This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft File: U3XfISulmO4KW_aAsh9QxPx9aOE.mft (raw, json) Hash identifier: NZnNOjHa8mHGvyp3PEmRyCcawKKXMHoiQ+cBcgA6BB4= Subject key identifier: 0D:59:03:3B:86:36:74:97:15:59:D9:D6:9E:C1:DE:FD:36:14:D9:6B Authority key identifier: 53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1 Certificate issuer: /CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1 Certificate serial: 019B334428893CB5D0E087CA7E4E49AFAC45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft Manifest number: 0F1D Signing time: Thu 18 Dec 2025 21:01:03 +0000 Manifest this update: Thu 18 Dec 2025 21:01:03 +0000 Manifest next update: Fri 19 Dec 2025 21:01:03 +0000 Files and hashes: 1: U3XfISulmO4KW_aAsh9QxPx9aOE.crl (hash: PNr8z2KxhrKzvMVRyFNyKK7eqWBlIeNg5Z3PyNC/ZIg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:28:89:3c:b5:d0:e0:87:ca:7e:4e:49:af:ac:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5375df212ba598ee0a5bf680b21f50c4fc7d68e1 Validity Not Before: Dec 18 21:01:03 2025 GMT Not After : Dec 19 21:01:03 2025 GMT Subject: CN=0d59033b863674971559d9d69ec1defd3614d96b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:5a:f5:75:43:17:76:0a:9a:b5:70:86:e7:41: aa:d1:4d:1e:68:c2:aa:29:fb:98:0b:47:ab:0a:e8: 10:d9:21:31:dc:59:97:c3:4c:54:b1:1a:17:3e:ad: 91:8e:dc:6e:09:b8:f1:67:96:98:a1:28:5b:14:63: 98:f5:c7:dd:cc:e4:13:1f:5b:6d:ec:37:62:ac:d4: 8a:84:06:54:4d:61:8b:6c:f4:a8:5c:27:1d:47:88: 48:80:f5:14:ff:d0:6c:7b:07:b5:bf:19:fc:94:f2: 01:4f:5c:d4:34:4e:3c:af:04:3f:ce:1d:9e:20:fa: 5e:e8:8b:b7:48:04:07:9d:f1:24:86:65:b8:3f:27: 9a:5e:e5:4a:2a:f2:5d:1a:69:a1:37:dc:74:9e:97: f8:fe:b9:bc:9b:8e:2e:03:58:12:0e:1e:2f:6e:ac: 4a:51:e0:4c:14:d3:5f:a7:4d:95:29:bd:bb:9b:85: ab:e8:c7:f5:dc:1e:c5:f1:04:46:65:98:b6:22:8f: 07:99:e2:eb:ed:b1:63:9c:7e:b4:44:fe:ea:2d:de: c4:9e:37:43:24:60:0a:39:a6:2e:77:9d:ee:24:fc: a7:4b:68:f8:3d:5a:1e:bd:bd:b0:3f:f7:b8:dd:14: 44:d3:7e:47:a7:fd:7a:da:fc:76:52:9e:37:f1:12: 1e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:59:03:3B:86:36:74:97:15:59:D9:D6:9E:C1:DE:FD:36:14:D9:6B X509v3 Authority Key Identifier: keyid:53:75:DF:21:2B:A5:98:EE:0A:5B:F6:80:B2:1F:50:C4:FC:7D:68:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3XfISulmO4KW_aAsh9QxPx9aOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c4fb00-39c5-48a5-903b-252fd967bfcc/1/U3XfISulmO4KW_aAsh9QxPx9aOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:b3:93:b5:99:a9:0c:7f:65:5b:d2:15:4b:8c:60:85:71:85: