:32:28:e4:98:c4:49: f9:c8:9f:1f:2f:c7:e7:87:84:fd:e3:b6:bc:61:5c:0a:43:b3: 70:c8:b8:39:8b:34:5b:cc:88:99:78:af:ec:29:ff:ee:ca:22: d0:f4:72:5d:a5:c3:f1:f8:dc:6e:44:a9:e8:89:4c:04:54:82: 9d:ad:cd:5c:1f:ae:3d:f5:22:4e:ae:5e:a5:e4:22:4b:d3:bd: 0c:1a:50:4c:a7:dd:23:69:e7:ec:47:b9:69:3e:0c:25:8b:5b: 64:ec:26:17:b2:35:f3:3c:a3:f8:41:24:0a:a0:a6:45:c5:45: 07:5b:3c:b6:18:71:0a:cf:50:dd:07:6e:bd:5d:4c:e9:4b:43: 80:42:71:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZvMETcJ/A/lopkogx/cyIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyOTI3ODMyZDM5ODUwZTg1MWVlY2I1YTA1MTE2OTI5OTFk ZGE1ZDkwHhcNMjUxMjEzMjIwMjM5WhcNMjUxMjE0MjIwMjM5WjAzMTEwLwYDVQQD EyhmMDVkN2Q0ZjgwZDA1NGNmNmIyZDJmZjJiNzdjNmYxNjVlNWM4Y2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtk3RvFQB1qrs4Bta04H68xUtxUK LpTHTpeupkHkkuxa6BQqYRYZFgjDTYoIyNOu/u5meInfo8i1OKVfxrT2nHO6Mi/z O0SNoBx8AZ400YOShFF9Ex9C7iM3OPxyqbe/wUxEceByUQhRdcX19MUYkwtuSUGh sFG9HVmAz+QG/2TyjIDx5rRwVFQ5dShLFEoeoKoXTAumu7yAc/tu9wtYLEbQuyqG GjOhvHtjs+fKPlkkDVXBvSFY3N135B5j4tJONtulZjNREyK4xZBwlzLIhRonSQ1u 9hd5pT6wjX88x8NkQRR5OHDoU+yWkdgrCQ09TH/V6K7a0BZrN72T6s/x4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPBdfU+A0FTPay0v8rd8bxZeXIzPMB8GA1UdIwQY MBaAFFKSeDLTmFDoUe7LWgURaSmR3aXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMDQyOWItODA0OS00N2EyLWFiOTkt MjU2ZGIzZWQ4MzM1LzEvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8xMDQyOWItODA0OS00N2EyLWFiOTktMjU2ZGIzZWQ4MzM1 LzEvVXBKNE10T1lVT2hSN3N0YUJSRnBLWkhkcGRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKT5r4iwv gdH1EhVP+0THGFv6ysCrOaLiuqMFHpksWrUnXaCCcYchpCQs+ydrWdO91qkkoDHf Q2UUwrrT48KyCw2dTpLr9O/+Dm7AVQ0i1Ik3XI8FzZWG7/SEqQg5JFKkeS25EdHn Qu0WoCcE5x47ywoL0ip1jH8VMijkmMRJ+cifHy/H54eE/eO2vGFcCkOzcMi4OYs0 W8yImXiv7Cn/7soi0PRyXaXD8fjcbkSp6IlMBFSCna3NXB+uPfUiTq5epeQiS9O9 DBpQTKfdI2nn7Ee5aT4MJYtbZOwmF7I18zyj+EEkCqCmRcVFB1s8thhxCs9Q3Qdu vV1M6UtDgEJxiA== -----END CERTIFICATE-----Generated at Sun Dec 14 00:07:52 2025 by rpki-client