This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft File: U5UGCcqN1_bG-jzsrHeUIexsAQA.mft (raw, json) Hash identifier: gAH0ydATSIzzYI0LvXMjYi3mynD+OL1YpeR9KYkd6lU= Subject key identifier: CE:75:6E:B9:E7:6C:07:25:CA:7F:BE:DF:26:80:A9:0D:2A:14:C0:D9 Authority key identifier: 53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00 Certificate issuer: /CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100 Certificate serial: 019B533CAD4DEC5EFFF9079371F1F634696B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft Manifest number: 0655 Signing time: Thu 25 Dec 2025 02:00:44 +0000 Manifest this update: Thu 25 Dec 2025 02:00:44 +0000 Manifest next update: Fri 26 Dec 2025 02:00:44 +0000 Files and hashes: 1: U5UGCcqN1_bG-jzsrHeUIexsAQA.crl (hash: j1S5Kev6fsHQjUuEHiair4leEAn6vrCUlUKNiJu69n0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 02:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:3c:ad:4d:ec:5e:ff:f9:07:93:71:f1:f6:34:69:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100 Validity Not Before: Dec 25 02:00:44 2025 GMT Not After : Dec 26 02:00:44 2025 GMT Subject: CN=ce756eb9e76c0725ca7fbedf2680a90d2a14c0d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:26:a7:03:84:c7:c2:6d:99:5f:53:78:d9:22: 25:17:fe:ef:ee:2b:f0:aa:90:04:4e:bc:0b:cb:46: a9:12:4b:de:c9:0a:40:17:8d:0a:06:7b:1e:d4:65: 0a:ce:06:12:43:a7:c2:ef:59:ff:c0:88:2c:b3:d9: 37:ca:88:9f:bb:87:48:dd:21:1d:94:3e:8c:e4:eb: 0f:d8:3c:a2:0b:3f:ff:b1:6a:ef:f2:73:d2:2d:7e: 5a:ee:e4:ef:b0:24:47:e6:61:d0:8d:76:5d:8c:18: 6b:cb:d9:74:ff:e1:07:ef:cc:6a:16:05:cd:24:35: ce:71:a3:9e:4a:e5:e9:11:5b:c7:29:f3:58:b3:c6: 06:d7:1b:74:7a:05:55:f0:47:c3:91:3d:2d:0d:f7: 65:f2:00:5e:3d:a3:fb:89:32:0f:7e:b9:2d:f3:0a: 1d:d2:7b:d6:07:a3:a1:5b:7f:57:75:46:75:1c:3b: 0b:00:63:1c:f1:24:1c:24:86:93:06:a3:f2:5d:ba: d3:7b:e3:29:6f:64:43:57:31:99:b2:39:26:b0:61: a5:be:d7:f3:12:62:a4:85:6c:bb:79:34:36:2f:5d: 7c:75:c3:39:50:ef:ed:6a:60:73:de:d5:13:26:8b: a8:e8:5f:c8:e9:4c:df:8a:f9:0b:12:f8:03:a8:84: 98:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:75:6E:B9:E7:6C:07:25:CA:7F:BE:DF:26:80:A9:0D:2A:14:C0:D9 X509v3 Authority Key Identifier: keyid:53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:6c:e7:70:71:d5:32:3e:49:55:3a:90:80:c5:29:2b:29:f2: aa:bb:cd:39:de:0b:e8:6e:2a:51:59:27:b8:7a:0b:6e:be:8d: 35:49:45:67:9c:90:6c:44:2a:b2:99:ce:28:a5:33:5d:32:7d: 4e:0d:8d:b7:2b:c9:00:f2:51:95:40:df:20:17:4c:94:8d:93: a2:68:4d:ea:8b:e8:d9:94:94:7e:17:3e:44:21:fd:a4:bc:80: a5:42:7c:f7:bc:1a:85:33:eb:f4:67:d3:11:8f:01:c9:e2:5e: b5:ea:a5:61:50:a9:d1:05:0c:f8:55:8a:73:07:01:8a:da:be: 35:de:2a:7e:dd:3b:dd:06:6e:47:31:91:73:10:33:4b:e0:fd: 99:95:0f:42:f9:a1:70:e0:a7:35:ca:4e:cf:43:1e:fb:b7:64: 30:4e:9e:7a:52:af:79:3c:4d:8e:b5:77:e9:44:94:18:0f:61: 0e:f7:b9:ae:f4:b9:78:eb:67:ef:97:74:81:48:51:59:d9:2a: 27:c4:0c:28:09:4d:39:6f:70:de:a1:51:07:52:16:4b:22:fc: f6:b3:d1:18:b5:20:c6:13:27:a9:dc:fa:b7:b0:e0:85:27:17: 0a:3f:ab:e1:1e:0e:01:7b:74:97:62:d2:c8:6a:07:87:20:fc: f3:17:83:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTPK1N7F7/+QeTcfH2NGlrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzOTUwNjA5Y2E4ZGQ3ZjZjNmZhM2NlY2FjNzc5NDIxZWM2 YzAxMDAwHhcNMjUxMjI1MDIwMDQ0WhcNMjUxMjI2MDIwMDQ0WjAzMTEwLwYDVQQD EyhjZTc1NmViOWU3NmMwNzI1Y2E3ZmJlZGYyNjgwYTkwZDJhMTRjMGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArianA4THwm2ZX1N42SIlF/7v7ivw qpAETrwLy0apEkveyQpAF40KBnse1GUKzgYSQ6fC71n/wIgss9k3yoifu4dI3SEd lD6M5OsP2DyiCz//sWrv8nPSLX5a7uTvsCRH5mHQjXZdjBhry9l0/+EH78xqFgXN JDXOcaOeSuXpEVvHKfNYs8YG1xt0egVV8EfDkT0tDfdl8gBePaP7iTIPfrkt8wod 0nvWB6OhW39XdUZ1HDsLAGMc8SQcJIaTBqPyXbrTe+Mpb2RDVzGZsjkmsGGlvtfz EmKkhWy7eTQ2L118dcM5UO/tamBz3tUTJouo6F/I6UzfivkLEvgDqISYSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM51brnnbAclyn++3yaAqQ0qFMDZMB8GA1UdIwQY MBaAFFOVBgnKjdf2xvo87Kx3lCHsbAEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAt ODAxY2Y0ZmVjNzRlLzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAtODAxY2Y0ZmVjNzRl LzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGzncHHV Mj5JVTqQgMUpKynyqrvNOd4L6G4qUVknuHoLbr6NNUlFZ5yQbEQqspnOKKUzXTJ9 Tg2NtyvJAPJRlUDfIBdMlI2TomhN6ovo2ZSUfhc+RCH9pLyApUJ897wahTPr9GfT EY8ByeJeteqlYVCp0QUM+FWKcwcBitq+Nd4qft073QZuRzGRcxAzS+D9mZUPQvmh cOCnNcpOz0Me+7dkME6eelKveTxNjrV36USUGA9hDve5rvS5eOtn75d0gUhRWdkq J8QMKAlNOW9w3qFRB1IWSyL89rPRGLUgxhMnqdz6t7DghScXCj+r4R4OAXt0l2LS yGoHhyD88xeDJw== -----END CERTIFICATE-----Generated at Thu Dec 25 09:14:28 2025 by rpki-client