This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.mft File: U1ULI4LgD6ffGU5khf4UJYNiE_8.mft (raw, json) Hash identifier: CYWEMHurMiSe8GFkAQustfZP0wZA3UFIItt8pakVXrI= Subject key identifier: BF:14:5E:A6:FC:2F:CB:D1:03:1B:A0:84:AB:17:24:63:9E:9F:BC:48 Authority key identifier: 53:55:0B:23:82:E0:0F:A7:DF:19:4E:64:85:FE:14:25:83:62:13:FF Certificate issuer: /CN=53550b2382e00fa7df194e6485fe1425836213ff Certificate serial: 019B6F22324251ECF30A06BD96D515D6A8B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1ULI4LgD6ffGU5khf4UJYNiE_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.mft Manifest number: 0F3E Signing time: Tue 30 Dec 2025 12:01:10 +0000 Manifest this update: Tue 30 Dec 2025 12:01:10 +0000 Manifest next update: Wed 31 Dec 2025 12:01:10 +0000 Files and hashes: 1: U1ULI4LgD6ffGU5khf4UJYNiE_8.crl (hash: sf6VFvdhMd+qu2PKP0khdHaKSyszmarkm8pWOOo+6bs=) 2: tcKM3LiJKMuWLZy1f452bVGFzLo.roa (hash: Hc3Ss3dEDIlpXBd/8jjQQ9tabdB4wxFhy4soszLApwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.mft rsync://rpki.ripe.net/repository/DEFAULT/U1ULI4LgD6ffGU5khf4UJYNiE_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 12:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6f:22:32:42:51:ec:f3:0a:06:bd:96:d5:15:d6:a8:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53550b2382e00fa7df194e6485fe1425836213ff Validity Not Before: Dec 30 12:01:10 2025 GMT Not After : Dec 31 12:01:10 2025 GMT Subject: CN=bf145ea6fc2fcbd1031ba084ab1724639e9fbc48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:c9:6c:f6:2b:1c:a6:69:33:4f:f5:a4:e1:8f: 53:80:b2:06:fa:c8:43:32:4a:d9:b0:2e:12:05:54: f6:c0:cf:f1:13:6b:30:ae:1f:1e:6c:80:15:46:f3: 28:84:97:9e:cd:54:29:fd:94:a2:c8:05:35:78:01: 13:db:d3:ce:d9:9f:e7:dc:0a:33:52:da:c3:d7:ff: 92:d6:aa:6d:18:7c:25:4b:0b:40:ea:7a:e2:da:9e: 29:aa:6a:7a:67:33:13:9c:c2:c5:7f:50:d2:90:ae: 0f:06:ac:48:67:c9:2b:1b:ea:07:1a:c1:cc:a8:dc: d1:ae:84:75:0c:31:18:3c:1d:54:eb:4f:85:3b:bc: 48:a4:ab:f3:61:87:9f:f4:d8:30:91:cd:3f:95:40: ad:61:0b:b9:84:0f:6f:02:17:f3:56:28:76:c0:1f: d5:0d:61:5a:66:0e:71:c5:e0:bc:10:2a:ad:04:d7: 13:bb:3f:af:d0:1d:c9:3c:8b:62:4b:ea:26:73:58: 3c:d6:aa:d9:8b:b6:fc:d2:5b:86:2a:81:ee:69:41: f7:17:35:c3:c8:32:e6:75:5a:88:61:fc:07:1c:47: 3b:af:37:93:de:70:4b:47:54:0c:11:dd:6b:e7:12: eb:64:d3:2a:4b:fb:29:12:83:d9:bc:1a:df:6e:c4: ae:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:14:5E:A6:FC:2F:CB:D1:03:1B:A0:84:AB:17:24:63:9E:9F:BC:48 X509v3 Authority Key Identifier: