This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft File: ufdKR6bRoL9MIW5fq02R-xKd89Y.mft (raw, json) Hash identifier: +fOByIM8NZQnmfa1NjrTEVZAD4I6Mq4H0cY9GYPtPx0= Subject key identifier: BD:D6:76:24:15:41:D3:39:68:BA:29:6A:57:9D:35:30:F5:FF:81:53 Authority key identifier: B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 Certificate issuer: /CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Certificate serial: 019B51BC70D6F99A48E96BF58DF05A594345 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft Manifest number: 0CC9 Signing time: Wed 24 Dec 2025 19:01:02 +0000 Manifest this update: Wed 24 Dec 2025 19:01:02 +0000 Manifest next update: Thu 25 Dec 2025 19:01:02 +0000 Files and hashes: 1: 5AZ3tR0kmtggSX8GQL0nk_9vkNM.roa (hash: o7jn9b/bWLBA/ntIWwkYzFbMhpkdc8Mhco9rAn9gsO0=) 2: ufdKR6bRoL9MIW5fq02R-xKd89Y.crl (hash: T5YO6/1ds8MTVxowI2izVaSuqnhFPCTvMgYuuL1OLzw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:70:d6:f9:9a:48:e9:6b:f5:8d:f0:5a:59:43:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f74a47a6d1a0bf4c216e5fab4d91fb129df3d6 Validity Not Before: Dec 24 19:01:02 2025 GMT Not After : Dec 25 19:01:02 2025 GMT Subject: CN=bdd676241541d33968ba296a579d3530f5ff8153 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d7:5f:87:d7:9b:d8:04:b1:6e:dd:fc:c9:da: 27:7a:4c:b6:24:64:df:32:f6:c1:90:21:69:a5:e7: da:b9:ac:7b:59:18:37:64:d8:69:9e:09:55:8e:a7: 6b:9f:5c:9a:c6:0b:94:cb:d4:2d:98:70:95:ea:04: f9:00:60:af:88:38:4e:1a:cb:d6:33:f4:a5:24:c3: 3f:61:44:06:47:0e:91:ee:37:66:eb:d6:4a:76:ee: 65:11:60:b3:83:4b:a3:f4:ff:44:5b:ea:cc:57:53: c6:f0:75:ee:5c:67:3b:95:f6:1b:dd:a3:29:67:ea: ff:b4:5f:b4:04:8a:5b:58:08:b0:3c:f9:17:9f:9c: f3:ef:17:fd:88:82:79:6f:db:af:3c:09:58:0f:2c: 2f:93:ab:aa:66:22:3b:63:55:03:53:a3:4e:43:dd: 8b:dc:d6:94:e3:c1:61:a5:87:9b:b8:9a:f1:e8:97: 43:6e:8a:ff:a9:0b:03:ca:da:2d:5c:76:44:66:e1: 15:50:8c:8e:31:dd:75:58:42:14:e4:17:bd:a4:de: 90:fb:58:0a:76:aa:67:f3:f8:43:d3:fa:49:11:ac: 8c:80:81:73:65:64:c5:c1:af:72:9d:8c:55:25:26: 24:70:b4:9f:e1:12:53:23:39:17:60:94:3b:4a:57: 03:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:D6:76:24:15:41:D3:39:68:BA:29:6A:57:9D:35:30:F5:FF:81:53 X509v3 Authority Key Identifier: keyid:B9:F7:4A:47:A6:D1:A0:BF:4C:21:6E:5F:AB:4D:91:FB:12:9D:F3:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdKR6bRoL9MIW5fq02R-xKd89Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/24a0bd-0838-4c95-9ccd-30f608ade48d/1/ufdKR6bRoL9MIW5fq02R-xKd89Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:39:37:c8:ea:fb:a4:9a:51:d3:7e:32:3a:49:36:5a:c4:f9: 