This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft File: USGZZlSgu08AhYxAKoILtkvglUc.mft (raw, json) Hash identifier: 9dF+4ttS5VJ02jBsLLNqWQQ5dba3dYI88WcN9m4kwsI= Subject key identifier: 01:A3:A1:C6:20:98:D7:83:C8:01:79:E7:87:7A:6B:0E:4B:34:89:EC Authority key identifier: 51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47 Certificate issuer: /CN=5121996654a0bb4f00858c402a820bb64be09547 Certificate serial: 019B6AD82425C86AFE3C857A1A771F952223 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft Manifest number: 0A1F Signing time: Mon 29 Dec 2025 16:01:48 +0000 Manifest this update: Mon 29 Dec 2025 16:01:48 +0000 Manifest next update: Tue 30 Dec 2025 16:01:48 +0000 Files and hashes: 1: USGZZlSgu08AhYxAKoILtkvglUc.crl (hash: S3A1KBWP5DtXbs5SPeR/fcxq9ZqmfK8Z8TsNKN/+Y0Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d8:24:25:c8:6a:fe:3c:85:7a:1a:77:1f:95:22:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5121996654a0bb4f00858c402a820bb64be09547 Validity Not Before: Dec 29 16:01:48 2025 GMT Not After : Dec 30 16:01:48 2025 GMT Subject: CN=01a3a1c62098d783c80179e7877a6b0e4b3489ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:96:26:87:66:43:30:50:5f:b0:d4:69:ab:a1: 1c:af:45:99:8d:4b:4e:34:23:a1:32:b6:a3:fb:0b: 47:b4:d6:14:32:a4:13:2d:69:99:88:71:be:81:de: be:65:7a:3a:1e:e7:00:8d:bb:f5:5c:a6:a8:1d:20: 7a:62:c8:f3:db:49:1f:fe:41:9f:85:c2:3e:2f:c4: 7a:2e:7f:49:d7:e3:8f:9e:8f:d5:61:d6:43:46:30: 11:01:14:88:41:f5:6f:ef:d4:c5:1a:50:8e:00:b4: 6d:96:a7:60:e4:9f:a6:eb:34:89:f5:53:37:5b:79: 7a:b3:1b:70:1b:01:40:c3:27:f3:ac:43:f8:2b:7c: 7b:15:89:fe:2c:13:0f:9a:ed:7d:ff:fc:c0:46:a7: ea:50:fb:fe:df:33:21:b5:28:fb:a1:8c:37:86:93: 56:2d:12:66:a2:0e:4f:76:77:49:f2:cb:6d:03:3e: b8:5c:6d:38:2d:7a:03:a8:34:d7:23:68:11:c8:a6: 0c:26:12:11:03:ce:17:58:60:56:c0:e4:53:2e:ca: 4f:ba:09:15:24:f5:0d:19:5a:d1:2c:c6:dc:6c:c2: 29:9d:46:31:63:ad:6a:a9:c1:d8:d2:dd:69:16:de: 20:de:59:78:d2:a5:54:96:04:10:52:46:31:73:19: 1f:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:A3:A1:C6:20:98:D7:83:C8:01:79:E7:87:7A:6B:0E:4B:34:89:EC X509v3 Authority Key Identifier: keyid:51:21:99:66:54:A0:BB:4F:00:85:8C:40:2A:82:0B:B6:4B:E0:95:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USGZZlSgu08AhYxAKoILtkvglUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/351efb-ac27-4957-b896-93b79beccc53/1/USGZZlSgu08AhYxAKoILtkvglUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:6c:29:1b:7c:8e:a8:ed:72:b0:d5:d3:dd:cb:71:02:a1:83: 