This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.mft File: ukQzhlmFp7teJpw3lK5vFkz8Lds.mft (raw, json) Hash identifier: AsRbZr02VyaOdFt7IPPBuc5IbKDTEzqU175cz+Hpb14= Subject key identifier: CA:3E:F1:1B:D0:A3:8C:9D:4D:9A:CD:91:85:47:B6:D4:FF:57:56:E1 Authority key identifier: BA:44:33:86:59:85:A7:BB:5E:26:9C:37:94:AE:6F:16:4C:FC:2D:DB Certificate issuer: /CN=ba4433865985a7bb5e269c3794ae6f164cfc2ddb Certificate serial: 019B69FB641482E1F5FDB0B24ADFEA100151 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukQzhlmFp7teJpw3lK5vFkz8Lds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.mft Manifest number: 077F Signing time: Mon 29 Dec 2025 12:00:41 +0000 Manifest this update: Mon 29 Dec 2025 12:00:41 +0000 Manifest next update: Tue 30 Dec 2025 12:00:41 +0000 Files and hashes: 1: AlkZJ5y5SgK5NicIMpQu5G4y-kk.roa (hash: 6pDsa6TgLwnLkjOOWWhXhHFWrv8bvlopmayBUNqycZY=) 2: ukQzhlmFp7teJpw3lK5vFkz8Lds.crl (hash: NsBUUZ8G3v7Ma6t1IUQGjAkgXV4VCOMBWUIq4iduwaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.crl rsync://rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.mft rsync://rpki.ripe.net/repository/DEFAULT/ukQzhlmFp7teJpw3lK5vFkz8Lds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 10:15:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:fb:64:14:82:e1:f5:fd:b0:b2:4a:df:ea:10:01:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba4433865985a7bb5e269c3794ae6f164cfc2ddb Validity Not Before: Dec 29 12:00:41 2025 GMT Not After : Dec 30 12:00:41 2025 GMT Subject: CN=ca3ef11bd0a38c9d4d9acd918547b6d4ff5756e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b1:43:61:99:18:f8:ae:55:d3:65:07:37:ab: 6f:2d:54:d8:30:94:a4:dd:fb:38:73:45:99:e4:e4: 75:ec:e4:43:42:4b:16:f7:db:de:08:8a:24:e3:e0: 09:11:88:a6:a1:26:08:b7:10:48:2a:f6:61:ad:31: 27:37:29:0c:1e:73:e3:be:76:2d:6a:d0:86:aa:73: cc:a6:24:11:a5:c9:20:00:2e:a3:bb:ae:b3:50:00: 34:44:cb:f6:6d:6f:24:89:ad:3b:b8:c6:f5:48:db: dd:73:b4:cc:63:74:5c:47:f9:39:cf:32:b6:22:fb: 4e:05:7a:e0:18:e8:0b:4d:b9:31:25:c6:82:b8:18: da:8a:23:bf:49:38:98:9e:17:f1:4c:6f:8b:fa:aa: 0f:3a:9f:64:9b:c8:78:71:44:bd:fc:25:92:ee:d7: 28:1f:e5:34:6e:35:da:07:20:79:7b:8a:5f:8b:20: 8f:20:9c:ce:f8:0a:14:bc:b8:43:ce:03:fa:b7:c6: bb:83:fc:4d:31:ca:91:9b:00:6f:92:e5:f7:d7:07: 7c:2a:0c:42:8d:93:43:a5:72:7a:14:c4:5a:ee:e2: fc:9e:81:52:56:77:bb:a2:5c:21:d4:33:d6:af:9b: 6c:24:51:96:b0:ce:c0:9c:40:8f:5c:80:3d:34:1a: 94:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:3E:F1:1B:D0:A3:8C:9D:4D:9A:CD:91:85:47:B6:D4:FF:57:56:E1 X509v3 Authority Key Identifier: