This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft File: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft (raw, json) Hash identifier: pSI0QQRNtuXIdsXohewMlUtYfystd0IBxvFLSVJTqP4= Subject key identifier: 98:F5:44:42:21:2F:5C:DE:E6:A8:B8:80:85:3A:24:B7:33:F6:EB:51 Authority key identifier: 53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA Certificate issuer: /CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea Certificate serial: 019B21E336066CE4EAB973344372F38C8B88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft Manifest number: 075D Signing time: Mon 15 Dec 2025 12:01:37 +0000 Manifest this update: Mon 15 Dec 2025 12:01:37 +0000 Manifest next update: Tue 16 Dec 2025 12:01:37 +0000 Files and hashes: 1: HoEt4y6zf8w5L0OHd11vl-inukI.roa (hash: 470AufFFRZgA9ydBk/s9OXGNkkDkg7YffxaoQosYMko=) 2: U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl (hash: epQu6fXGXSsH9h60ldA1jl3djN7kKp7tlOT6TIzM/as=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 12:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:e3:36:06:6c:e4:ea:b9:73:34:43:72:f3:8c:8b:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53eaa19ca27a6f57f2cbb4e463720b436af17dea Validity Not Before: Dec 15 12:01:37 2025 GMT Not After : Dec 16 12:01:37 2025 GMT Subject: CN=98f54442212f5cdee6a8b880853a24b733f6eb51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f7:68:68:f0:d8:bc:87:51:9f:49:cb:be:fc: b3:6a:2c:ad:f3:5e:6c:33:11:90:be:6f:36:e3:52: f4:79:03:ed:43:9c:2b:20:62:b5:c6:2e:f5:40:31: c2:b5:31:53:88:8e:c8:fe:ec:ac:19:06:e4:67:7c: c0:4b:2b:e3:75:23:c6:6d:a8:2e:35:1e:ef:87:05: 7e:b1:e2:d7:6f:eb:42:c4:0f:55:91:a6:80:8e:5c: f0:45:1d:28:06:bc:8d:e1:a6:15:6e:c2:dd:ef:d6: a8:f9:5b:94:44:e4:82:e7:f3:4c:49:e5:4f:35:e4: d8:ca:02:da:ca:1c:d1:06:08:19:a6:29:f9:50:c8: ef:6f:4c:aa:2f:fe:84:64:b2:f8:f3:4e:50:77:04: 98:ab:f6:d2:b2:ac:0f:59:6a:20:3a:b7:53:0a:80: 49:14:f5:36:d8:5b:b7:3f:ef:23:d8:2f:68:c8:60: ea:7d:c5:b3:9f:d7:16:b2:ac:ac:c3:21:92:49:52: b8:02:f7:bd:ce:72:fd:f1:d7:64:82:8e:fe:11:cb: 66:fa:35:ec:03:e2:22:d0:b5:ad:85:34:b4:79:2a: e5:d1:10:62:6c:aa:44:16:05:11:4f:14:91:6a:18: 62:74:0e:18:83:e4:df:99:b0:26:9c:db:22:d3:53: 60:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:F5:44:42:21:2F:5C:DE:E6:A8:B8:80:85:3A:24:B7:33:F6:EB:51 X509v3 Authority Key Identifier: