This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft File: UgX1htgmO7BtZAUPj0hMFOgDxLI.mft (raw, json) Hash identifier: neHqYEDjhmXIRT3GPhwYiNffVBzGhSukGYKmlzP2K7c= Subject key identifier: A7:04:52:B7:3A:A0:59:DF:B6:9E:2B:E9:DD:9C:6C:44:10:8B:63:5A Authority key identifier: 52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2 Certificate issuer: /CN=5205f586d8263bb06d64050f8f484c14e803c4b2 Certificate serial: 019B4A0386F297B45DEB5218C94F087D59C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft Manifest number: 0DCD Signing time: Tue 23 Dec 2025 07:01:43 +0000 Manifest this update: Tue 23 Dec 2025 07:01:43 +0000 Manifest next update: Wed 24 Dec 2025 07:01:43 +0000 Files and hashes: 1: UgX1htgmO7BtZAUPj0hMFOgDxLI.crl (hash: QmG7DDIW6adCk3WlZo3KQW1sPaBn+Oh0AI5Yo7se3DY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:86:f2:97:b4:5d:eb:52:18:c9:4f:08:7d:59:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5205f586d8263bb06d64050f8f484c14e803c4b2 Validity Not Before: Dec 23 07:01:43 2025 GMT Not After : Dec 24 07:01:43 2025 GMT Subject: CN=a70452b73aa059dfb69e2be9dd9c6c44108b635a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b4:20:30:90:ed:cd:37:75:ac:bd:2e:d8:99: d9:01:a5:3f:83:ba:e1:0b:e5:d2:db:88:a6:9b:d1: f5:7b:98:4d:b3:61:d4:24:e6:3c:b5:13:2f:2c:8c: de:1f:f4:8f:9f:61:ed:e9:09:64:58:ce:b7:b7:56: 4a:e7:87:da:fa:c0:8e:b6:9a:2c:08:e4:c4:c7:16: ef:14:fa:e6:69:54:0d:19:be:53:e9:0d:e4:cf:a1: bd:8d:eb:ea:b5:15:a3:80:5c:a4:0d:2f:f4:f4:20: 06:e3:43:07:ef:17:2f:ff:01:9d:ad:ab:6c:dd:5e: 45:6e:0b:32:23:33:a4:e6:3c:d3:44:5e:ec:8e:a4: d5:b4:b6:bc:e1:25:18:fc:0a:2b:c7:15:b6:24:11: 4b:54:96:1f:f7:5b:39:a8:e4:49:d3:6b:38:f2:3f: 2d:68:ba:91:31:36:7b:58:46:81:67:02:2a:0b:bc: 9d:1e:74:a5:b3:25:2d:ca:48:03:c9:c0:81:e5:d3: 30:a0:ba:0b:9f:be:b0:0b:66:96:2d:a1:8d:cb:78: aa:dc:2f:02:83:47:4f:0a:70:93:01:ec:dc:eb:58: ae:4b:dd:1b:34:7d:b2:c3:06:e7:d4:0d:5f:5d:ba: a1:de:43:cb:a6:f4:06:5b:48:68:d1:b3:e0:c2:5d: 58:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:04:52:B7:3A:A0:59:DF:B6:9E:2B:E9:DD:9C:6C:44:10:8B:63:5A X509v3 Authority Key Identifier: keyid:52:05:F5:86:D8:26:3B:B0:6D:64:05:0F:8F:48:4C:14:E8:03:C4:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgX1htgmO7BtZAUPj0hMFOgDxLI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/98ed86-fe7d-4011-afd3-0f2573eca2e4/1/UgX1htgmO7BtZAUPj0hMFOgDxLI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:fb:4f:38:ba:5f:67:cb:da:e0:b5:08:0a:55:99:8f:0e:49: