This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft File: umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft (raw, json) Hash identifier: L2KcWcTTb+5CNpEa7Kq8Gp8iTlgAgscrY6fsKn3Totk= Subject key identifier: B5:85:08:F6:DE:A1:47:26:FB:F6:E8:23:40:D1:D7:A1:1A:CD:7E:24 Authority key identifier: BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A Certificate issuer: /CN=ba68595997900ded300e9925709da627e93f363a Certificate serial: 019B3AC6CFA237FB71F54AB9CD430E4EB257 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft Manifest number: 1024 Signing time: Sat 20 Dec 2025 08:01:06 +0000 Manifest this update: Sat 20 Dec 2025 08:01:06 +0000 Manifest next update: Sun 21 Dec 2025 08:01:06 +0000 Files and hashes: 1: Vevc9vrQGyVF5o4NzN0QFHnZAiA.roa (hash: AOWcNE88wNCBWfSzm2+MmaRV4c7usJ5kQGrhyE8Gj6M=) 2: umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl (hash: 76hArsWFvVpg7uxp6rl9ymVqaSllMdopvIyrwn2TMuM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 08:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:cf:a2:37:fb:71:f5:4a:b9:cd:43:0e:4e:b2:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba68595997900ded300e9925709da627e93f363a Validity Not Before: Dec 20 08:01:06 2025 GMT Not After : Dec 21 08:01:06 2025 GMT Subject: CN=b58508f6dea14726fbf6e82340d1d7a11acd7e24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5c:aa:09:da:47:e1:ac:d9:72:ce:be:8b:ff: a6:d7:d6:af:8c:5a:fb:6e:da:f5:1c:b2:cb:d2:50: 8b:ce:ae:5f:78:fd:63:89:bb:6b:ce:04:9e:54:85: 66:a7:82:10:cf:17:2e:ac:71:1f:10:13:ad:0b:c2: 01:83:70:b8:40:10:09:a7:fe:6a:5e:4d:3b:72:4a: 71:3c:7d:ef:27:6e:1d:65:a9:40:b5:2e:46:7b:71: 1b:56:9d:8b:1e:53:4c:63:be:99:45:fd:2c:90:ad: 11:99:f7:e4:d9:ed:8b:7a:e5:61:4d:a1:e2:4f:29: 7e:b9:83:2f:2d:3e:39:e0:df:45:a7:40:16:02:50: 4d:48:36:aa:7f:db:b5:cd:77:d0:b4:41:1b:e9:3a: 2e:9b:54:be:f9:49:2e:b0:41:46:8c:49:ff:b2:52: c1:cb:2a:29:09:b8:8d:4c:a8:17:80:6a:6b:51:4a: 30:9f:88:25:2b:d1:eb:f6:52:fb:73:ae:06:9b:45: aa:de:0f:e7:97:66:82:d6:4c:11:59:97:c1:6d:62: 8a:ce:57:bf:d2:cf:24:0d:c1:14:0c:a8:91:4b:91: 3b:6f:49:c8:b5:1f:1a:18:e6:65:f6:b2:7e:c6:c0: b4:f4:c2:39:f2:a2:d6:5d:3e:aa:9b:11:b1:22:e3: 5f:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:85:08:F6:DE:A1:47:26:FB:F6:E8:23:40:D1:D7:A1:1A:CD:7E:24 X509v3 Authority Key Identifier: