This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft File: ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json) Hash identifier: GK92pgAiuTEuS0pDx02ixrb2k8aop+Hkcuo0ubvTEN4= Subject key identifier: 2C:B6:0C:29:9E:87:67:5B:60:29:29:98:BE:6B:D7:9C:71:9C:97:1C Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D Certificate issuer: /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d Certificate serial: 019B6DD8591CAC29E13C7196C7001A08150B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft Manifest number: 04CE Signing time: Tue 30 Dec 2025 06:00:53 +0000 Manifest this update: Tue 30 Dec 2025 06:00:53 +0000 Manifest next update: Wed 31 Dec 2025 06:00:53 +0000 Files and hashes: 1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: C8aq59o1hFg+BjbeXfxDSRqf4BT5444zSWTUVOEyBmg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:d8:59:1c:ac:29:e1:3c:71:96:c7:00:1a:08:15:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d Validity Not Before: Dec 30 06:00:53 2025 GMT Not After : Dec 31 06:00:53 2025 GMT Subject: CN=2cb60c299e87675b60292998be6bd79c719c971c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:5d:7c:cb:61:62:ea:75:ac:0f:3e:5b:31:24: 74:70:b9:ed:61:23:82:c4:b2:26:b4:e1:93:12:7c: b8:4b:42:de:87:30:fb:15:f2:39:88:ec:d0:bf:3d: 60:3f:9c:f2:a2:f7:43:6c:3e:4c:b5:66:49:45:41: 0a:24:b3:ab:ec:ce:30:45:73:4c:64:ff:81:22:06: 90:f3:d3:2e:3e:1e:5a:c7:7f:96:b8:fb:cf:b9:01: 6a:0a:84:99:c9:d2:3f:5b:54:48:d5:9a:a0:f1:53: 1f:b9:bf:26:1c:35:a6:d0:fc:5a:4b:bc:10:7f:21: e7:2c:d6:75:ca:96:56:95:00:22:03:d2:4a:e0:4f: 44:6e:28:88:d6:70:2b:78:1a:81:4e:30:41:ff:af: 23:1d:48:b2:7a:84:c4:c6:26:e5:d0:8f:ca:93:6a: 9c:49:ee:af:e8:5d:ca:78:89:32:4a:db:4f:64:ad: 07:ec:6b:c8:82:87:7a:d3:08:a0:8e:7c:19:aa:63: b7:9f:6c:30:5b:73:21:58:af:60:b9:46:48:bb:ae: 4a:1c:7e:b1:bb:cd:c1:c9:2e:3a:57:57:cd:71:38: ad:c4:89:42:0a:91:f8:2c:55:34:b1:54:6a:07:34: a7:25:38:c9:f4:0a:20:5a:a7:c6:76:bb:a5:4f:e0: 2c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:B6:0C:29:9E:87:67:5B:60:29:29:98:BE:6B:D7:9C:71:9C:97:1C X509v3 Authority Key Identifier: keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:8e:46:3c:ce:26:58:c9:58:a8:37:00:86:66:16:f8:0a:8c: d3:78:ec:6a:2d:94:46:ba:b8:a0:d5:71:aa:ee:ae:8a:37:d1: b8:d4:6c:a4:36:7c:1e:71:5d:db:2f:c9:c7:04:61:56:5c:a5: 67:2b:1a:74:e0:9c:1d:82:cc:cb:f6:f1:93:d3:46:0c:8a:a7: 22:2d:7d:aa:bf:68:c4:13:48:88:a5:ca:08:59:b3:33:e1:65: 0a:20:91:f1:84:d1:72:62:98:8c:6d:ec:9b:d8:20:d1:e7:2a: 8d:76:82:8e:e7:a6:eb:2e:15:7c:5f:ff:3d:d6:bb:80:75:6b: ec:cb:af:bd:56:76:b2:05:29:bd:9a:54:30:39:dd:99:c7:c5: de:a0:3c:7c:6c:26:1a:ed:68:e2:3c:3f:36:ac:52:cc:1f:7d: 83:0d:99:ee:30:3a:88:f6:2f:a0:f0:ba:b0:42:64:fa:d9:6b: e4:fb:af:d6:22:6c:30:6c:78:a5:7b:d1:ee:cc:fe:8b:ed:da: ee:02:b2:4c:06:aa:c8:b7:48:1e:06:4f:fb:57:d2:85:21:33: 33:a8:6e:ef:08:cc:de:cf:09:7d:89:41:4f:6b:97:66:8b:52: a1:57:f4:8b:a5:60:8a:9e:70:ab:38:1a:3a:ee:ca:33:87:3a: 6c:33:5f:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtt2FkcrCnhPHGWxwAaCBULMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy NjgxOGQwHhcNMjUxMjMwMDYwMDUzWhcNMjUxMjMxMDYwMDUzWjAzMTEwLwYDVQQD EygyY2I2MGMyOTllODc2NzViNjAyOTI5OThiZTZiZDc5YzcxOWM5NzFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l18y2Fi6nWsDz5bMSR0cLntYSOC xLImtOGTEny4S0LehzD7FfI5iOzQvz1gP5zyovdDbD5MtWZJRUEKJLOr7M4wRXNM ZP+BIgaQ89MuPh5ax3+WuPvPuQFqCoSZydI/W1RI1Zqg8VMfub8mHDWm0PxaS7wQ fyHnLNZ1ypZWlQAiA9JK4E9EbiiI1nAreBqBTjBB/68jHUiyeoTExibl0I/Kk2qc Se6v6F3KeIkySttPZK0H7GvIgod60wigjnwZqmO3n2wwW3MhWK9guUZIu65KHH6x u83ByS46V1fNcTitxIlCCpH4LFU0sVRqBzSnJTjJ9AogWqfGdrulT+AsAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCy2DCmeh2dbYCkpmL5r15xxnJccMB8GA1UdIwQY MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3 LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgo5GPM4m WMlYqDcAhmYW+AqM03jsai2URrq4oNVxqu6uijfRuNRspDZ8HnFd2y/JxwRhVlyl ZysadOCcHYLMy/bxk9NGDIqnIi19qr9oxBNIiKXKCFmzM+FlCiCR8YTRcmKYjG3s m9gg0ecqjXaCjuem6y4VfF//Pda7gHVr7MuvvVZ2sgUpvZpUMDndmcfF3qA8fGwm Gu1o4jw/NqxSzB99gw2Z7jA6iPYvoPC6sEJk+tlr5Puv1iJsMGx4pXvR7sz+i+3a 7gKyTAaqyLdIHgZP+1fShSEzM6hu7wjM3s8JfYlBT2uXZotSoVf0i6Vgip5wqzga Ou7KM4c6bDNfgA== -----END CERTIFICATE-----Generated at Tue Dec 30 08:48:46 2025 by rpki-client