ad:cd:21:3e:4b:d9:d3:71:78:cb:29:49:7c:d9:a7:63:85:6d: 56:cc:0e:e1:90:10:1f:66:29:1b:b9:c7:0e:4e:70:0d:d2:50: 24:ce:52:a1:b2:56:31:cc:d1:61:28:2a:af:e7:e7:04:92:17: b0:22:69:4e:be:89:72:f7:60:87:72:d6:35:62:7a:22:cb:13: 74:61:ce:6f:3f:81:d3:01:8f:3f:d8:90:1b:d5:07:80:4a:0f: fa:9e:80:b3:07:a1:66:fc:9b:f3:e3:d7:e9:40:55:e9:d7:c2: 6c:8c:6e:f4:d5:14:f0:d2:a7:28:82:27:0e:f9:8b:37:68:09: 42:87:ed:d3:9b:c1:69:a1:f7:5e:79:ea:9a:76:e6:6b:60:49: 04:e3:e8:99:c2:f3:31:70:72:fd:6e:2b:3b:34:6c:f6:a0:4d: 09:1f:fb:51:2f:8d:4d:bc:1d:b6:3a:b2:4a:6f:b9:e2:4a:bf: 73:c7:a8:05:77:63:e2:be:c6:fc:cd:f3:0e:61:68:00:54:bd: 01:85:4c:f0:b3:a8:71:39:4a:a4:22:8a:6b:91:fa:23:84:e6: 15:3e:7d:f0:34:65:ec:36:b1:a6:36:22:e7:50:bf:3d:17:ca: 39:ef:0e:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRCiJPLXQ4IfKfk5Jr6xFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNzVkZjIxMmJhNTk4ZWUwYTViZjY4MGIyMWY1MGM0ZmM3 ZDY4ZTEwHhcNMjUxMjE4MjEwMTAzWhcNMjUxMjE5MjEwMTAzWjAzMTEwLwYDVQQD EygwZDU5MDMzYjg2MzY3NDk3MTU1OWQ5ZDY5ZWMxZGVmZDM2MTRkOTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlr1dUMXdgqatXCG50Gq0U0eaMKq KfuYC0erCugQ2SEx3FmXw0xUsRoXPq2RjtxuCbjxZ5aYoShbFGOY9cfdzOQTH1tt 7DdirNSKhAZUTWGLbPSoXCcdR4hIgPUU/9Bsewe1vxn8lPIBT1zUNE48rwQ/zh2e IPpe6Iu3SAQHnfEkhmW4PyeaXuVKKvJdGmmhN9x0npf4/rm8m44uA1gSDh4vbqxK UeBMFNNfp02VKb27m4Wr6Mf13B7F8QRGZZi2Io8HmeLr7bFjnH60RP7qLd7EnjdD JGAKOaYud53uJPynS2j4PVoevb2wP/e43RRE035Hp/162vx2Up438RIe2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1ZAzuGNnSXFVnZ1p7B3v02FNlrMB8GA1UdIwQY MBaAFFN13yErpZjuClv2gLIfUMT8fWjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2It MjUyZmQ5NjdiZmNjLzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9jNGZiMDAtMzljNS00OGE1LTkwM2ItMjUyZmQ5NjdiZmNj LzEvVTNYZklTdWxtTzRLV19hQXNoOVF4UHg5YU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbOTtZmp DH9lW9IVS4xghXGFrc0hPkvZ03F4yylJfNmnY4VtVswO4ZAQH2YpG7nHDk5wDdJQ JM5SobJWMczRYSgqr+fnBJIXsCJpTr6Jcvdgh3LWNWJ6IssTdGHObz+B0wGPP9iQ G9UHgEoP+p6AswehZvyb8+PX6UBV6dfCbIxu9NUU8NKnKIInDvmLN2gJQoft05vB aaH3Xnnqmnbma2BJBOPomcLzMXBy/W4rOzRs9qBNCR/7US+NTbwdtjqySm+54kq/ c8eoBXdj4r7G/M3zDmFoAFS9AYVM8LOocTlKpCKKa5H6I4TmFT598DRl7DaxpjYi 51C/PRfKOe8OWg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:12:21 2025 by rpki-client