This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft File: USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json) Hash identifier: 5vwm5ENmoJ91tZiGkbVpJ52v9vJK30azxpRmEiOAVug= Subject key identifier: 60:53:15:17:53:F9:D8:8B:C0:4F:49:4B:46:3F:33:C7:BD:86:68:B4 Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27 Certificate issuer: /CN=51277bc38c12e042eddf56d7e75f50563c4bd227 Certificate serial: 019B4FCE6575C733BD88DD306056C10D4AAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft Manifest number: 178E Signing time: Wed 24 Dec 2025 10:01:24 +0000 Manifest this update: Wed 24 Dec 2025 10:01:24 +0000 Manifest next update: Thu 25 Dec 2025 10:01:24 +0000 Files and hashes: 1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: 4c884aKDpF0e7twXI53yOj+gnXRfHJSmJxQlrJWxiVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:ce:65:75:c7:33:bd:88:dd:30:60:56:c1:0d:4a:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227 Validity Not Before: Dec 24 10:01:24 2025 GMT Not After : Dec 25 10:01:24 2025 GMT Subject: CN=6053151753f9d88bc04f494b463f33c7bd8668b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:dc:5f:94:bd:3a:23:3a:ef:89:d1:db:33:5b: f4:e1:69:f4:44:36:45:b0:ae:cd:fb:ac:99:6a:76: 91:fb:ff:40:e1:52:b3:74:e3:d2:83:c0:16:27:e5: 9d:2d:17:87:ef:26:4d:1e:66:d5:4f:b5:96:55:66: 73:a2:fb:46:bc:45:c1:ca:b8:d6:8f:ea:cf:07:e6: 89:85:77:cc:63:0a:b6:ec:2d:06:80:c7:f8:cb:0c: 7c:a3:0e:95:6e:b1:68:e1:91:b0:f8:0c:90:b2:19: 43:81:cf:c8:63:05:b6:32:db:b4:e9:26:c2:1b:66: 83:cc:7c:42:01:1f:9d:f2:e9:b3:63:4e:16:23:3e: 3b:73:a4:87:e0:17:fe:42:11:ed:1b:a2:13:07:03: e5:f5:5b:c7:2f:49:a7:14:18:8a:2f:4e:45:77:45: c4:b0:a6:c2:31:1e:0e:f8:d4:af:fc:04:e4:0d:b5: 21:2d:4b:b7:c7:40:70:6a:9c:b4:58:65:c9:b0:9f: 63:9b:53:19:94:03:68:ca:c8:39:4c:71:d9:cd:17: 89:15:54:bc:4d:a7:dd:91:eb:f6:b4:fa:bc:6e:5d: 1e:54:63:73:ae:0b:c2:a5:92:2c:2f:4b:dd:4c:f1: ea:a3:29:18:e9:06:fc:73:98:b8:66:8a:a5:8a:63: 0e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:53:15:17:53:F9:D8:8B:C0:4F:49:4B:46:3F:33:C7:BD:86:68:B4 X509v3 Authority Key Identifier: keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:d3:5a:c8:d8:74:ab:16:c7:e8:1c:8b:41:3f:10:2b:b0:1b: 91:c5:e5:54:8a:73:c8:a8:fa:a3:01:03:8e:02:8f:7a:c0:fb: 37:82:17:21:29:74:00:1c:61:0d:ab:d9:17:71:4f:5c:f5:b8: 32:20:c7:2a:67:ee:3d:7b:d0:bc:b2:77:a0:59:65:0b:98:66: c4:ac:4a:b7:57:8a:84:49:ed:0f:60:5f:a8:95:e2:b6:77:f1: 44:11:6c:dc:0d:bf:3c:7c:69:07:56:a3:dc:97:32:f2:6e:56: 7c:d3:ac:14:11:c1:5e:c4:be:3a:a2:1f:2b:a5:dc:bb:ba:c6: 37:6d:f8:c0:60:83:d4:4d:72:0d:6b:09:3c:8f:ed:6b:4c:d7: 85:17:6e:18:6b:ad:9a:62:5c:a7:43:fe:c5:82:86:db:e9:36: 98:18:e8:f7:fd:bd:11:4a:0f:c4:e8:6c:5c:0c:c5:2a:7e:45: 1b:5d:3f:f3:ef:4a:85:a4:f8:48:69:fe:39:66:e3:7e:59:e7: 2f:54:b0:40:72:c5:b1:d2:24:24:ce:8f:41:ad:bc:4f:a8:2c: 51:37:80:fb:bc:4e:60:78:f7:9d:39:cd:71:af:60:00:11:66: 13:a0:2a:75:1a:21:0c:9f:89:d5:62:7f:de:58:21:4a:45:5b: 10:dd:1a:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzmV1xzO9iN0wYFbBDUqrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0 YmQyMjcwHhcNMjUxMjI0MTAwMTI0WhcNMjUxMjI1MTAwMTI0WjAzMTEwLwYDVQQD Eyg2MDUzMTUxNzUzZjlkODhiYzA0ZjQ5NGI0NjNmMzNjN2JkODY2OGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotxflL06IzrvidHbM1v04Wn0RDZF sK7N+6yZanaR+/9A4VKzdOPSg8AWJ+WdLReH7yZNHmbVT7WWVWZzovtGvEXByrjW j+rPB+aJhXfMYwq27C0GgMf4ywx8ow6VbrFo4ZGw+AyQshlDgc/IYwW2Mtu06SbC G2aDzHxCAR+d8umzY04WIz47c6SH4Bf+QhHtG6ITBwPl9VvHL0mnFBiKL05Fd0XE sKbCMR4O+NSv/ATkDbUhLUu3x0Bwapy0WGXJsJ9jm1MZlANoysg5THHZzReJFVS8 Tafdkev2tPq8bl0eVGNzrgvCpZIsL0vdTPHqoykY6Qb8c5i4ZoqlimMO+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGBTFRdT+diLwE9JS0Y/M8e9hmi0MB8GA1UdIwQY MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1 LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtNayNh0 qxbH6ByLQT8QK7AbkcXlVIpzyKj6owEDjgKPesD7N4IXISl0ABxhDavZF3FPXPW4 MiDHKmfuPXvQvLJ3oFllC5hmxKxKt1eKhEntD2BfqJXitnfxRBFs3A2/PHxpB1aj 3Jcy8m5WfNOsFBHBXsS+OqIfK6Xcu7rGN234wGCD1E1yDWsJPI/ta0zXhRduGGut mmJcp0P+xYKG2+k2mBjo9/29EUoPxOhsXAzFKn5FG10/8+9KhaT4SGn+OWbjflnn L1SwQHLFsdIkJM6PQa28T6gsUTeA+7xOYHj3nTnNca9gABFmE6AqdRohDJ+J1WJ/ 3lghSkVbEN0apw== -----END CERTIFICATE-----Generated at Wed Dec 24 15:01:37 2025 by rpki-client