8a:05:d2:4f:e7:fa:79:cb:39:cb:03:6c:ce:62:53:80:8a:50: 60:08:af:8d:f2:a8:90:51:a6:87:2e:e9:d0:68:83:9f:52:13: f0:32:ec:a0:d3:1c:94:21:ed:16:ee:6d:c6:3b:d9:0c:d2:a5: c4:8a:78:d2:7f:05:cc:77:7f:79:0d:fa:91:58:bb:c0:e8:1b: 4c:2a:ef:6b:f9:8d:d3:7b:aa:55:b9:02:4c:d2:3f:8a:c0:11: ee:ab:04:09:5f:ed:ba:03:c0:b2:a4:c9:16:4d:47:20:12:a1: 4b:39:a7:d1:37:09:16:d7:c4:70:5f:ea:8b:a8:d2:5c:d7:06: 00:45:83:c4:a7:3d:0b:69:09:c0:91:a7:b7:3e:e7:42:47:36: 8b:9a:81:99:1f:c9:32:0d:1f:a9:bb:0a:aa:b8:4d:c0:fb:84: cd:ac:07:ca:f6:c0:4d:53:27:f5:8c:8d:e0:3a:16:1f:06:c3: 4b:41:9a:40:ab:2c:bb:16:d9:b4:db:2a:d5:55:d6:76:18:f4: ac:81:0d:8c:fa:a9:a9:9b:69:57:a9:e9:53:02:de:70:fe:af: b8:d9:db:83:9a:48:75:be:fa:27:88:5b:1a:7a:4a:8d:90:59: 44:a8:01:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvHDW+ZpI6Wv1jfBaWUNFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5Zjc0YTQ3YTZkMWEwYmY0YzIxNmU1ZmFiNGQ5MWZiMTI5 ZGYzZDYwHhcNMjUxMjI0MTkwMTAyWhcNMjUxMjI1MTkwMTAyWjAzMTEwLwYDVQQD EyhiZGQ2NzYyNDE1NDFkMzM5NjhiYTI5NmE1NzlkMzUzMGY1ZmY4MTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9dfh9eb2ASxbt38ydoneky2JGTf MvbBkCFppefauax7WRg3ZNhpnglVjqdrn1yaxguUy9QtmHCV6gT5AGCviDhOGsvW M/SlJMM/YUQGRw6R7jdm69ZKdu5lEWCzg0uj9P9EW+rMV1PG8HXuXGc7lfYb3aMp Z+r/tF+0BIpbWAiwPPkXn5zz7xf9iIJ5b9uvPAlYDywvk6uqZiI7Y1UDU6NOQ92L 3NaU48FhpYebuJrx6JdDbor/qQsDytotXHZEZuEVUIyOMd11WEIU5Be9pN6Q+1gK dqpn8/hD0/pJEayMgIFzZWTFwa9ynYxVJSYkcLSf4RJTIzkXYJQ7SlcDKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL3WdiQVQdM5aLopaledNTD1/4FTMB8GA1UdIwQY MBaAFLn3Skem0aC/TCFuX6tNkfsSnfPWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2Qt MzBmNjA4YWRlNDhkLzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8yNGEwYmQtMDgzOC00Yzk1LTljY2QtMzBmNjA4YWRlNDhk LzEvdWZkS1I2YlJvTDlNSVc1ZnEwMlIteEtkODlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTk3yOr7 pJpR034yOkk2WsT5igXST+f6ecs5ywNszmJTgIpQYAivjfKokFGmhy7p0GiDn1IT 8DLsoNMclCHtFu5txjvZDNKlxIp40n8FzHd/eQ36kVi7wOgbTCrva/mN03uqVbkC TNI/isAR7qsECV/tugPAsqTJFk1HIBKhSzmn0TcJFtfEcF/qi6jSXNcGAEWDxKc9 C2kJwJGntz7nQkc2i5qBmR/JMg0fqbsKqrhNwPuEzawHyvbATVMn9YyN4DoWHwbD S0GaQKssuxbZtNsq1VXWdhj0rIENjPqpqZtpV6npUwLecP6vuNnbg5pIdb76J4hb GnpKjZBZRKgBFg== -----END CERTIFICATE-----Generated at Wed Dec 24 23:26:55 2025 by rpki-client