This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.mft File: U6hLUj3-Mriom5zdMKn4cRAH_bk.mft (raw, json) Hash identifier: mxhfGg7MQxgRlIX0UWurlvQxvi1jQqC8rsExHNZJ1ag= Subject key identifier: A7:02:8B:2E:9D:9D:7D:2F:29:73:E5:A2:5B:DA:EA:29:12:E4:6E:E4 Authority key identifier: 53:A8:4B:52:3D:FE:32:B8:A8:9B:9C:DD:30:A9:F8:71:10:07:FD:B9 Certificate issuer: /CN=53a84b523dfe32b8a89b9cdd30a9f8711007fdb9 Certificate serial: 019B6E0F41F3FA8651E3CD56C2AD78B19C71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6hLUj3-Mriom5zdMKn4cRAH_bk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.mft Manifest number: 0E78 Signing time: Tue 30 Dec 2025 07:00:52 +0000 Manifest this update: Tue 30 Dec 2025 07:00:52 +0000 Manifest next update: Wed 31 Dec 2025 07:00:52 +0000 Files and hashes: 1: GZldOEJkrutoTjn3MQnXcf09taM.roa (hash: vlltg4veeHpXkbEneS2WFuhIZv9HwJeSmQM3GzCbD1k=) 2: U6hLUj3-Mriom5zdMKn4cRAH_bk.crl (hash: hhLCg+gIEdN4pNPh4Y9pXODCOXdyAdyn3qkNstRQvko=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.mft rsync://rpki.ripe.net/repository/DEFAULT/U6hLUj3-Mriom5zdMKn4cRAH_bk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 07:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:0f:41:f3:fa:86:51:e3:cd:56:c2:ad:78:b1:9c:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53a84b523dfe32b8a89b9cdd30a9f8711007fdb9 Validity Not Before: Dec 30 07:00:52 2025 GMT Not After : Dec 31 07:00:52 2025 GMT Subject: CN=a7028b2e9d9d7d2f2973e5a25bdaea2912e46ee4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:be:25:49:92:7f:b3:2a:6b:10:e0:e8:12:33: 58:30:0e:51:75:9f:7c:ee:f6:6f:80:3c:2a:29:55: 22:df:8b:4b:ed:3d:d3:8a:93:82:af:92:c4:9c:b2: 17:2f:44:e8:73:ac:fa:e9:b6:35:32:13:c6:4c:ec: 47:a7:f6:14:54:0a:55:ed:29:b1:f5:13:21:58:c9: bd:3d:a2:0d:21:4c:f5:a3:8d:89:b3:a0:53:2b:27: 4a:d7:ed:39:03:15:3b:18:ec:5f:51:a7:22:ac:81: 23:63:26:8e:08:50:05:36:99:9d:9d:32:19:ee:d8: 79:fa:be:df:88:68:a2:f8:66:49:96:6c:fd:71:51: 4f:e7:73:ee:db:7d:e7:15:ef:c7:84:b6:46:53:d5: d8:b5:1f:05:a6:6c:cf:a5:98:db:6f:61:c6:c8:2b: f2:a1:55:dc:ac:3c:f2:f7:e7:52:92:5c:eb:7b:e2: 05:9a:33:9e:b0:4b:6e:64:3c:34:49:58:3b:65:48: 3a:ed:fb:9f:53:a0:45:b8:a9:c7:c8:7c:c6:17:06: 48:d5:6e:06:7f:5c:e8:8c:d6:ed:6a:77:1f:2b:10: 96:15:0c:d2:78:e8:80:8b:98:80:7e:bc:5e:75:67: dc:16:c6:e6:15:6f:91:89:7d:bc:23:0a:e0:13:aa: 82:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:02:8B:2E:9D:9D:7D:2F:29:73:E5:A2:5B:DA:EA:29:12:E4:6E:E4 X509v3 Authority Key Identifier: