This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft File: U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json) Hash identifier: XbdJy/LQw0f3HrfJ2ues36exWo+wHRBitj23EaNWhUk= Subject key identifier: EB:F1:8F:88:2C:26:CA:FD:46:E7:8A:B4:3F:E0:6C:CA:AC:D5:57:FE Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 Certificate issuer: /CN=539dc8f83af07a2fd7121e77c01cc283c651a087 Certificate serial: 019B9D44B0175CFA44A4BAC884007D7D3CC7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft Manifest number: 17BA Signing time: Thu 08 Jan 2026 11:01:22 +0000 Manifest this update: Thu 08 Jan 2026 11:01:22 +0000 Manifest next update: Fri 09 Jan 2026 11:01:22 +0000 Files and hashes: 1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: FW/vYRVDZUTh2vM2JVrj28CeFFNcxKl4SSU1k0aun9I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:44:b0:17:5c:fa:44:a4:ba:c8:84:00:7d:7d:3c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087 Validity Not Before: Jan 8 11:01:22 2026 GMT Not After : Jan 9 11:01:22 2026 GMT Subject: CN=ebf18f882c26cafd46e78ab43fe06ccaacd557fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:e2:7c:fb:39:7a:bb:67:6a:7e:09:ff:61:54: 31:5f:b3:e7:53:11:f0:ef:21:ca:0f:3f:27:48:df: dc:4f:fe:45:2c:a0:ed:b8:d8:61:ab:65:ac:f7:7d: f5:65:e5:95:0e:8c:1a:ce:4c:1d:7e:02:f9:16:d7: 71:43:50:e7:ed:b7:d3:11:04:b6:a7:3e:73:cb:2c: c3:46:16:7c:b7:42:a8:f9:7c:b4:5f:cd:26:11:44: cc:aa:e9:6a:8b:bd:1d:4f:ac:c2:cf:40:70:8b:04: 8a:d1:d2:11:f9:f2:17:b4:ac:94:33:47:57:7c:1b: 29:85:07:1f:7e:00:54:e4:3f:e5:f1:ac:24:d7:68: 82:dd:82:24:6c:1f:05:1b:f3:fa:eb:09:23:25:01: 06:32:63:91:8b:99:56:80:1d:67:e0:68:81:8a:d5: f9:40:f3:e4:7d:07:0f:3a:1d:fd:db:57:f5:6e:65: 28:2c:30:0e:db:66:ac:9e:9a:25:a1:b7:1c:b4:13: 5e:6f:32:fd:f8:4e:0a:9c:0a:bb:2d:a0:26:ae:cb: cb:51:71:72:bd:9f:d1:69:75:36:8d:94:ad:b1:b2: 1d:9c:d0:77:cd:ab:97:8a:08:04:a2:d6:03:68:d4: f2:60:c8:f0:f5:2d:4e:1c:17:b1:b6:3f:50:9f:f8: be:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:F1:8F:88:2C:26:CA:FD:46:E7:8A:B4:3F:E0:6C:CA:AC:D5:57:FE X509v3 Authority Key Identifier: keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:94:22:29:7a:da:47:01:8c:12:29:84:a2:ca:3b:ed:56:95: 1e:25:af:10:27:f9:f5:f3:ad:ff:9f:95:8c:6b:42:4e:f8:c5: 0c:9d:9c:02:ae:23:8d:ea:06:3c:a3:18:dc:0f:c3:af:f6:2e: 46:a3:8a:7f:e9:c2:39:4a:57:f5:b2:76:38:1e:01:d1:7c:a2: 61:20:f6:a1:a4:eb:9b:03:dd:52:e2:29:3e:e8:7c:43:66:b1: 47:71:8b:a3:c8:a5:85:9b:f6:8b:7f:e5:3f:93:10:75:01:cc: 15:e6:4c:91:d4:76:72:8a:ec:b9:84:fc:43:b9:9e:2f:9e:d8: 00:09:55:65:5a:82:bd:d6:bc:3f:8c:11:65:0c:d4:1d:9d:4c: 00:bd:94:48:02:a1:d2:b5:fa:01:a0:c9:fa:b3:95:9d:4f:94: b8:9a:3f:0d:92:1f:cd:d3:57:1e:10:63:9a:cd:a8:8b:00:1c: a4:99:73:61:99:ac:9a:8d:df:54:2e:d6:81:65:7d:83:7b:17: 84:3d:ba:20:5d:55:de:f9:18:9d:40:66:79:a8:12:de:13:ba: 3a:20:98:26:72:77:05:63:35:55:14:e5:71:ea:63:f4:c8:78: 1c:f1:c8:de:75:45:e8:1b:f7:36:b3:01:7c:04:d9:1b:8a:3e: 00:b7:5a:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZudRLAXXPpEpLrIhAB9fTzHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1 MWEwODcwHhcNMjYwMTA4MTEwMTIyWhcNMjYwMTA5MTEwMTIyWjAzMTEwLwYDVQQD EyhlYmYxOGY4ODJjMjZjYWZkNDZlNzhhYjQzZmUwNmNjYWFjZDU1N2ZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OJ8+zl6u2dqfgn/YVQxX7PnUxHw 7yHKDz8nSN/cT/5FLKDtuNhhq2Ws9331ZeWVDowazkwdfgL5FtdxQ1Dn7bfTEQS2 pz5zyyzDRhZ8t0Ko+Xy0X80mEUTMqulqi70dT6zCz0BwiwSK0dIR+fIXtKyUM0dX fBsphQcffgBU5D/l8awk12iC3YIkbB8FG/P66wkjJQEGMmORi5lWgB1n4GiBitX5 QPPkfQcPOh3921f1bmUoLDAO22asnpolobcctBNebzL9+E4KnAq7LaAmrsvLUXFy vZ/RaXU2jZStsbIdnNB3zauXiggEotYDaNTyYMjw9S1OHBextj9Qn/i+7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOvxj4gsJsr9RueKtD/gbMqs1Vf+MB8GA1UdIwQY MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPZQiKXra RwGMEimEoso77VaVHiWvECf59fOt/5+VjGtCTvjFDJ2cAq4jjeoGPKMY3A/Dr/Yu RqOKf+nCOUpX9bJ2OB4B0XyiYSD2oaTrmwPdUuIpPuh8Q2axR3GLo8ilhZv2i3/l P5MQdQHMFeZMkdR2corsuYT8Q7meL57YAAlVZVqCvda8P4wRZQzUHZ1MAL2USAKh 0rX6AaDJ+rOVnU+UuJo/DZIfzdNXHhBjms2oiwAcpJlzYZmsmo3fVC7WgWV9g3sX hD26IF1V3vkYnUBmeagS3hO6OiCYJnJ3BWM1VRTlcepj9Mh4HPHI3nVF6Bv3NrMB fATZG4o+ALdaEw== -----END CERTIFICATE-----Generated at Thu Jan 8 13:36:20 2026 by rpki-client