This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json) Hash identifier: m1vCSzV+5K+0yz7WIhZgk+Xwx5MQM1KQh8h5TZUw9m4= Subject key identifier: 6C:D5:67:E8:F4:2B:61:A5:AF:42:04:AE:AD:66:3D:85:F8:B1:BB:4B Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Certificate serial: 019B32D5F93DC931AA8B2411D4A939350B5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft Manifest number: 0CB9 Signing time: Thu 18 Dec 2025 19:00:42 +0000 Manifest this update: Thu 18 Dec 2025 19:00:42 +0000 Manifest next update: Fri 19 Dec 2025 19:00:42 +0000 Files and hashes: 1: 5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa (hash: o7jn9b/bWLBA/ntIWwkYzFbMhpkdc8Mhco9rAn9gsO0=) 2: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: zKYd3/ElZqsW0s3YUO6i7QyYI0CpGpnkVZ6RPpH+cUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:f9:3d:c9:31:aa:8b:24:11:d4:a9:39:35:0b:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Validity Not Before: Dec 18 19:00:42 2025 GMT Not After : Dec 19 19:00:42 2025 GMT Subject: CN=6cd567e8f42b61a5af4204aead663d85f8b1bb4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e9:d9:5f:d6:e0:d5:39:c3:80:d1:5d:7f:7a: e1:4b:fb:26:af:fd:ec:78:9a:b2:5e:a9:3b:2d:fc: b6:91:ab:28:f0:6c:ea:c7:39:b2:87:c7:7e:53:1b: 0a:6d:86:a3:fe:d9:4c:86:7d:63:6a:df:68:dc:29: 3a:aa:0e:c4:b6:48:2d:b9:83:c1:a3:4d:72:a5:78: 26:0e:22:7b:38:8b:ad:ff:7e:6f:32:20:8c:69:04: 23:0f:61:4e:da:e9:6a:62:d1:cb:77:e0:47:08:b3: 1d:f5:08:14:9b:d7:17:15:43:b2:62:3b:ce:c6:6c: 86:04:3d:17:67:58:2f:d9:36:ab:3c:fc:52:a5:3c: 7b:5a:9e:c5:c4:78:9a:63:53:ec:e3:9f:17:97:80: bb:73:6b:95:e0:bf:8d:66:7d:b2:3b:f1:5c:f9:d5: 26:8b:51:56:3f:79:de:40:e4:d1:4f:88:f7:b8:01: 51:b4:ed:78:98:9d:7f:ea:90:93:c6:76:b2:7d:25: 7d:93:e9:10:cc:9e:97:2f:1f:50:b5:43:c1:c2:81: d5:95:ed:ef:d4:6d:d6:32:d8:ad:87:32:86:eb:01: d5:55:9e:01:61:5a:60:0d:61:5a:ca:06:36:8d:8c: c0:ed:e0:c2:d4:f7:c2:4a:a8:bd:d4:c3:9c:66:d9: f8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:D5:67:E8:F4:2B:61:A5:AF:42:04:AE:AD:66:3D:85:F8:B1:BB:4B X509v3 Authority Key Identifier: keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:4b:72:2d:c3:b4:50:3b:86:4f:19:b9:fb:4f:10:39:90:e8: 65:fc:b5:c6:58:3e:f8:77:9f:e6:8b:3f:5d:5d:cb:14:84:4a: 6e:4c:f7:42:95:28:aa:a5:1c:c7:26:b9:6b:82:ad:34:08:55: db:75:1e:ad:d6:3b:b0:9b:40:ba:48:3d:bb:0f:67:3c:f0:7c: 3a:52:d9:78:b3:86:c4:3a:fd:4c:cf:6e:49:0d:1a:8f:6b:0c: 59:7d:2f:34:77:d5:af:7c:de:8e:96:d7:8d:0f:9f:04:94:60: dc:1a:de:58:06:4e:7f:7e:31:a5:bc:af:27:3d:7a:b7:0f:d3: c6:63:66:1c:0e:ae:d2:f2:06:36:cc:ef:50:7f:b3:3d:d3:90: cd:5e:ea:e5:1e:a7:59:13:18:31:fd:1b:4c:51:11:aa:d4:9b: b5:06:7f:41:e3:d5:62:b9:d9:d9:69:1b:f4:e9:8f:e9:fa:66: 62:93:f5:85:49:d0:12:9f:e4:01:20:da:0a:4c:3f:e8:59:c2: e3:8f:6b:76:64:c9:e5:1c:fa:db:d0:db:65:b0:06:86:30:42: 2c:60:f1:d1:9f:4d:03:7e:79:4b:f7:8c:58:71:9b:3e:d3:f1: 45:16:7b:72:f4:c8:b0:75:0f:2e:7c:c3:1b:24:2c:ae:d3:88: e5:83:ff:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1fk9yTGqiyQR1Kk5NQtfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5 ZGYzZDYwHhcNMjUxMjE4MTkwMDQyWhcNMjUxMjE5MTkwMDQyWjAzMTEwLwYDVQQD Eyg2Y2Q1NjdlOGY0MmI2MWE1YWY0MjA0YWVhZDY2M2Q4NWY4YjFiYjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsunZX9bg1TnDgNFdf3rhS/smr/3s eJqyXqk7Lfy2kaso8Gzqxzmyh8d+UxsKbYaj/tlMhn1jat9o3Ck6qg7EtkgtuYPB o01ypXgmDiJ7OIut/35vMiCMaQQjD2FO2ulqYtHLd+BHCLMd9QgUm9cXFUOyYjvO xmyGBD0XZ1gv2TarPPxSpTx7Wp7FxHiaY1Ps458Xl4C7c2uV4L+NZn2yO/Fc+dUm i1FWP3neQOTRT4j3uAFRtO14mJ1/6pCTxnayfSV9k+kQzJ6XLx9QtUPBwoHVle3v 1G3WMtithzKG6wHVVZ4BYVpgDWFaygY2jYzA7eDC1PfCSqi91MOcZtn4GQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGzVZ+j0K2Glr0IErq1mPYX4sbtLMB8GA1UdIwQY MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWktyLcO0 UDuGTxm5+08QOZDoZfy1xlg++Hef5os/XV3LFIRKbkz3QpUoqqUcxya5a4KtNAhV 23UerdY7sJtAukg9uw9nPPB8OlLZeLOGxDr9TM9uSQ0aj2sMWX0vNHfVr3zejpbX jQ+fBJRg3BreWAZOf34xpbyvJz16tw/TxmNmHA6u0vIGNszvUH+zPdOQzV7q5R6n WRMYMf0bTFERqtSbtQZ/QePVYrnZ2Wkb9OmP6fpmYpP1hUnQEp/kASDaCkw/6FnC 449rdmTJ5Rz629DbZbAGhjBCLGDx0Z9NA355S/eMWHGbPtPxRRZ7cvTIsHUPLnzD GyQsrtOI5YP/4w== -----END CERTIFICATE-----Generated at Fri Dec 19 01:24:56 2025 by rpki-client