This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft File: UB7eLUfXfhQKl78pidqCpYdzyMA.mft (raw, json) Hash identifier: IWK6C1a/HhxlS689Fdt9BKGfEKxbCR4OQoGLPzegOZ8= Subject key identifier: E2:3D:28:F8:2E:D6:54:F3:B5:D1:84:A6:DE:B9:1D:A4:37:D9:87:B4 Authority key identifier: 50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0 Certificate issuer: /CN=501ede2d47d77e140a97bf2989da82a58773c8c0 Certificate serial: 019B68E8EC33D4BDFBE1A8669DA246977E2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft Manifest number: 0E84 Signing time: Mon 29 Dec 2025 07:00:53 +0000 Manifest this update: Mon 29 Dec 2025 07:00:53 +0000 Manifest next update: Tue 30 Dec 2025 07:00:53 +0000 Files and hashes: 1: UB7eLUfXfhQKl78pidqCpYdzyMA.crl (hash: UnxhoG/DyiTfxtEyZbr2tHEiZ4miDaw8f3oUJ4HpYwc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e8:ec:33:d4:bd:fb:e1:a8:66:9d:a2:46:97:7e:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=501ede2d47d77e140a97bf2989da82a58773c8c0 Validity Not Before: Dec 29 07:00:53 2025 GMT Not After : Dec 30 07:00:53 2025 GMT Subject: CN=e23d28f82ed654f3b5d184a6deb91da437d987b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:5e:bc:3f:a2:a1:40:1d:f4:7c:26:5e:2f:20: e3:63:5f:3a:90:b8:f5:7c:8e:a1:23:6f:da:1a:8c: 05:5f:f4:bf:3a:9a:3b:a8:5a:ba:7f:0d:b7:38:ea: c9:9d:e7:38:75:60:22:78:be:07:41:b9:09:d7:5a: dc:cc:a4:b5:39:03:41:30:1f:96:ab:86:ee:83:9a: 7a:83:02:61:81:a1:a3:4c:50:8f:f2:57:5b:75:2a: 18:6e:fd:09:c0:f2:1a:68:f6:20:7f:8a:1c:df:d7: 4a:f0:e4:8b:ee:13:2c:4d:15:7e:4b:03:ee:14:8f: 15:ff:d8:a3:48:87:af:73:db:6b:74:2a:9e:ae:57: e5:11:09:7a:b6:c2:42:c8:ad:ab:36:7f:d7:30:86: 2c:70:9e:9b:09:88:7b:42:52:da:d9:7c:78:68:39: 66:2d:5d:6f:2b:46:b2:c4:4e:85:c3:46:bb:56:6a: 5c:e1:97:a7:0c:97:d1:9e:22:b7:a2:68:9c:cf:cc: 28:fa:46:47:68:0c:26:0b:a6:e6:62:40:b7:c4:1a: ff:d5:8b:06:81:99:0c:af:da:19:bc:c1:98:bc:bb: da:d0:56:36:cd:46:3c:a1:9d:d6:04:62:1f:6c:cf: 18:20:81:7e:6f:28:7e:99:43:7c:79:30:ee:3a:a2: 53:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:3D:28:F8:2E:D6:54:F3:B5:D1:84:A6:DE:B9:1D:A4:37:D9:87:B4 X509v3 Authority Key Identifier: keyid:50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:04:a4:29:c5:2c:60:6e:23:81:07:c6:0a:39:42:b5:47:77: 43:02:eb:7e:45:10:e5:06:fe:3f:61:f4:bc:55:d3:3e:14:8f: 22:49:b6:89:2b:49:0f:4a:88:56:0c:f9:d3:1e:2c:bb:2c:ef: 23:a8:41:51:f0:65:63:a1:d0:10:92:6f:4f:4b:08:38:92:31: fe:e2:e8:be:09:1e:3c:a4:94:16:2d:6f:74:51:ec:c0:ef:94: ca:0b:f5:be:59:9a:6f:94:9f:4a:31:e3:84:94:cc:5e:99:de: a2:50:e8:27:3d:37:54:ea:39:7d:a8:1c:48:39:2e:83:84:f0: f2:8e:af:31:16:14:fb:a5:ce:eb:e5:44:1c:82:f6:98:b8:74: a6:a4:a4:06:23:dc:71:4f:78:db:56:9d:ed:05:1f:9f:73:fc: 49:f8:0d:17:17:15:a3:12:d6:22:15:5f:43:1e:49:2f:9f:07: 1c:3a:0b:4f:81:b6:52:60:92:b5:f8:e8:10:8d:a3:37:b2:b3: bc:b5:fc:83:ee:09:64:53:42:22:70:6f:ce:90:56:59:5f:85: 38:29:50:27:3d:a7:20:16:f4:e1:d7:af:43:c1:8d:ee:47:d8: d3:3e:8d:6e:0a:09:84:6c:1a:9b:d6:73:06:e3:17:87:03:af: 15:6d:7d:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6Owz1L374ahmnaJGl34tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwMWVkZTJkNDdkNzdlMTQwYTk3YmYyOTg5ZGE4MmE1ODc3 M2M4YzAwHhcNMjUxMjI5MDcwMDUzWhcNMjUxMjMwMDcwMDUzWjAzMTEwLwYDVQQD EyhlMjNkMjhmODJlZDY1NGYzYjVkMTg0YTZkZWI5MWRhNDM3ZDk4N2I0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy168P6KhQB30fCZeLyDjY186kLj1 fI6hI2/aGowFX/S/Opo7qFq6fw23OOrJnec4dWAieL4HQbkJ11rczKS1OQNBMB+W q4bug5p6gwJhgaGjTFCP8ldbdSoYbv0JwPIaaPYgf4oc39dK8OSL7hMsTRV+SwPu FI8V/9ijSIevc9trdCqerlflEQl6tsJCyK2rNn/XMIYscJ6bCYh7QlLa2Xx4aDlm LV1vK0ayxE6Fw0a7Vmpc4ZenDJfRniK3omicz8wo+kZHaAwmC6bmYkC3xBr/1YsG gZkMr9oZvMGYvLva0FY2zUY8oZ3WBGIfbM8YIIF+byh+mUN8eTDuOqJTQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOI9KPgu1lTztdGEpt65HaQ32Ye0MB8GA1UdIwQY MBaAFFAe3i1H134UCpe/KYnagqWHc8jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEt MTJlZGQwZTBkMjFiLzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEtMTJlZGQwZTBkMjFi LzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQSkKcUs YG4jgQfGCjlCtUd3QwLrfkUQ5Qb+P2H0vFXTPhSPIkm2iStJD0qIVgz50x4suyzv I6hBUfBlY6HQEJJvT0sIOJIx/uLovgkePKSUFi1vdFHswO+Uygv1vlmab5SfSjHj hJTMXpneolDoJz03VOo5fagcSDkug4Tw8o6vMRYU+6XO6+VEHIL2mLh0pqSkBiPc cU9421ad7QUfn3P8SfgNFxcVoxLWIhVfQx5JL58HHDoLT4G2UmCStfjoEI2jN7Kz vLX8g+4JZFNCInBvzpBWWV+FOClQJz2nIBb04devQ8GN7kfY0z6NbgoJhGwam9Zz BuMXhwOvFW198g== -----END CERTIFICATE-----Generated at Mon Dec 29 10:01:32 2025 by rpki-client