keyid:53:55:0B:23:82:E0:0F:A7:DF:19:4E:64:85:FE:14:25:83:62:13:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1ULI4LgD6ffGU5khf4UJYNiE_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c5bb6b-6425-453a-b942-89c53d630765/1/U1ULI4LgD6ffGU5khf4UJYNiE_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:8c:b9:66:de:76:51:a8:20:13:f4:b4:1d:8c:81:a8:25:35: a9:ad:70:dc:47:c8:43:04:d3:e1:f6:41:35:bf:da:a6:db:9d: be:f2:c4:e0:9d:d6:5d:7a:5e:41:25:df:06:27:f8:67:a0:9e: 3e:bf:a0:c2:cc:e8:ab:cd:34:76:1c:37:40:87:f6:f0:40:b2: 8a:a5:e5:9c:d7:27:63:ae:56:ae:49:6c:c8:f8:4a:a2:60:90: 71:3d:7b:b6:b3:54:25:c6:40:89:ab:da:1c:f6:ac:5d:95:2e: d2:f4:82:04:f8:c6:c0:f0:a0:0d:dc:c6:3c:d0:ce:38:50:5b: d1:93:7b:c5:d8:09:96:c1:95:e5:45:cd:83:e3:58:ae:81:f4: 11:e8:63:73:01:08:28:9e:41:7e:aa:ac:c6:a2:c5:d5:a8:a2: 6c:55:e0:b0:de:e9:e2:76:04:c4:85:4d:07:23:4b:9c:25:6e: 17:69:36:d9:39:34:06:d4:ea:84:e3:40:c1:b7:21:d0:9e:fa: cf:58:b4:01:2b:d4:b9:c6:64:42:a9:9b:cb:f4:c2:c1:e4:2c: ba:f9:8c:32:6c:d5:f5:e4:d3:c2:da:c1:a3:b5:9e:20:d9:21: a1:72:7c:05:3a:50:12:e9:2f:35:8e:69:d2:2a:7f:ad:c9:da: 7f:1f:9b:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtvIjJCUezzCga9ltUV1qizMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNTUwYjIzODJlMDBmYTdkZjE5NGU2NDg1ZmUxNDI1ODM2 MjEzZmYwHhcNMjUxMjMwMTIwMTEwWhcNMjUxMjMxMTIwMTEwWjAzMTEwLwYDVQQD EyhiZjE0NWVhNmZjMmZjYmQxMDMxYmEwODRhYjE3MjQ2MzllOWZiYzQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosls9iscpmkzT/Wk4Y9TgLIG+shD MkrZsC4SBVT2wM/xE2swrh8ebIAVRvMohJeezVQp/ZSiyAU1eAET29PO2Z/n3Aoz UtrD1/+S1qptGHwlSwtA6nri2p4pqmp6ZzMTnMLFf1DSkK4PBqxIZ8krG+oHGsHM qNzRroR1DDEYPB1U60+FO7xIpKvzYYef9Ngwkc0/lUCtYQu5hA9vAhfzVih2wB/V DWFaZg5xxeC8ECqtBNcTuz+v0B3JPItiS+omc1g81qrZi7b80luGKoHuaUH3FzXD yDLmdVqIYfwHHEc7rzeT3nBLR1QMEd1r5xLrZNMqS/spEoPZvBrfbsSuswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL8UXqb8L8vRAxughKsXJGOen7xIMB8GA1UdIwQY MBaAFFNVCyOC4A+n3xlOZIX+FCWDYhP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTFVTEk0TGdENmZmR1U1a2hmNFVKWU5pRV84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNWJiNmItNjQyNS00NTNhLWI5NDIt ODljNTNkNjMwNzY1LzEvVTFVTEk0TGdENmZmR1U1a2hmNFVKWU5pRV84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9jNWJiNmItNjQyNS00NTNhLWI5NDItODljNTNkNjMwNzY1 LzEvVTFVTEk0TGdENmZmR1U1a2hmNFVKWU5pRV84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu4y5Zt52 UaggE/S0HYyBqCU1qa1w3EfIQwTT4fZBNb/aptudvvLE4J3WXXpeQSXfBif4Z6Ce Pr+gwszoq800dhw3QIf28ECyiqXlnNcnY65WrklsyPhKomCQcT17trNUJcZAiava HPasXZUu0vSCBPjGwPCgDdzGPNDOOFBb0ZN7xdgJlsGV5UXNg+NYroH0EehjcwEI KJ5BfqqsxqLF1aiibFXgsN7p4nYExIVNByNLnCVuF2k22Tk0BtTqhONAwbch0J76 z1i0ASvUucZkQqmby/TCweQsuvmMMmzV9eTTwtrBo7WeINkhoXJ8BTpQEukvNY5p 0ip/rcnafx+bGA== -----END CERTIFICATE-----Generated at Tue Dec 30 21:59:50 2025 by rpki-client