This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft File: CUSqrH8uuymBwkdj6z1gRe-9bwY.mft (raw, json) Hash identifier: CqaBvyWqtyV2+GSqazgClmCLJJAwGk+f4reT5qCavRo= Subject key identifier: 88:72:B7:47:8A:DA:7B:F9:AB:88:EB:20:6C:96:18:02:5D:7B:71:A6 Authority key identifier: 09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06 Certificate issuer: /CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06 Certificate serial: 019B115D46089B5E7A6DFCF54F77F17D8FA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft Manifest number: 0DB1 Signing time: Fri 12 Dec 2025 07:01:23 +0000 Manifest this update: Fri 12 Dec 2025 07:01:23 +0000 Manifest next update: Sat 13 Dec 2025 07:01:23 +0000 Files and hashes: 1: CUSqrH8uuymBwkdj6z1gRe-9bwY.crl (hash: sOzJkWh2xALCCgJCqC+wM/p5usQhS615vH6170kpGEE=) 2: U0OBxV0NmzWdhOROB_4XE_nOuxo.roa (hash: R0oHniHcgRLjr+xP295YEa+yjJ7+h87sW92ahFuO7CI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 07:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:5d:46:08:9b:5e:7a:6d:fc:f5:4f:77:f1:7d:8f:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06 Validity Not Before: Dec 12 07:01:23 2025 GMT Not After : Dec 13 07:01:23 2025 GMT Subject: CN=8872b7478ada7bf9ab88eb206c9618025d7b71a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:57:02:80:14:1e:f5:8f:e5:7f:42:e0:49:0d: b5:dc:73:2b:90:8b:7f:7f:71:5c:40:68:45:f8:97: b9:e5:f1:e0:c8:7c:e3:87:cd:71:e9:82:cd:25:41: e8:46:a5:5c:44:d1:6e:75:e8:7c:c7:13:db:35:48: 05:1f:eb:2b:29:95:6c:6d:6e:48:18:a6:06:6a:be: 08:fd:78:6a:79:40:24:b4:65:7f:2b:f8:a0:6f:31: 90:55:47:27:d4:72:71:df:97:ed:d6:32:7f:90:8f: 16:33:5c:01:e1:e4:42:64:5f:09:5d:96:7f:f5:3f: e7:97:f0:e6:45:e1:04:54:49:bf:68:8d:e4:f6:26: 38:4e:6b:11:88:47:cd:83:40:cd:31:9b:85:87:e6: a6:31:4f:1a:c9:4e:be:5f:78:6b:74:88:b1:bc:47: 60:0e:e3:1c:f6:3d:8c:79:5d:15:fe:22:72:3d:2a: 18:fb:8b:f6:74:ec:23:e6:18:63:69:d3:e0:9e:42: f4:4b:6f:d1:dc:d4:95:70:2d:d5:25:19:ea:75:8a: 27:d4:00:f3:46:63:d0:7b:97:56:9e:cd:9b:21:53: e8:a7:e6:f3:2b:c6:55:7c:11:04:15:d5:05:39:f8: 3c:fd:37:c3:ad:2b:07:ac:b8:97:6d:33:8f:76:42: 8e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:72:B7:47:8A:DA:7B:F9:AB:88:EB:20:6C:96:18:02:5D:7B:71:A6 X509v3 Authority Key Identifier: keyid:09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:04:4a:0c:04:99:6f:7a:62:b6:87:e9:1a:b7:11:3c:57:76: 34:08:ed:1d:93:39:99:09:c9:96:54:e9:1e:08:00:f3:cb:56: 8e:87:34:ea:b2:02:46:5c:11:1b:e5:7d:cc:b7:cf:49:2e:9b: 4d:60:1c:cf:37:bc:61:fb:b9:1c:cd:79:d1:6c:f5:4a:80:f5: 94:02:85:bb:7e:a0:3a:3f:98:2f:26:78:7b:cc:d7:b3:c4:a8: 70:93:6f:f2:d0:99:93:7d:4b:71:3b:a5:fc:98:05:a4:96:fe: 2e:f4:39:4d:f4:d5:07:38:a1:37:25:77:80:25:ef:e7:6b:d7: 7b:f3:39:2b:00:d6:85:e1:e5:1b:93:13:cf:70:84:84:97:cc: 00:90:1d:af:db:be:81:b1:0d:5c:78:f4:0f:a7:11:c6:b2:b3: 7d:b1:50:eb:e8:70:85:73:83:67:ec:97:a8:76:a2:00:a3:f4: 04:37:a1:17:3c:15:87:0b:be:7f:d3:21:8a:0f:3e:c9:1e:01: 5b:fe:8d:83:ea:16:89:df:f4:ff:59:c8:5c:45:e9:48:c3:25: b1:f9:98:43:0b:c5:3f:68:91:56:20:b8:4b:c7:0a:45:05:da: 71:97:6d:28:ab:da:2e:69:6b:ce:7c:61:72:70:88:82:ba:38: d9:1a:e1:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsRXUYIm156bfz1T3fxfY+oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NDRhYWFjN2YyZWJiMjk4MWMyNDc2M2ViM2Q2MDQ1ZWZi ZDZmMDYwHhcNMjUxMjEyMDcwMTIzWhcNMjUxMjEzMDcwMTIzWjAzMTEwLwYDVQQD Eyg4ODcyYjc0NzhhZGE3YmY5YWI4OGViMjA2Yzk2MTgwMjVkN2I3MWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1cCgBQe9Y/lf0LgSQ213HMrkIt/ f3FcQGhF+Je55fHgyHzjh81x6YLNJUHoRqVcRNFudeh8xxPbNUgFH+srKZVsbW5I GKYGar4I/XhqeUAktGV/K/igbzGQVUcn1HJx35ft1jJ/kI8WM1wB4eRCZF8JXZZ/ 9T/nl/DmReEEVEm/aI3k9iY4TmsRiEfNg0DNMZuFh+amMU8ayU6+X3hrdIixvEdg DuMc9j2MeV0V/iJyPSoY+4v2dOwj5hhjadPgnkL0S2/R3NSVcC3VJRnqdYon1ADz RmPQe5dWns2bIVPop+bzK8ZVfBEEFdUFOfg8/TfDrSsHrLiXbTOPdkKOBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIhyt0eK2nv5q4jrIGyWGAJde3GmMB8GA1UdIwQY MBaAFAlEqqx/LrspgcJHY+s9YEXvvW8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUt NjZjZDAxOTYxZTQ2LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUtNjZjZDAxOTYxZTQ2 LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcgRKDASZ b3pitofpGrcRPFd2NAjtHZM5mQnJllTpHggA88tWjoc06rICRlwRG+V9zLfPSS6b TWAczze8Yfu5HM150Wz1SoD1lAKFu36gOj+YLyZ4e8zXs8SocJNv8tCZk31LcTul /JgFpJb+LvQ5TfTVBzihNyV3gCXv52vXe/M5KwDWheHlG5MTz3CEhJfMAJAdr9u+ gbENXHj0D6cRxrKzfbFQ6+hwhXODZ+yXqHaiAKP0BDehFzwVhwu+f9Mhig8+yR4B W/6Ng+oWid/0/1nIXEXpSMMlsfmYQwvFP2iRViC4S8cKRQXacZdtKKvaLmlrznxh cnCIgro42Rrhrg== -----END CERTIFICATE-----Generated at Fri Dec 12 09:27:39 2025 by rpki-client