This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft File: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json) Hash identifier: 3Cv5wo9wpW6NYzouWBLuecDPqm8DwMXFwlcJx6uKY4I= Subject key identifier: 89:9B:CC:46:F6:63:3E:8C:A6:76:F4:B1:C9:91:21:10:8D:F7:63:F1 Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6 Certificate issuer: /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6 Certificate serial: 019B44DD317ADA55B2D1199401FC80D3AAD1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft Manifest number: 14AF Signing time: Mon 22 Dec 2025 07:01:45 +0000 Manifest this update: Mon 22 Dec 2025 07:01:45 +0000 Manifest next update: Tue 23 Dec 2025 07:01:45 +0000 Files and hashes: 1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: r2Shv4nlW6zke3IerKCJ/p/7YlV6OvRJzJHGBNeqY4E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 07:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:dd:31:7a:da:55:b2:d1:19:94:01:fc:80:d3:aa:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6 Validity Not Before: Dec 22 07:01:45 2025 GMT Not After : Dec 23 07:01:45 2025 GMT Subject: CN=899bcc46f6633e8ca676f4b1c99121108df763f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:06:48:91:2a:9b:a3:18:a0:a1:31:0f:4f:9b: 15:ad:20:a6:15:02:58:a5:26:9d:f2:86:9d:93:a1: 6c:72:6e:6d:04:73:dc:f9:8a:e6:fb:d8:89:12:ae: 36:d1:3b:0c:9f:dc:dc:1e:f8:b5:17:7a:fa:02:fb: bc:5a:54:6a:43:cd:d6:7e:ab:5e:02:af:16:54:8c: 33:31:7f:07:74:1a:14:1a:af:58:d8:95:1d:ee:e3: f8:48:49:a9:30:8f:1e:ce:ae:e5:c8:94:6f:df:43: 00:be:de:45:ba:d7:93:58:3b:e1:b2:c9:28:7d:ff: e6:57:e1:33:d9:fb:aa:9f:51:e6:07:76:08:f6:c6: 24:00:8e:e0:19:f1:5f:b8:70:82:ad:9a:2c:a5:86: d8:0b:91:fe:25:b0:bf:8a:e0:6e:09:73:39:55:6e: 03:f6:0d:42:d0:36:a3:e7:e2:52:c0:81:e8:1e:11: 2f:44:54:b9:14:e6:f5:f9:00:8b:ff:00:9d:7d:76: 80:cb:a5:b5:23:e1:19:db:0e:5c:6a:9a:df:d4:73: b8:5d:1d:68:b2:e7:2c:01:e5:1a:39:e8:b3:bc:30: aa:40:a1:d4:04:6c:cf:01:e2:33:4e:5e:16:d7:af: 04:35:c8:99:ba:5e:a0:d5:08:09:fa:c1:60:21:4e: be:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9B:CC:46:F6:63:3E:8C:A6:76:F4:B1:C9:91:21:10:8D:F7:63:F1 X509v3 Authority Key Identifier: keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:0f:dc:a2:7a:70:a6:da:29:30:32:4c:17:6c:f9:04:37:f4: 94:39:e8:49:0e:74:18:33:81:a4:57:29:57:c4:17:45:eb:48: 9e:d6:d9:2c:0c:e0:a5:17:73:4e:de:b3:c3:97:05:96:18:9b: 03:d6:c1:79:a9:ed:3a:47:91:a0:74:bf:a8:bf:bc:a1:f1:0e: 4e:d6:eb:3b:d6:3b:c1:50:fa:61:c0:20:92:c0:96:b9:ce:7b: e0:ed:0a:e2:23:a2:3e:85:fa:14:d1:29:c8:e1:c7:89:6f:c1: cd:95:ba:9c:14:e8:15:d3:23:40:62:cd:c3:39:df:ee:01:34: 70:52:f2:a6:5f:9e:9c:1c:b5:e8:b3:11:14:a2:c4:e2:25:49: 73:a1:29:3b:91:6b:e4:04:fe:ce:4f:d9:5b:0b:37:cd:c8:63: 0f:50:81:32:9c:76:6b:74:b6:4b:61:8e:80:81:46:da:24:4b: bd:6f:bf:a9:23:59:ba:89:6f:47:b7:24:b6:23:0f:e5:a9:fd: 6a:f4:5c:42:eb:52:14:da:98:fd:30:3f:82:47:76:7f:9b:49: c4:3c:6a:93:3d:a3:b2:28:44:3c:ab:91:33:47:d8:b7:95:c8: f2:cd:59:46:df:57:cb:e3:80:1e:28:97:c8:65:4a:2f:45:7e: 9a:29:66:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtE3TF62lWy0RmUAfyA06rRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5 ZDk3YjYwHhcNMjUxMjIyMDcwMTQ1WhcNMjUxMjIzMDcwMTQ1WjAzMTEwLwYDVQQD Eyg4OTliY2M0NmY2NjMzZThjYTY3NmY0YjFjOTkxMjExMDhkZjc2M2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwZIkSqboxigoTEPT5sVrSCmFQJY pSad8oadk6Fscm5tBHPc+Yrm+9iJEq420TsMn9zcHvi1F3r6Avu8WlRqQ83Wfqte Aq8WVIwzMX8HdBoUGq9Y2JUd7uP4SEmpMI8ezq7lyJRv30MAvt5FuteTWDvhssko ff/mV+Ez2fuqn1HmB3YI9sYkAI7gGfFfuHCCrZospYbYC5H+JbC/iuBuCXM5VW4D 9g1C0Daj5+JSwIHoHhEvRFS5FOb1+QCL/wCdfXaAy6W1I+EZ2w5caprf1HO4XR1o sucsAeUaOeizvDCqQKHUBGzPAeIzTl4W168ENciZul6g1QgJ+sFgIU6+LwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFImbzEb2Yz6Mpnb0scmRIRCN92PxMB8GA1UdIwQY MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYw/conpw ptopMDJMF2z5BDf0lDnoSQ50GDOBpFcpV8QXRetIntbZLAzgpRdzTt6zw5cFlhib A9bBeantOkeRoHS/qL+8ofEOTtbrO9Y7wVD6YcAgksCWuc574O0K4iOiPoX6FNEp yOHHiW/BzZW6nBToFdMjQGLNwznf7gE0cFLypl+enBy16LMRFKLE4iVJc6EpO5Fr 5AT+zk/ZWws3zchjD1CBMpx2a3S2S2GOgIFG2iRLvW+/qSNZuolvR7cktiMP5an9 avRcQutSFNqY/TA/gkd2f5tJxDxqkz2jsihEPKuRM0fYt5XI8s1ZRt9Xy+OAHiiX yGVKL0V+milmCw== -----END CERTIFICATE-----Generated at Mon Dec 22 13:55:23 2025 by rpki-client