ff:06:8e:23:fe:40:a4:57:1e:61:b6:6d:89:7f:3d:35:0a:16: 61:55:fe:f7:ec:bf:12:b1:74:1c:37:a3:a4:8f:c8:c4:61:d1: 7c:cb:90:73:22:b9:0f:f8:c6:3b:30:fe:8e:74:c7:46:89:69: d4:33:0d:86:56:83:c0:89:3d:b9:fa:02:e1:96:34:69:c9:fa: bc:14:67:f2:44:b1:88:69:59:4b:c4:ea:37:a5:d5:f8:a7:1f: aa:bd:bc:0b:03:d6:cf:15:bc:6f:6c:99:89:70:0e:96:66:40: c4:78:20:e1:5f:c5:c5:c2:dd:2f:26:96:74:eb:a2:41:ae:06: 99:fa:e6:2a:c9:00:23:0d:94:dc:46:6d:13:80:d9:b8:cb:83: 02:87:fe:60:c0:b7:10:a2:1d:f5:49:d2:05:57:fa:16:62:54: ae:48:5f:b1:24:2a:66:f9:3e:d3:00:9a:c4:02:f9:56:0b:91: f3:a9:af:b2:a6:6e:65:c9:7f:d6:73:f7:87:b9:5f:23:81:64: 26:6c:1b:44:48:5d:15:79:89:dc:c7:b7:eb:14:20:a2:38:6a: 16:06:dd:ca:8c:c0:58:95:22:ca:49:b7:5b:5f:a8:33:5a:29: b0:98:56:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA4byl7Rd61IYyU8IfVnBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyMDVmNTg2ZDgyNjNiYjA2ZDY0MDUwZjhmNDg0YzE0ZTgw M2M0YjIwHhcNMjUxMjIzMDcwMTQzWhcNMjUxMjI0MDcwMTQzWjAzMTEwLwYDVQQD EyhhNzA0NTJiNzNhYTA1OWRmYjY5ZTJiZTlkZDljNmM0NDEwOGI2MzVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7QgMJDtzTd1rL0u2JnZAaU/g7rh C+XS24imm9H1e5hNs2HUJOY8tRMvLIzeH/SPn2Ht6QlkWM63t1ZK54fa+sCOtpos COTExxbvFPrmaVQNGb5T6Q3kz6G9jevqtRWjgFykDS/09CAG40MH7xcv/wGdrats 3V5FbgsyIzOk5jzTRF7sjqTVtLa84SUY/AorxxW2JBFLVJYf91s5qORJ02s48j8t aLqRMTZ7WEaBZwIqC7ydHnSlsyUtykgDycCB5dMwoLoLn76wC2aWLaGNy3iq3C8C g0dPCnCTAezc61iuS90bNH2ywwbn1A1fXbqh3kPLpvQGW0ho0bPgwl1YrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKcEUrc6oFnftp4r6d2cbEQQi2NaMB8GA1UdIwQY MBaAFFIF9YbYJjuwbWQFD49ITBToA8SyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMt MGYyNTczZWNhMmU0LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi85OGVkODYtZmU3ZC00MDExLWFmZDMtMGYyNTczZWNhMmU0 LzEvVWdYMWh0Z21PN0J0WkFVUGowaE1GT2dEeExJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfftPOLpf Z8va4LUIClWZjw5J/waOI/5ApFceYbZtiX89NQoWYVX+9+y/ErF0HDejpI/IxGHR fMuQcyK5D/jGOzD+jnTHRolp1DMNhlaDwIk9ufoC4ZY0acn6vBRn8kSxiGlZS8Tq N6XV+Kcfqr28CwPWzxW8b2yZiXAOlmZAxHgg4V/FxcLdLyaWdOuiQa4GmfrmKskA Iw2U3EZtE4DZuMuDAof+YMC3EKId9UnSBVf6FmJUrkhfsSQqZvk+0wCaxAL5VguR 86mvsqZuZcl/1nP3h7lfI4FkJmwbREhdFXmJ3Me36xQgojhqFgbdyozAWJUiykm3 W1+oM1opsJhWmw== -----END CERTIFICATE-----Generated at Tue Dec 23 09:35:02 2025 by rpki-client