keyid:53:EA:A1:9C:A2:7A:6F:57:F2:CB:B4:E4:63:72:0B:43:6A:F1:7D:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/0d3b2b-e304-4d61-b6d0-27e8f4f1c684/1/U-qhnKJ6b1fyy7TkY3ILQ2rxfeo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:cf:dc:70:03:09:e4:d5:58:b1:bb:97:7a:b7:8e:24:44:ba: 3d:47:18:76:77:cf:97:65:7b:bf:5e:e4:d6:a8:da:48:9b:6e: 07:5d:79:7d:6c:8e:f8:d9:3a:54:75:d2:2b:55:95:42:20:14: f0:e5:5c:13:53:41:15:f6:2d:99:81:21:34:d4:c0:4c:60:6a: e6:94:06:ed:31:1b:bb:61:ea:bb:d2:6b:80:83:9b:b3:0a:cb: a4:c3:91:c9:af:0b:10:e8:dc:ff:60:70:71:61:38:89:c1:be: 5f:f8:55:9a:0a:6a:f2:99:89:29:ed:9a:18:de:4f:4a:22:cf: 8e:03:c5:a3:3f:69:b3:09:67:e5:6d:f7:d7:68:bc:14:c0:ee: 7a:e7:c0:77:96:b7:01:d0:b8:81:10:61:33:a5:93:e6:3b:32: 74:b6:d4:a1:33:66:58:49:57:ec:eb:e4:78:c7:59:09:77:13: b5:4f:7a:60:aa:a9:3e:0a:48:97:c5:f8:5c:d7:92:d1:4f:cc: 74:01:eb:e9:d6:04:2c:31:f6:d2:f6:f8:01:a9:c0:c8:26:6b: 68:0e:fb:4f:cb:51:11:9d:ac:72:19:cc:a1:f0:8b:b1:ab:cb: 52:24:8a:69:d6:fa:3a:31:85:6d:13:50:a0:ef:a5:06:ae:6a: d6:35:bb:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsh4zYGbOTquXM0Q3LzjIuIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzZWFhMTljYTI3YTZmNTdmMmNiYjRlNDYzNzIwYjQzNmFm MTdkZWEwHhcNMjUxMjE1MTIwMTM3WhcNMjUxMjE2MTIwMTM3WjAzMTEwLwYDVQQD Eyg5OGY1NDQ0MjIxMmY1Y2RlZTZhOGI4ODA4NTNhMjRiNzMzZjZlYjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvdoaPDYvIdRn0nLvvyzaiyt815s MxGQvm8241L0eQPtQ5wrIGK1xi71QDHCtTFTiI7I/uysGQbkZ3zASyvjdSPGbagu NR7vhwV+seLXb+tCxA9VkaaAjlzwRR0oBryN4aYVbsLd79ao+VuUROSC5/NMSeVP NeTYygLayhzRBggZpin5UMjvb0yqL/6EZLL4805QdwSYq/bSsqwPWWogOrdTCoBJ FPU22Fu3P+8j2C9oyGDqfcWzn9cWsqyswyGSSVK4Ave9znL98ddkgo7+Ectm+jXs A+Ii0LWthTS0eSrl0RBibKpEFgURTxSRahhidA4Yg+TfmbAmnNsi01Ng2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJj1REIhL1ze5qi4gIU6JLcz9utRMB8GA1UdIwQY MBaAFFPqoZyiem9X8su05GNyC0Nq8X3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAt MjdlOGY0ZjFjNjg0LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy8wZDNiMmItZTMwNC00ZDYxLWI2ZDAtMjdlOGY0ZjFjNjg0 LzEvVS1xaG5LSjZiMWZ5eTdUa1kzSUxRMnJ4ZmVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASs/ccAMJ 5NVYsbuXereOJES6PUcYdnfPl2V7v17k1qjaSJtuB115fWyO+Nk6VHXSK1WVQiAU 8OVcE1NBFfYtmYEhNNTATGBq5pQG7TEbu2Hqu9JrgIObswrLpMORya8LEOjc/2Bw cWE4icG+X/hVmgpq8pmJKe2aGN5PSiLPjgPFoz9pswln5W3312i8FMDueufAd5a3 AdC4gRBhM6WT5jsydLbUoTNmWElX7OvkeMdZCXcTtU96YKqpPgpIl8X4XNeS0U/M dAHr6dYELDH20vb4AanAyCZraA77T8tREZ2schnMofCLsavLUiSKadb6OjGFbRNQ oO+lBq5q1jW7JA== -----END CERTIFICATE-----Generated at Mon Dec 15 16:51:29 2025 by rpki-client