This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.mft File: uqWupvGAqaitmEU17S5kvPyz_ho.mft (raw, json) Hash identifier: Nz5rvtTKgYtI3UoCSF6IvOeXWHWUYOO+xR2W+lnPlu0= Subject key identifier: C5:66:AF:21:C3:58:0B:6F:C8:CB:82:30:F0:10:F5:5E:DD:20:40:9C Authority key identifier: BA:A5:AE:A6:F1:80:A9:A8:AD:98:45:35:ED:2E:64:BC:FC:B3:FE:1A Certificate issuer: /CN=baa5aea6f180a9a8ad984535ed2e64bcfcb3fe1a Certificate serial: 019B3D22FD4DFE5BA14ACD5689A64A7FB069 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqWupvGAqaitmEU17S5kvPyz_ho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.mft Manifest number: 0F7C Signing time: Sat 20 Dec 2025 19:01:01 +0000 Manifest this update: Sat 20 Dec 2025 19:01:01 +0000 Manifest next update: Sun 21 Dec 2025 19:01:01 +0000 Files and hashes: 1: CsvQEVK-EVJUj9O9Oyr9a1ZVDj8.roa (hash: KNjghiY6hSTnyBcRx4J/plbhEv6EisGMOlJT9AxkWNs=) 2: uqWupvGAqaitmEU17S5kvPyz_ho.crl (hash: t1OFlYklOm3tE1NcT6D+UjJVSKUTNZaJitKBCsWpp+Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.mft rsync://rpki.ripe.net/repository/DEFAULT/uqWupvGAqaitmEU17S5kvPyz_ho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:fd:4d:fe:5b:a1:4a:cd:56:89:a6:4a:7f:b0:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=baa5aea6f180a9a8ad984535ed2e64bcfcb3fe1a Validity Not Before: Dec 20 19:01:01 2025 GMT Not After : Dec 21 19:01:01 2025 GMT Subject: CN=c566af21c3580b6fc8cb8230f010f55edd20409c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:0e:1f:c7:0e:4e:02:eb:54:13:52:14:13:7a: 69:4d:30:87:e9:3d:c8:47:a8:d2:3b:0a:59:cf:ac: af:4e:be:67:18:ee:53:ea:60:9b:08:29:07:77:42: 81:92:99:0c:c7:59:8d:64:6e:44:43:1a:52:5d:2b: e3:05:8f:9e:85:08:27:7e:a0:34:af:86:04:ad:bd: f8:08:87:6d:39:b0:32:fa:1c:35:48:6b:2f:ee:7f: 91:d9:67:fc:44:15:4f:8d:01:9d:eb:f9:09:f5:ba: b8:b0:35:91:56:44:dd:b6:2f:5f:af:a8:7b:f5:eb: ec:d0:6e:d3:07:2a:05:27:c4:8b:d6:55:f6:a9:c7: 97:1a:59:48:7f:86:c2:0f:c4:ab:14:22:59:53:10: c6:01:0b:56:4d:01:49:ae:53:96:9f:b5:4a:70:57: 64:2a:53:87:16:d7:4e:3d:f9:2f:2f:d4:e9:4d:da: fe:b4:6b:a6:07:f9:8f:f2:37:6b:4e:02:e7:d7:b8: 9e:e3:02:37:78:3c:01:f1:4f:39:3f:1e:d6:1b:e4: e0:0e:5c:69:e4:82:b2:13:8f:3a:52:38:6a:f6:ce: 7c:9f:c0:69:59:97:d6:cc:e8:b6:32:81:c9:21:62: 4a:f0:40:b4:8b:51:2f:17:12:ed:25:39:65:55:8d: 80:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:66:AF:21:C3:58:0B:6F:C8:CB:82:30:F0:10:F5:5E:DD:20:40:9C X509v3 Authority Key Identifier: