This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft File: U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft (raw, json) Hash identifier: GcjM5KwrPxHtzeqPsv39yiWaq9Ndr7XFK9yqI+rrWGQ= Subject key identifier: 43:15:93:8E:7F:8F:D6:53:04:45:96:6C:8F:14:6D:04:A4:C9:F0:E9 Authority key identifier: 53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1 Certificate issuer: /CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1 Certificate serial: 019B32313F27ED7C82BC4B3D19DB98735A9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 16:00:46 +0000 Manifest this update: Thu 18 Dec 2025 16:00:46 +0000 Manifest next update: Fri 19 Dec 2025 16:00:46 +0000 Files and hashes: 1: U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl (hash: emcFLl3bpf0IgXxbXogFfAK42DqWr0hv9VbDkQD/3Zc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:3f:27:ed:7c:82:bc:4b:3d:19:db:98:73:5a:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=536583de836fcc28e70bf66eadb8d38f3f64f4e1 Validity Not Before: Dec 18 16:00:46 2025 GMT Not After : Dec 19 16:00:46 2025 GMT Subject: CN=4315938e7f8fd6530445966c8f146d04a4c9f0e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:41:dd:06:3b:9a:56:6b:eb:6e:9b:47:2c:5b: d1:72:b7:e4:57:ff:3c:86:ef:58:97:87:ce:1f:de: f5:42:e9:1b:06:27:b5:0a:4f:bc:6c:0f:13:78:05: b6:d0:bc:34:88:21:f8:60:98:a2:04:92:9c:26:f3: a4:2c:59:16:f6:c6:0b:ca:0c:b2:32:72:23:43:45: 66:3f:9b:a5:30:62:17:1c:c1:71:91:96:44:02:da: ee:a3:56:27:31:84:65:ae:8a:9e:6b:be:03:aa:8c: e5:dd:45:67:5e:81:73:73:c5:78:74:a1:21:f1:1f: ae:32:fa:96:9f:1e:b0:37:9e:41:08:29:59:d9:b6: 2f:12:34:14:64:4d:f2:18:47:4f:22:93:f9:91:67: 8d:58:e0:5e:6f:69:a0:d8:33:d8:84:e9:b9:70:87: be:40:47:99:88:a2:ae:ae:8d:d3:0a:22:c4:87:ee: ef:90:7f:6f:6f:74:6c:26:ae:7e:72:6e:55:bc:06: 85:2f:2e:22:59:d4:dc:ad:0c:30:3c:59:12:b6:6e: 41:65:6f:31:bc:93:c7:a4:ee:8f:f1:de:db:83:b2: 3c:15:27:5d:d9:a9:f0:33:70:7d:b2:47:88:70:74: 40:e6:44:d3:98:2e:33:b8:96:32:38:39:80:50:b5: 26:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:15:93:8E:7F:8F:D6:53:04:45:96:6C:8F:14:6D:04:A4:C9:F0:E9 X509v3 Authority Key Identifier: keyid:53:65:83:DE:83:6F:CC:28:E7:0B:F6:6E:AD:B8:D3:8F:3F:64:F4:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U2WD3oNvzCjnC_ZurbjTjz9k9OE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/6f263a-4193-4309-9c7a-82a6990df38d/1/U2WD3oNvzCjnC_ZurbjTjz9k9OE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:12:85:da:57:a3:6f:e1:c5:67:19:62:33:06:0a:18:db:37: 08:3a:72:96:62:97:13:96:b6:7d:10:64:78:23:15:63:14:2c: cf:33:8a:8f:f3:a7:9e:2b:b4:54:e7:c0:85:fc:4a:c6:5f:a6: 0e:48:54:d1:7f:ce:72:c7:44:26:d5:8c:33:b9:04:4f:4b:c4: f2:be:43:06:0c:fd:7f:6f:b1:a8:b5:6e:25:4b:e0:7d:b8:63: 84:5e:70:69:a0:79:ae:2c:2b:0c:a7:ae:3b:ae:09:f4:c3:66: d3:cf:cc:6f:1a:29:ef:fa:3e:cc:60:fa:8f:b6:03:10:7e:96: f0:17:4d:2b:d1:ec:f3:34:10:a8:7f:c7:f9:64:24:67:be:29: bc:70:f2:14:6d:42:14:c7:11:c5:f3:a2:6d:4e:e5:c4:84:8a: 70:a6:b3:43:e0:c3:9c:89:77:77:7c:1b:c9:e2:fb:e7:f6:0c: eb:b6:e7:57:85:ac:d6:5b:67:1e:a6:36:a9:2a:d2:60:4e:72: 52:a4:d5:e6:3c:04:40:42:dd:34:8e:5f:c5:33:33:d0:8d:17: 5f:4b:ba:dd:1e:b1:fa:11:d5:f1:38:b4:55:02:2b:68:33:37: c3:49:3d:c5:d9:f0:2e:cb:98:7f:63:1a:08:c9:9f:f2:e8:4a: 0f:5f:c7:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMT8n7XyCvEs9GduYc1qbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNjU4M2RlODM2ZmNjMjhlNzBiZjY2ZWFkYjhkMzhmM2Y2 NGY0ZTEwHhcNMjUxMjE4MTYwMDQ2WhcNMjUxMjE5MTYwMDQ2WjAzMTEwLwYDVQQD Eyg0MzE1OTM4ZTdmOGZkNjUzMDQ0NTk2NmM4ZjE0NmQwNGE0YzlmMGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UHdBjuaVmvrbptHLFvRcrfkV/88 hu9Yl4fOH971QukbBie1Ck+8bA8TeAW20Lw0iCH4YJiiBJKcJvOkLFkW9sYLygyy MnIjQ0VmP5ulMGIXHMFxkZZEAtruo1YnMYRlroqea74Dqozl3UVnXoFzc8V4dKEh 8R+uMvqWnx6wN55BCClZ2bYvEjQUZE3yGEdPIpP5kWeNWOBeb2mg2DPYhOm5cIe+ QEeZiKKuro3TCiLEh+7vkH9vb3RsJq5+cm5VvAaFLy4iWdTcrQwwPFkStm5BZW8x vJPHpO6P8d7bg7I8FSdd2anwM3B9skeIcHRA5kTTmC4zuJYyODmAULUm9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEMVk45/j9ZTBEWWbI8UbQSkyfDpMB8GA1UdIwQY MBaAFFNlg96Db8wo5wv2bq24048/ZPThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2Et ODJhNjk5MGRmMzhkLzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy82ZjI2M2EtNDE5My00MzA5LTljN2EtODJhNjk5MGRmMzhk LzEvVTJXRDNvTnZ6Q2puQ19adXJialRqejlrOU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRKF2lej b+HFZxliMwYKGNs3CDpylmKXE5a2fRBkeCMVYxQszzOKj/Onniu0VOfAhfxKxl+m DkhU0X/OcsdEJtWMM7kET0vE8r5DBgz9f2+xqLVuJUvgfbhjhF5waaB5riwrDKeu O64J9MNm08/Mbxop7/o+zGD6j7YDEH6W8BdNK9Hs8zQQqH/H+WQkZ74pvHDyFG1C FMcRxfOibU7lxISKcKazQ+DDnIl3d3wbyeL75/YM67bnV4Ws1ltnHqY2qSrSYE5y UqTV5jwEQELdNI5fxTMz0I0XX0u63R6x+hHV8Ti0VQIraDM3w0k9xdnwLsuYf2Ma CMmf8uhKD1/H/w== -----END CERTIFICATE-----Generated at Thu Dec 18 18:35:51 2025 by rpki-client