This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft File: U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft (raw, json) Hash identifier: GMfvus/5pm70T4TA8y1IXj1FNNeT12V68UGpm6ujBL4= Subject key identifier: 3A:D2:0A:92:65:95:F0:E3:AE:C4:FE:ED:5B:BA:9E:5E:E5:09:76:DA Authority key identifier: 53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C Certificate issuer: /CN=5349c2d00ba46be9244b76194baa10f33ce3462c Certificate serial: 019B6F2271067922DF7D86C371B38AA3BEDA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft Manifest number: 082F Signing time: Tue 30 Dec 2025 12:01:26 +0000 Manifest this update: Tue 30 Dec 2025 12:01:26 +0000 Manifest next update: Wed 31 Dec 2025 12:01:26 +0000 Files and hashes: 1: U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl (hash: bjvK/kEAPu6C9xoraXnIMg0LJ0Cz5Vh9jT+4duO92HE=) 2: kDLhfcy8YHG9d7r3ZyKyTCN67dU.roa (hash: FHssmQ805uZ/Wtb94rUn/bLQZUQ10hPffXrOYDXFnpE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 12:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6f:22:71:06:79:22:df:7d:86:c3:71:b3:8a:a3:be:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5349c2d00ba46be9244b76194baa10f33ce3462c Validity Not Before: Dec 30 12:01:26 2025 GMT Not After : Dec 31 12:01:26 2025 GMT Subject: CN=3ad20a926595f0e3aec4feed5bba9e5ee50976da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:40:8c:e9:2e:db:b3:66:30:d5:e7:f1:b2:d9: 1b:83:73:8a:97:fe:ce:92:50:5c:67:80:ad:46:08: 35:be:8f:57:ef:43:90:14:67:0d:a3:58:dd:53:49: 84:f4:de:51:fd:b2:1b:aa:5d:0a:74:13:46:bf:75: 43:bb:6c:c6:cc:18:9d:f0:64:bf:13:25:41:c8:9d: 72:8c:05:2d:7c:06:53:12:41:0c:01:16:12:ff:8b: 41:70:a6:b3:80:c2:4d:68:96:a7:f2:db:39:2e:6d: 75:ac:7e:49:1d:9e:ba:58:ca:fa:9a:0c:46:98:88: 12:17:57:80:31:ee:23:7a:2e:83:24:c1:48:43:7b: 8b:17:47:e1:b6:07:fa:9f:ba:59:2c:33:20:42:17: 13:83:59:ce:44:a8:33:f9:77:0f:b3:d2:9c:a8:df: 84:3b:df:fc:81:c6:c3:0f:64:51:14:2e:78:d8:8d: fb:d9:e7:e9:f8:0c:3d:df:32:5d:21:d4:92:d9:c5: 7c:0b:9c:b4:30:f5:11:f1:8f:e9:ee:80:e2:62:a1: 6d:dd:58:b7:5c:cb:12:ce:a9:40:17:6d:67:21:9a: a1:41:a8:b9:51:0d:7d:01:60:e8:27:f9:6e:46:ea: 0a:ba:2b:da:20:aa:07:63:9e:9c:b5:b6:cc:99:63: 7c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D2:0A:92:65:95:F0:E3:AE:C4:FE:ED:5B:BA:9E:5E:E5:09:76:DA X509v3 Authority Key Identifier: keyid:53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:9a:1a:bd:7b:92:44:a5:b6:64:25:bd:b4:cd:ae:2d:06:c3: 93:5f:a8:a9:a7:ad:b4:97:a3:d0:4a:a9:a7:80:98:68:c7:e2: f9:e2:2a:d7:e5:6f:82:6b:22:25:0c:a8:46:e3:89:d0:fb:8d: c3:94:e9:b3:51:5a:1a:3f:1d:27:b7:d3:f8:cf:97:97:24:53: 29:ba:78:2d:68:d9:08:3d:3b:1d:9e:08:09:22:1d:76:fc:56: 50:11:fa:a8:24:d9:15:f1:08:4d:0b:f7:8d:ab:0e:4c:ae:a6: 07:52:62:be:9b:5d:2c:fd:35:a4:47:ca:24:d3:86:13:4f:7e: f1:c3:18:79:e7:26:9c:03:e4:1c:69:17:2e:ad:23:6a:0e:d0: e9:b3:47:be:e1:a9:39:cc:eb:3a:25:15:01:3b:c6:de:2b:86: 58:8f:d3:10:c6:6e:80:6d:72:17:e2:3f:7d:b6:40:94:51:8f: 17:3d:92:3e:cb:ea:83:6f:c3:2e:92:d2:a7:5f:02:7d:b8:a1: 43:7a:19:cb:63:d1:16:1f:f4:73:53:40:07:07:4f:c2:a8:dd: 3c:13:ff:99:2a:53:65:c3:9c:d4:be:b6:d3:a8:a8:ed:5e:c5: 48:2c:63:be:16:a5:a4:df:d2:d7:09:e5:5d:93:cc:ea:db:70: 87:49:eb:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtvInEGeSLffYbDcbOKo77aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNDljMmQwMGJhNDZiZTkyNDRiNzYxOTRiYWExMGYzM2Nl MzQ2MmMwHhcNMjUxMjMwMTIwMTI2WhcNMjUxMjMxMTIwMTI2WjAzMTEwLwYDVQQD EygzYWQyMGE5MjY1OTVmMGUzYWVjNGZlZWQ1YmJhOWU1ZWU1MDk3NmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkCM6S7bs2Yw1efxstkbg3OKl/7O klBcZ4CtRgg1vo9X70OQFGcNo1jdU0mE9N5R/bIbql0KdBNGv3VDu2zGzBid8GS/ EyVByJ1yjAUtfAZTEkEMARYS/4tBcKazgMJNaJan8ts5Lm11rH5JHZ66WMr6mgxG mIgSF1eAMe4jei6DJMFIQ3uLF0fhtgf6n7pZLDMgQhcTg1nORKgz+XcPs9KcqN+E O9/8gcbDD2RRFC542I372efp+Aw93zJdIdSS2cV8C5y0MPUR8Y/p7oDiYqFt3Vi3 XMsSzqlAF21nIZqhQai5UQ19AWDoJ/luRuoKuivaIKoHY56ctbbMmWN8SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDrSCpJllfDjrsT+7Vu6nl7lCXbaMB8GA1UdIwQY MBaAFFNJwtALpGvpJEt2GUuqEPM840YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTIt ZmExMjYwODUwNzA5LzEvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTItZmExMjYwODUwNzA5 LzEvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJoavXuS RKW2ZCW9tM2uLQbDk1+oqaettJej0Eqpp4CYaMfi+eIq1+VvgmsiJQyoRuOJ0PuN w5Tps1FaGj8dJ7fT+M+XlyRTKbp4LWjZCD07HZ4ICSIddvxWUBH6qCTZFfEITQv3 jasOTK6mB1JivptdLP01pEfKJNOGE09+8cMYeecmnAPkHGkXLq0jag7Q6bNHvuGp OczrOiUVATvG3iuGWI/TEMZugG1yF+I/fbZAlFGPFz2SPsvqg2/DLpLSp18Cfbih Q3oZy2PRFh/0c1NABwdPwqjdPBP/mSpTZcOc1L6206io7V7FSCxjvhalpN/S1wnl XZPM6ttwh0nr4A== -----END CERTIFICATE-----Generated at Tue Dec 30 22:01:07 2025 by rpki-client