7d:78:c5:b0:8b:8a:79:02:a0:5a:94:58:42:53:f7:1d:d6:21: f5:82:f2:5a:84:93:7b:12:a6:87:e4:2e:0d:c9:28:06:55:8f: 15:b5:3e:02:47:9a:fa:f3:d9:d1:e5:69:73:f2:22:76:4f:9f: b0:57:e7:7c:0b:87:b2:33:35:63:d5:a0:47:ff:c4:dd:22:b4: 46:c6:18:dc:ef:02:28:00:9d:ce:6d:4d:36:bc:e1:92:fa:cc: 3f:b6:46:13:63:85:05:fb:b2:11:b0:9a:7c:13:83:6c:f0:90: 34:5a:e1:50:c9:41:18:50:3b:6d:fe:48:f0:56:be:5c:4e:d3: 2a:d3:c0:31:ef:49:4b:62:79:01:8b:22:c9:d6:7c:63:9c:f8: fe:55:f4:a0:62:c4:3d:f1:20:fc:ed:55:0b:bf:77:0a:11:eb: 91:d9:c5:52:5f:83:05:c2:ef:1c:ce:1c:ec:86:77:0d:29:f4: 7f:20:9b:3d:0d:fb:98:e6:fb:a5:81:0a:96:7b:fb:09:11:5b: 3a:27:9b:36:a3:11:d9:e2:a4:2e:b4:da:42:bb:90:57:79:58: d7:e0:86:e4:12:7a:4c:77:ad:13:c4:4a:88:4b:13:e2:bc:1c: 0f:67:59:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq2CQlyGr+PIV6GncflSIjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMjE5OTY2NTRhMGJiNGYwMDg1OGM0MDJhODIwYmI2NGJl MDk1NDcwHhcNMjUxMjI5MTYwMTQ4WhcNMjUxMjMwMTYwMTQ4WjAzMTEwLwYDVQQD EygwMWEzYTFjNjIwOThkNzgzYzgwMTc5ZTc4NzdhNmIwZTRiMzQ4OWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpYmh2ZDMFBfsNRpq6Ecr0WZjUtO NCOhMraj+wtHtNYUMqQTLWmZiHG+gd6+ZXo6HucAjbv1XKaoHSB6Ysjz20kf/kGf hcI+L8R6Ln9J1+OPno/VYdZDRjARARSIQfVv79TFGlCOALRtlqdg5J+m6zSJ9VM3 W3l6sxtwGwFAwyfzrEP4K3x7FYn+LBMPmu19//zARqfqUPv+3zMhtSj7oYw3hpNW LRJmog5PdndJ8sttAz64XG04LXoDqDTXI2gRyKYMJhIRA84XWGBWwORTLspPugkV JPUNGVrRLMbcbMIpnUYxY61qqcHY0t1pFt4g3ll40qVUlgQQUkYxcxkfmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAGjocYgmNeDyAF554d6aw5LNInsMB8GA1UdIwQY MBaAFFEhmWZUoLtPAIWMQCqCC7ZL4JVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYt OTNiNzliZWNjYzUzLzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8zNTFlZmItYWMyNy00OTU3LWI4OTYtOTNiNzliZWNjYzUz LzEvVVNHWlpsU2d1MDhBaFl4QUtvSUx0a3ZnbFVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmwpG3yO qO1ysNXT3ctxAqGDfXjFsIuKeQKgWpRYQlP3HdYh9YLyWoSTexKmh+QuDckoBlWP FbU+Akea+vPZ0eVpc/Iidk+fsFfnfAuHsjM1Y9WgR//E3SK0RsYY3O8CKACdzm1N NrzhkvrMP7ZGE2OFBfuyEbCafBODbPCQNFrhUMlBGFA7bf5I8Fa+XE7TKtPAMe9J S2J5AYsiydZ8Y5z4/lX0oGLEPfEg/O1VC793ChHrkdnFUl+DBcLvHM4c7IZ3DSn0 fyCbPQ37mOb7pYEKlnv7CRFbOiebNqMR2eKkLrTaQruQV3lY1+CG5BJ6THetE8RK iEsT4rwcD2dZ+w== -----END CERTIFICATE-----Generated at Tue Dec 30 00:21:31 2025 by rpki-client