This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft File: uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json) Hash identifier: L/9pqzNfdmcgC2EXqjFWg/laOvNbvglkE9wXGhZHrLc= Subject key identifier: 34:C3:41:BA:04:79:3D:39:3D:C7:AA:5C:B2:0C:C0:2D:A5:BF:0E:B0 Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E Certificate issuer: /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e Certificate serial: 019B5A8857378E224877FBAC12368F0454D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft Manifest number: 0719 Signing time: Fri 26 Dec 2025 12:00:43 +0000 Manifest this update: Fri 26 Dec 2025 12:00:43 +0000 Manifest next update: Sat 27 Dec 2025 12:00:43 +0000 Files and hashes: 1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: tVulsWO7pRqm2jnk3yqgr0v0OoJrb9am/L4a6YbW/nY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:57:37:8e:22:48:77:fb:ac:12:36:8f:04:54:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e Validity Not Before: Dec 26 12:00:43 2025 GMT Not After : Dec 27 12:00:43 2025 GMT Subject: CN=34c341ba04793d393dc7aa5cb20cc02da5bf0eb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:aa:c1:7d:8a:f0:26:d1:6b:08:2b:28:11:82: 31:c6:a6:ec:66:0e:78:86:fc:71:4e:bb:70:70:f5: 3e:15:d9:25:07:a3:f2:6f:c8:ea:60:c6:f7:c5:f6: 4a:04:b4:e7:5e:22:be:69:79:6a:dd:f6:b6:d8:0a: 67:ef:20:f8:ed:be:17:15:79:64:da:a2:8b:35:ef: 4b:6d:42:b1:d3:bc:83:ab:33:f6:52:a5:4d:8f:d9: cc:30:a0:58:97:4e:7b:29:a5:58:c5:be:65:43:17: 12:5e:78:dd:9c:97:b7:71:44:4f:91:cd:9b:d4:48: 41:4e:90:0a:11:f0:13:b9:57:8f:76:3c:47:89:33: 0b:9a:5c:9a:82:6e:97:41:bd:21:f8:c2:e9:8e:4e: c5:d2:48:ae:71:4c:22:9b:d7:f5:fd:e8:7c:82:64: 6c:46:f9:b0:bb:50:0e:8f:04:6e:09:a6:95:da:44: 8d:f7:da:ce:e1:0a:a3:c3:a4:69:d8:7d:31:fd:3b: 55:14:4c:33:af:cf:ac:38:18:c0:19:bb:62:8e:fb: c4:ed:e3:17:50:1d:7c:86:4e:97:d8:fa:f1:9c:79: 73:d9:64:89:5e:23:5c:78:30:c5:45:c4:5b:37:3d: 6e:f9:01:fb:67:cd:d2:ca:93:b4:2b:e7:f3:0b:d6: 00:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:C3:41:BA:04:79:3D:39:3D:C7:AA:5C:B2:0C:C0:2D:A5:BF:0E:B0 X509v3 Authority Key Identifier: keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:5d:83:e7:eb:63:a4:df:33:2f:8e:dd:3d:e7:9d:13:88:4f: 27:76:56:f9:d2:91:36:8c:4d:b2:7c:cb:f5:6d:70:a5:b8:30: 77:fc:23:8a:3d:56:f6:60:2e:a7:ea:80:58:9c:ef:59:fc:3d: aa:9b:c9:47:f6:52:7f:e0:9b:a0:77:36:e5:dc:e3:f0:da:6b: bd:85:31:c4:f9:86:57:a0:91:ee:b9:04:c0:a9:37:cb:d8:ff: 3c:35:b7:8c:55:d2:8d:af:77:e9:b6:18:b0:f8:26:0d:dd:9c: 68:ee:f0:14:e9:a3:e9:fa:25:a2:66:1a:4b:2f:e1:02:b3:31: 60:5d:b3:67:27:1b:39:2d:db:c6:97:b2:c3:d7:90:7d:ef:33: d3:88:0c:6a:62:34:3e:05:18:5a:29:6c:40:b9:47:40:fd:e0: 53:5c:84:9d:16:32:4a:76:43:3a:0e:97:b3:51:74:7d:d3:69: a0:93:96:99:0e:32:be:43:df:3f:23:d9:f0:f8:2b:4d:b9:87: 66:10:57:83:fb:a1:38:73:f8:cc:7a:41:6c:04:cb:14:79:36: 5c:7b:fb:0b:cb:ea:a7:b8:c8:57:83:4b:86:d8:9a:0b:cf:02: b4:55:b9:d2:fb:7d:d9:4e:98:44:79:95:5e:03:95:f1:a0:ac: 85:db:b0:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiFc3jiJId/usEjaPBFTYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2 ODExOGUwHhcNMjUxMjI2MTIwMDQzWhcNMjUxMjI3MTIwMDQzWjAzMTEwLwYDVQQD EygzNGMzNDFiYTA0NzkzZDM5M2RjN2FhNWNiMjBjYzAyZGE1YmYwZWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKrBfYrwJtFrCCsoEYIxxqbsZg54 hvxxTrtwcPU+FdklB6Pyb8jqYMb3xfZKBLTnXiK+aXlq3fa22Apn7yD47b4XFXlk 2qKLNe9LbUKx07yDqzP2UqVNj9nMMKBYl057KaVYxb5lQxcSXnjdnJe3cURPkc2b 1EhBTpAKEfATuVePdjxHiTMLmlyagm6XQb0h+MLpjk7F0kiucUwim9f1/eh8gmRs Rvmwu1AOjwRuCaaV2kSN99rO4Qqjw6Rp2H0x/TtVFEwzr8+sOBjAGbtijvvE7eMX UB18hk6X2PrxnHlz2WSJXiNceDDFRcRbNz1u+QH7Z83SypO0K+fzC9YAKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDTDQboEeT05PceqXLIMwC2lvw6wMB8GA1UdIwQY MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAl2D5+tj pN8zL47dPeedE4hPJ3ZW+dKRNoxNsnzL9W1wpbgwd/wjij1W9mAup+qAWJzvWfw9 qpvJR/ZSf+CboHc25dzj8NprvYUxxPmGV6CR7rkEwKk3y9j/PDW3jFXSja936bYY sPgmDd2caO7wFOmj6folomYaSy/hArMxYF2zZycbOS3bxpeyw9eQfe8z04gMamI0 PgUYWilsQLlHQP3gU1yEnRYySnZDOg6Xs1F0fdNpoJOWmQ4yvkPfPyPZ8PgrTbmH ZhBXg/uhOHP4zHpBbATLFHk2XHv7C8vqp7jIV4NLhtiaC88CtFW50vt92U6YRHmV XgOV8aCshduw+w== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:28 2025 by rpki-client