keyid:BA:44:33:86:59:85:A7:BB:5E:26:9C:37:94:AE:6F:16:4C:FC:2D:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukQzhlmFp7teJpw3lK5vFkz8Lds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ab3219-c64b-470e-8341-3a12027400e6/1/ukQzhlmFp7teJpw3lK5vFkz8Lds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:0a:90:7a:e5:5c:7b:54:2d:01:4f:0e:c2:a6:23:e8:6d:46: 4b:10:07:bf:53:2c:5f:a9:9e:e0:3a:c9:83:4e:1d:ab:1a:ba: 3d:ae:db:a2:9f:af:85:01:6b:7a:3c:1d:10:be:02:a7:81:01: 4e:bf:2f:06:6b:10:df:e3:eb:d0:f2:87:43:a9:11:d9:20:cc: 87:b8:0f:a9:82:92:b6:a8:f6:f7:63:ce:35:9f:dc:20:04:16: 8e:61:64:f2:ae:3a:77:7d:3c:c7:75:a8:af:83:9a:e3:43:d9: f2:ba:3d:b1:a3:b4:ef:a9:d3:3a:05:02:79:cf:2d:49:c5:8b: d2:94:d8:dd:25:95:61:77:e6:ed:d4:23:a7:6c:5e:80:f8:0e: 66:4e:eb:65:85:3d:e2:43:78:a8:70:30:ae:56:f4:5b:56:77: 0f:d3:4a:ae:18:05:d0:66:e6:21:b4:0f:5d:0e:77:09:b0:7c: 9c:fb:69:ec:66:a7:a1:e0:bd:73:02:a3:48:0a:db:b7:5d:96: 0c:a1:ac:6c:28:1c:3e:fd:51:02:4e:94:54:5c:b1:ea:60:7d: 3d:45:5a:4a:f3:4a:99:28:68:71:48:6f:cf:a2:9e:55:ae:35: 6b:dd:a5:70:c3:da:05:fa:33:82:4d:0f:de:fa:da:e5:3d:85: 1f:cf:12:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtp+2QUguH1/bCySt/qEAFRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNDQzMzg2NTk4NWE3YmI1ZTI2OWMzNzk0YWU2ZjE2NGNm YzJkZGIwHhcNMjUxMjI5MTIwMDQxWhcNMjUxMjMwMTIwMDQxWjAzMTEwLwYDVQQD EyhjYTNlZjExYmQwYTM4YzlkNGQ5YWNkOTE4NTQ3YjZkNGZmNTc1NmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7FDYZkY+K5V02UHN6tvLVTYMJSk 3fs4c0WZ5OR17ORDQksW99veCIok4+AJEYimoSYItxBIKvZhrTEnNykMHnPjvnYt atCGqnPMpiQRpckgAC6ju66zUAA0RMv2bW8kia07uMb1SNvdc7TMY3RcR/k5zzK2 IvtOBXrgGOgLTbkxJcaCuBjaiiO/STiYnhfxTG+L+qoPOp9km8h4cUS9/CWS7tco H+U0bjXaByB5e4pfiyCPIJzO+AoUvLhDzgP6t8a7g/xNMcqRmwBvkuX31wd8KgxC jZNDpXJ6FMRa7uL8noFSVne7olwh1DPWr5tsJFGWsM7AnECPXIA9NBqUwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMo+8RvQo4ydTZrNkYVHttT/V1bhMB8GA1UdIwQY MBaAFLpEM4ZZhae7XiacN5SubxZM/C3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWtRemhsbUZwN3RlSnB3M2xLNXZGa3o4TGRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9hYjMyMTktYzY0Yi00NzBlLTgzNDEt M2ExMjAyNzQwMGU2LzEvdWtRemhsbUZwN3RlSnB3M2xLNXZGa3o4TGRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS9hYjMyMTktYzY0Yi00NzBlLTgzNDEtM2ExMjAyNzQwMGU2 LzEvdWtRemhsbUZwN3RlSnB3M2xLNXZGa3o4TGRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgqQeuVc e1QtAU8OwqYj6G1GSxAHv1MsX6me4DrJg04dqxq6Pa7bop+vhQFrejwdEL4Cp4EB Tr8vBmsQ3+Pr0PKHQ6kR2SDMh7gPqYKStqj292PONZ/cIAQWjmFk8q46d308x3Wo r4Oa40PZ8ro9saO076nTOgUCec8tScWL0pTY3SWVYXfm7dQjp2xegPgOZk7rZYU9 4kN4qHAwrlb0W1Z3D9NKrhgF0GbmIbQPXQ53CbB8nPtp7GanoeC9cwKjSArbt12W DKGsbCgcPv1RAk6UVFyx6mB9PUVaSvNKmShocUhvz6KeVa41a92lcMPaBfozgk0P 3vra5T2FH88SMA== -----END CERTIFICATE-----Generated at Mon Dec 29 13:28:39 2025 by rpki-client