This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft File: U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft (raw, json) Hash identifier: faN+joiWVB76hDYMcyamd8BaCJxeX3xsmpaWEiKqwoM= Subject key identifier: 5D:32:84:2C:96:E3:CA:4C:C9:84:EF:CD:F5:47:7C:1E:1D:50:2E:FB Authority key identifier: 53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1 Certificate issuer: /CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1 Certificate serial: 019B71EB9E558257DD13DC7AB92C2A0498B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft Manifest number: 17A1 Signing time: Wed 31 Dec 2025 01:00:25 +0000 Manifest this update: Wed 31 Dec 2025 01:00:25 +0000 Manifest next update: Thu 01 Jan 2026 01:00:25 +0000 Files and hashes: 1: U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl (hash: ofsKYwSR61o6JzD7QAOk0EcmPWNe4BllkUaxpj3ZyGA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:eb:9e:55:82:57:dd:13:dc:7a:b9:2c:2a:04:98:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1 Validity Not Before: Dec 31 01:00:25 2025 GMT Not After : Jan 1 01:00:25 2026 GMT Subject: CN=5d32842c96e3ca4cc984efcdf5477c1e1d502efb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:db:c3:b7:c3:48:d4:e3:e7:77:20:0b:11:51: 6a:86:95:5c:43:d8:a5:ec:4f:4a:81:4f:d2:c1:12: c5:9f:76:95:4a:13:62:76:13:48:71:4f:96:e2:c5: 79:d0:32:9b:42:ac:9f:f5:59:57:f6:57:11:0b:90: 00:bf:b7:85:36:d5:e7:81:b3:b5:e2:eb:e9:f8:78: e6:b8:38:f0:b2:f0:f0:a6:dd:d1:ba:8a:84:86:1d: d3:3d:cd:99:9d:d0:27:1b:07:18:0e:7f:30:ff:04: c9:55:38:f2:94:d6:f7:df:35:5b:c9:f4:26:b7:48: e2:d3:75:78:cb:57:a0:e7:bb:72:48:13:89:df:53: e0:28:c3:2a:b7:93:33:26:19:4d:0d:e4:c4:06:bc: d6:07:c8:27:5c:d8:d2:5a:64:b8:24:90:c7:41:db: dd:64:e5:ed:00:f2:4c:7d:df:20:5d:a0:ad:37:95: 9f:99:9a:73:52:4d:4b:50:47:78:f0:4e:cb:85:ad: d2:71:57:5d:0a:1e:0e:e1:0c:97:f6:6c:47:02:a4: 6c:58:4a:ad:08:7a:a6:eb:62:73:2c:c1:f3:0b:4f: 33:ba:aa:5f:d8:42:0c:c2:58:7b:0c:c7:a4:4c:01: 3c:14:19:19:40:66:fc:40:5f:00:d3:e7:fb:e7:ac: 31:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:32:84:2C:96:E3:CA:4C:C9:84:EF:CD:F5:47:7C:1E:1D:50:2E:FB X509v3 Authority Key Identifier: keyid:53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:63:90:c2:31:bd:66:d5:4e:46:10:ed:a8:d0:c4:8a:2b:48: 41:11:25:ed:8a:39:a2:ab:37:e2:ef:15:fa:1c:7e:02:be:d5: 8a:ac:af:8b:5c:d1:71:89:ff:a1:73:57:30:6f:bd:54:ef:a8: c9:00:4b:dd:60:73:80:4d:c8:4d:51:27:d8:d5:0b:d0:12:77: 92:a6:50:65:cd:b2:1b:8f:d5:36:6b:3f:af:21:ea:54:4d:aa: dc:d1:01:23:42:20:86:89:14:34:2c:89:db:e9:4f:17:72:7c: 6e:f7:62:ed:ef:bd:7e:c2:1f:63:a8:38:e2:f7:ab:53:f6:70: c5:d1:ad:7e:d1:64:6d:81:b5:23:9b:c1:de:a7:62:03:44:a8: 42:77:e1:a2:01:15:ff:88:99:d7:a2:cf:63:67:67:b5:af:bd: 83:19:39:bb:33:3c:76:96:40:f9:2f:2f:9c:82:d6:b1:38:cb: 0a:b4:56:07:3b:39:c5:76:7a:d6:71:53:c0:45:83:3b:b7:74: 3e:6d:2a:ad:48:c5:67:c1:7b:e9:e8:87:38:24:79:0e:67:33: a8:a7:05:6b:3b:00:a8:bf:ba:d1:5f:cc:41:57:2d:95:d2:07: 3c:b6:c3:3a:0f:19:ec:bc:15:cb:76:8f:62:6d:54:ac:d2:5a: 2b:84:77:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtx655VglfdE9x6uSwqBJi2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNjU4M2RlODM2ZmNjMjhlNzBiZjY2ZWFkYjhkMzhmM2Y2 NGY0ZTEwHhcNMjUxMjMxMDEwMDI1WhcNMjYwMTAxMDEwMDI1WjAzMTEwLwYDVQQD Eyg1ZDMyODQyYzk2ZTNjYTRjYzk4NGVmY2RmNTQ3N2MxZTFkNTAyZWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdvDt8NI1OPndyALEVFqhpVcQ9il 7E9KgU/SwRLFn3aVShNidhNIcU+W4sV50DKbQqyf9VlX9lcRC5AAv7eFNtXngbO1 4uvp+HjmuDjwsvDwpt3RuoqEhh3TPc2ZndAnGwcYDn8w/wTJVTjylNb33zVbyfQm t0ji03V4y1eg57tySBOJ31PgKMMqt5MzJhlNDeTEBrzWB8gnXNjSWmS4JJDHQdvd ZOXtAPJMfd8gXaCtN5WfmZpzUk1LUEd48E7Lha3ScVddCh4O4QyX9mxHAqRsWEqt CHqm62JzLMHzC08zuqpf2EIMwlh7DMekTAE8FBkZQGb8QF8A0+f756wxKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF0yhCyW48pMyYTvzfVHfB4dUC77MB8GA1UdIwQY MBaAFFNlg96Db8wo5wv2bq24048/ZPThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2Et ODJhNjk5MGRmMzhkLzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2EtODJhNjk5MGRmMzhk LzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADWOQwjG9 ZtVORhDtqNDEiitIQREl7Yo5oqs34u8V+hx+Ar7Viqyvi1zRcYn/oXNXMG+9VO+o yQBL3WBzgE3ITVEn2NUL0BJ3kqZQZc2yG4/VNms/ryHqVE2q3NEBI0IghokUNCyJ 2+lPF3J8bvdi7e+9fsIfY6g44verU/ZwxdGtftFkbYG1I5vB3qdiA0SoQnfhogEV /4iZ16LPY2dnta+9gxk5uzM8dpZA+S8vnILWsTjLCrRWBzs5xXZ61nFTwEWDO7d0 Pm0qrUjFZ8F76eiHOCR5DmczqKcFazsAqL+60V/MQVctldIHPLbDOg8Z7LwVy3aP Ym1UrNJaK4R3kA== -----END CERTIFICATE-----Generated at Wed Dec 31 07:21:26 2025 by rpki-client