This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft File: up78qG3qcNPukBgWeMjrMOaRbR0.mft (raw, json) Hash identifier: YlEg5mrqMXV5o95wf8SWHOZ7b71RMu2+PIHRrlLYS9c= Subject key identifier: F9:76:19:01:38:87:15:2F:D1:D5:9C:B5:0F:F8:35:67:F9:39:93:2E Authority key identifier: BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D Certificate issuer: /CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d Certificate serial: 019B3F11167A28E34A67ECC2558F1A3A2DF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft Manifest number: 16FF Signing time: Sun 21 Dec 2025 04:00:42 +0000 Manifest this update: Sun 21 Dec 2025 04:00:42 +0000 Manifest next update: Mon 22 Dec 2025 04:00:42 +0000 Files and hashes: 1: TcxQ_LIgSlnQjiSbvcx7DOq2_Zc.roa (hash: v9utTlGogD+SmAb7nxAo7ersLZspEGf0TY5tMFbjRB8=) 2: up78qG3qcNPukBgWeMjrMOaRbR0.crl (hash: RtO1S/iLcrnm0bFGqZ1GP13G6d85bqfirLBpfrPGsFQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:16:7a:28:e3:4a:67:ec:c2:55:8f:1a:3a:2d:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d Validity Not Before: Dec 21 04:00:42 2025 GMT Not After : Dec 22 04:00:42 2025 GMT Subject: CN=f97619013887152fd1d59cb50ff83567f939932e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:f1:13:d6:c4:a8:c4:dc:6f:7c:e4:af:7d:70: 3a:86:97:50:ae:1b:e6:29:cd:d2:8c:fd:ce:87:43: 07:93:78:4a:13:7a:25:f0:95:30:8a:60:81:e2:35: e6:ac:df:00:dd:14:b7:0e:85:a5:78:66:e5:60:e2: 98:5d:7c:db:c5:b8:dd:d7:5b:3d:10:73:1d:e2:4f: 2c:0d:dd:ff:ef:83:b3:68:af:87:53:81:cb:f3:da: a8:81:57:5f:25:33:28:2f:77:40:47:88:15:f4:50: 23:a5:46:6b:41:f2:5d:48:60:13:8d:b0:c8:ff:68: 18:d7:d3:d7:34:5c:2c:5e:65:5b:6b:5e:d2:6f:fe: 4e:4b:3f:1d:ee:14:73:16:91:5d:f9:11:e0:1c:31: f0:60:37:c4:97:d4:d5:c9:c9:59:9c:00:13:c7:68: c4:39:81:cf:c0:ad:75:b4:9e:e1:85:34:05:65:d2: ab:0a:93:fc:50:5d:a0:07:de:d1:7d:53:e6:c2:53: 46:1f:f2:af:09:d8:f5:4b:75:83:41:53:97:9c:ab: 28:7f:a1:b5:7b:b7:a3:40:ab:55:6a:f9:af:db:2a: 55:79:43:5b:95:7a:55:3f:1b:de:d0:65:09:20:c3: c4:a3:e0:5c:e6:47:67:bd:fc:27:2e:3b:33:d6:61: 3b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:76:19:01:38:87:15:2F:D1:D5:9C:B5:0F:F8:35:67:F9:39:93:2E X509v3 Authority Key Identifier: keyid:BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:5e:66:5b:8e:1b:ae:3c:12:c2:4c:43:9b:38:5f:25:a8:d2: 11:a7:d2:92:d7:ba:50:72:6a:40:31:7e:d6:6f:f2:0a:14:c2: d7:6b:7c:b1:4d:cc:bd:68:a8:bd:6c:44:ae:83:0c:f6:11:c4: 3e:79:4c:79:2d:4b:83:39:97:f1:c7:20:c3:01:9f:70:02:ce: d8:88:ce:7d:0a:57:21:bf:14:71:e6:3f:c0:2a:d5:9c:72:cd: 44:ac:31:8f:38:10:b5:d6:ff:31:6b:48:81:8c:5c:df:a9:8a: cd:12:72:f9:b1:98:3a:8e:dc:7e:5c:4b:ba:45:e6:93:af:41: a4:bf:4d:1b:07:a4:c3:49:53:2e:aa:ab:bd:29:3b:c9:3d:a2: a6:05:18:4d:56:64:97:6a:e0:c2:6d:a8:ee:22:16:97:20:34: 7c:da:33:e0:07:c2:3c:0c:57:03:4b:7a:20:6e:f0:5c:6d:30: 54:3e:3c:a8:bf:55:44:85:66:8c:93:b8:c5:35:ef:9c:78:d6: aa:66:b0:01:5f:da:73:96:33:fa:ca:71:28:8a:36:18:6d:b8: 10:d4:3c:31:2f:8e:52:8f:6c:ae:e5:80:dc:b5:ee:0f:e8:e4: d6:e8:f5:a7:29:ce:38:68:84:1d:af:be:cf:57:c9:1c:bb:f9: e5:13:95:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/ERZ6KONKZ+zCVY8aOi30MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOWVmY2E4NmRlYTcwZDNlZTkwMTgxNjc4YzhlYjMwZTY5 MTZkMWQwHhcNMjUxMjIxMDQwMDQyWhcNMjUxMjIyMDQwMDQyWjAzMTEwLwYDVQQD EyhmOTc2MTkwMTM4ODcxNTJmZDFkNTljYjUwZmY4MzU2N2Y5Mzk5MzJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PET1sSoxNxvfOSvfXA6hpdQrhvm Kc3SjP3Oh0MHk3hKE3ol8JUwimCB4jXmrN8A3RS3DoWleGblYOKYXXzbxbjd11s9 EHMd4k8sDd3/74OzaK+HU4HL89qogVdfJTMoL3dAR4gV9FAjpUZrQfJdSGATjbDI /2gY19PXNFwsXmVba17Sb/5OSz8d7hRzFpFd+RHgHDHwYDfEl9TVyclZnAATx2jE OYHPwK11tJ7hhTQFZdKrCpP8UF2gB97RfVPmwlNGH/KvCdj1S3WDQVOXnKsof6G1 e7ejQKtVavmv2ypVeUNblXpVPxve0GUJIMPEo+Bc5kdnvfwnLjsz1mE7QQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPl2GQE4hxUv0dWctQ/4NWf5OZMuMB8GA1UdIwQY MBaAFLqe/Kht6nDT7pAYFnjI6zDmkW0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgt MTdkMzFkZWU4ZTEyLzEvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgtMTdkMzFkZWU4ZTEy LzEvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACV5mW44b rjwSwkxDmzhfJajSEafSkte6UHJqQDF+1m/yChTC12t8sU3MvWiovWxEroMM9hHE PnlMeS1LgzmX8ccgwwGfcALO2IjOfQpXIb8UceY/wCrVnHLNRKwxjzgQtdb/MWtI gYxc36mKzRJy+bGYOo7cflxLukXmk69BpL9NGwekw0lTLqqrvSk7yT2ipgUYTVZk l2rgwm2o7iIWlyA0fNoz4AfCPAxXA0t6IG7wXG0wVD48qL9VRIVmjJO4xTXvnHjW qmawAV/ac5Yz+spxKIo2GG24ENQ8MS+OUo9sruWA3LXuD+jk1uj1pynOOGiEHa++ z1fJHLv55ROVHw== -----END CERTIFICATE-----Generated at Sun Dec 21 08:20:29 2025 by rpki-client