keyid:53:A8:4B:52:3D:FE:32:B8:A8:9B:9C:DD:30:A9:F8:71:10:07:FD:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6hLUj3-Mriom5zdMKn4cRAH_bk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/07e105-5680-40aa-8c9d-0d66c75b026d/1/U6hLUj3-Mriom5zdMKn4cRAH_bk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:54:22:ce:ed:27:0f:9c:84:71:1e:e4:f6:2f:9c:70:dd:98: 54:a1:1f:12:77:09:70:d5:33:d6:0c:46:34:fe:e7:4b:2c:9b: 80:06:0c:b6:31:9d:8e:74:41:c0:05:2f:96:5a:71:31:a2:a1: a4:c6:4b:46:50:a8:8e:32:f5:19:1e:85:fa:4d:19:f7:2b:d0: 4b:10:a0:a1:e3:3a:41:b4:b9:ea:0e:d8:79:1a:b7:03:c9:d1: 1d:ab:4d:94:8d:e5:ff:d9:0f:bd:e2:f1:c2:74:7b:88:cd:0f: ec:a2:7d:2d:70:0f:71:d3:2b:91:16:e2:c8:89:66:6d:6f:28: 49:d3:ee:6e:99:ea:7d:10:91:8a:eb:7f:4e:ed:30:01:21:6b: 0f:42:7e:d5:97:74:75:2d:b4:ff:ef:f1:fb:66:47:a4:3a:7d: 5f:22:58:41:45:1f:db:b0:3a:fa:15:04:5e:b5:b6:48:49:2c: c1:6c:b1:2e:e6:9b:87:c1:88:07:25:fb:1b:cc:bc:b0:dc:f2: 8d:37:2f:d8:74:85:f4:29:b5:62:46:20:9f:55:9a:cc:03:25: f2:c3:c9:95:90:9b:91:f0:05:4a:ef:d3:40:1a:85:52:bc:c6: 72:13:34:7c:3e:63:3b:73:46:df:39:ac:fe:9f:50:09:87:f4: 2d:48:b6:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtuD0Hz+oZR481Wwq14sZxxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzYTg0YjUyM2RmZTMyYjhhODliOWNkZDMwYTlmODcxMTAw N2ZkYjkwHhcNMjUxMjMwMDcwMDUyWhcNMjUxMjMxMDcwMDUyWjAzMTEwLwYDVQQD EyhhNzAyOGIyZTlkOWQ3ZDJmMjk3M2U1YTI1YmRhZWEyOTEyZTQ2ZWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL4lSZJ/syprEODoEjNYMA5RdZ98 7vZvgDwqKVUi34tL7T3TipOCr5LEnLIXL0Toc6z66bY1MhPGTOxHp/YUVApV7Smx 9RMhWMm9PaINIUz1o42Js6BTKydK1+05AxU7GOxfUacirIEjYyaOCFAFNpmdnTIZ 7th5+r7fiGii+GZJlmz9cVFP53Pu233nFe/HhLZGU9XYtR8FpmzPpZjbb2HGyCvy oVXcrDzy9+dSklzre+IFmjOesEtuZDw0SVg7ZUg67fufU6BFuKnHyHzGFwZI1W4G f1zojNbtancfKxCWFQzSeOiAi5iAfrxedWfcFsbmFW+RiX28IwrgE6qCfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKcCiy6dnX0vKXPlolva6ikS5G7kMB8GA1UdIwQY MBaAFFOoS1I9/jK4qJuc3TCp+HEQB/25MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTZoTFVqMy1NcmlvbTV6ZE1LbjRjUkFIX2JrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wN2UxMDUtNTY4MC00MGFhLThjOWQt MGQ2NmM3NWIwMjZkLzEvVTZoTFVqMy1NcmlvbTV6ZE1LbjRjUkFIX2JrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8wN2UxMDUtNTY4MC00MGFhLThjOWQtMGQ2NmM3NWIwMjZk LzEvVTZoTFVqMy1NcmlvbTV6ZE1LbjRjUkFIX2JrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1Qizu0n D5yEcR7k9i+ccN2YVKEfEncJcNUz1gxGNP7nSyybgAYMtjGdjnRBwAUvllpxMaKh pMZLRlCojjL1GR6F+k0Z9yvQSxCgoeM6QbS56g7YeRq3A8nRHatNlI3l/9kPveLx wnR7iM0P7KJ9LXAPcdMrkRbiyIlmbW8oSdPubpnqfRCRiut/Tu0wASFrD0J+1Zd0 dS20/+/x+2ZHpDp9XyJYQUUf27A6+hUEXrW2SEkswWyxLuabh8GIByX7G8y8sNzy jTcv2HSF9Cm1YkYgn1WazAMl8sPJlZCbkfAFSu/TQBqFUrzGchM0fD5jO3NG3zms /p9QCYf0LUi2tA== -----END CERTIFICATE-----Generated at Tue Dec 30 14:19:27 2025 by rpki-client