keyid:BA:A5:AE:A6:F1:80:A9:A8:AD:98:45:35:ED:2E:64:BC:FC:B3:FE:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqWupvGAqaitmEU17S5kvPyz_ho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/7f8f76-0d9d-46af-9bea-47e4e274cf64/1/uqWupvGAqaitmEU17S5kvPyz_ho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:c2:73:9c:72:01:68:ca:25:fb:cb:8e:b8:d1:4d:12:0c:db: 1f:c5:ab:c6:f0:ef:be:8f:c3:fa:3e:f8:ce:96:14:c2:0d:1a: 7c:2e:eb:5a:29:f8:69:8a:64:42:ce:1f:a9:84:0d:63:e4:80: d1:a0:a4:25:98:aa:06:4b:f8:8c:88:50:c4:64:29:a2:91:42: 5f:30:d5:62:d2:41:fb:53:4f:41:01:0a:1f:ac:4a:f8:26:cb: 99:43:a0:f4:a1:ff:c1:67:c4:a2:ad:ff:83:7c:74:01:56:91: 61:b2:66:20:42:b4:21:59:e3:b6:a5:82:90:9e:f1:0c:c1:0c: f7:80:cb:61:d1:2b:ca:bd:af:cc:51:09:a5:41:34:ed:1b:e0: 1c:2b:19:9e:99:80:2d:cb:51:4a:42:6b:8c:0e:41:87:91:a6: 11:0a:3d:5a:f4:61:3b:25:a3:13:86:66:90:4b:5e:e7:ba:db: 90:8a:d7:71:39:0d:f8:19:95:53:e0:3e:74:78:58:b0:9f:ae: a7:30:13:d8:ed:49:59:1f:ef:23:9e:e2:22:28:d1:1f:66:4e: e9:20:4f:9f:eb:68:a9:d8:ee:a8:ed:5d:d7:14:c7:d0:97:62: ce:f4:58:1a:48:0c:6f:f9:aa:3b:cf:8f:52:07:1a:67:80:e0: e8:86:4a:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Iv1N/luhSs1WiaZKf7BpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhYTVhZWE2ZjE4MGE5YThhZDk4NDUzNWVkMmU2NGJjZmNi M2ZlMWEwHhcNMjUxMjIwMTkwMTAxWhcNMjUxMjIxMTkwMTAxWjAzMTEwLwYDVQQD EyhjNTY2YWYyMWMzNTgwYjZmYzhjYjgyMzBmMDEwZjU1ZWRkMjA0MDljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig4fxw5OAutUE1IUE3ppTTCH6T3I R6jSOwpZz6yvTr5nGO5T6mCbCCkHd0KBkpkMx1mNZG5EQxpSXSvjBY+ehQgnfqA0 r4YErb34CIdtObAy+hw1SGsv7n+R2Wf8RBVPjQGd6/kJ9bq4sDWRVkTdti9fr6h7 9evs0G7TByoFJ8SL1lX2qceXGllIf4bCD8SrFCJZUxDGAQtWTQFJrlOWn7VKcFdk KlOHFtdOPfkvL9TpTdr+tGumB/mP8jdrTgLn17ie4wI3eDwB8U85Px7WG+TgDlxp 5IKyE486Ujhq9s58n8BpWZfWzOi2MoHJIWJK8EC0i1EvFxLtJTllVY2AiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMVmryHDWAtvyMuCMPAQ9V7dIECcMB8GA1UdIwQY MBaAFLqlrqbxgKmorZhFNe0uZLz8s/4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXFXdXB2R0FxYWl0bUVVMTdTNWt2UHl6X2hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83ZjhmNzYtMGQ5ZC00NmFmLTliZWEt NDdlNGUyNzRjZjY0LzEvdXFXdXB2R0FxYWl0bUVVMTdTNWt2UHl6X2hvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS83ZjhmNzYtMGQ5ZC00NmFmLTliZWEtNDdlNGUyNzRjZjY0 LzEvdXFXdXB2R0FxYWl0bUVVMTdTNWt2UHl6X2hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMJznHIB aMol+8uOuNFNEgzbH8WrxvDvvo/D+j74zpYUwg0afC7rWin4aYpkQs4fqYQNY+SA 0aCkJZiqBkv4jIhQxGQpopFCXzDVYtJB+1NPQQEKH6xK+CbLmUOg9KH/wWfEoq3/ g3x0AVaRYbJmIEK0IVnjtqWCkJ7xDMEM94DLYdEryr2vzFEJpUE07RvgHCsZnpmA LctRSkJrjA5Bh5GmEQo9WvRhOyWjE4ZmkEte57rbkIrXcTkN+BmVU+A+dHhYsJ+u pzAT2O1JWR/vI57iIijRH2ZO6SBPn+toqdjuqO1d1xTH0JdizvRYGkgMb/mqO8+P UgcaZ4Dg6IZK8Q== -----END CERTIFICATE-----Generated at Sun Dec 21 02:19:52 2025 by rpki-client