keyid:BA:68:59:59:97:90:0D:ED:30:0E:99:25:70:9D:A6:27:E9:3F:36:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umhZWZeQDe0wDpklcJ2mJ-k_Njo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/472a4d-fcae-4454-9967-02ded9b2e0c9/1/umhZWZeQDe0wDpklcJ2mJ-k_Njo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:3d:28:b1:61:a3:9f:c8:81:84:b4:9d:d2:ee:7f:18:87:4f: 6c:6c:ff:4b:55:b1:57:3c:e4:77:9a:17:d5:85:52:df:57:74: fa:c0:f4:fe:8b:9a:3f:82:4b:4c:0f:d4:fd:bc:2e:84:32:21: 3c:04:05:a8:e5:81:84:e0:8d:de:0c:0f:af:da:96:aa:3a:51: 6c:59:de:dc:87:76:ae:6c:39:03:2e:ba:df:57:1e:af:2c:56: c5:67:99:2c:29:5a:26:09:79:80:47:d7:0e:7b:93:f3:c4:f0: 36:cc:a9:90:11:0d:e0:84:0a:5e:63:e6:b4:b4:14:83:e1:1a: 64:5a:01:ed:41:d0:ea:30:38:e6:87:d4:a4:ca:ec:1c:29:18: 4b:96:26:d8:e7:fc:94:ab:cb:ec:e1:bf:9b:d2:ee:0a:f5:29: 6b:02:41:9a:6c:43:9c:9b:3e:6a:0b:af:a8:f8:1c:dc:55:d7: 0e:0f:9a:6a:c8:a0:24:7a:b5:0b:dd:a5:f0:7b:71:25:31:be: b3:1e:f6:a1:7b:6c:c5:1d:19:46:4f:5e:c2:c9:00:aa:90:ec: be:84:0c:8f:67:93:54:25:b6:46:74:3c:d8:dc:ae:1b:30:bd: 36:c6:e2:fb:a8:bf:24:9e:21:73:da:11:83:7b:d3:78:82:05: 94:84:e1:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xs+iN/tx9Uq5zUMOTrJXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNjg1OTU5OTc5MDBkZWQzMDBlOTkyNTcwOWRhNjI3ZTkz ZjM2M2EwHhcNMjUxMjIwMDgwMTA2WhcNMjUxMjIxMDgwMTA2WjAzMTEwLwYDVQQD EyhiNTg1MDhmNmRlYTE0NzI2ZmJmNmU4MjM0MGQxZDdhMTFhY2Q3ZTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulyqCdpH4azZcs6+i/+m19avjFr7 btr1HLLL0lCLzq5feP1jibtrzgSeVIVmp4IQzxcurHEfEBOtC8IBg3C4QBAJp/5q Xk07ckpxPH3vJ24dZalAtS5Ge3EbVp2LHlNMY76ZRf0skK0Rmffk2e2LeuVhTaHi Tyl+uYMvLT454N9Fp0AWAlBNSDaqf9u1zXfQtEEb6Toum1S++UkusEFGjEn/slLB yyopCbiNTKgXgGprUUown4glK9Hr9lL7c64Gm0Wq3g/nl2aC1kwRWZfBbWKKzle/ 0s8kDcEUDKiRS5E7b0nItR8aGOZl9rJ+xsC09MI58qLWXT6qmxGxIuNf3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLWFCPbeoUcm+/boI0DR16EazX4kMB8GA1UdIwQY MBaAFLpoWVmXkA3tMA6ZJXCdpifpPzY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5Njct MDJkZWQ5YjJlMGM5LzEvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS80NzJhNGQtZmNhZS00NDU0LTk5NjctMDJkZWQ5YjJlMGM5 LzEvdW1oWldaZVFEZTB3RHBrbGNKMm1KLWtfTmpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdj0osWGj n8iBhLSd0u5/GIdPbGz/S1WxVzzkd5oX1YVS31d0+sD0/ouaP4JLTA/U/bwuhDIh PAQFqOWBhOCN3gwPr9qWqjpRbFne3Id2rmw5Ay6631ceryxWxWeZLClaJgl5gEfX DnuT88TwNsypkBEN4IQKXmPmtLQUg+EaZFoB7UHQ6jA45ofUpMrsHCkYS5Ym2Of8 lKvL7OG/m9LuCvUpawJBmmxDnJs+aguvqPgc3FXXDg+aasigJHq1C92l8HtxJTG+ sx72oXtsxR0ZRk9ewskAqpDsvoQMj2eTVCW2RnQ82NyuGzC9Nsbi+6i/JJ4hc9oR g3vTeIIFlITh9A== -----END CERTIFICATE-----Generated at Sat Dec 20 16:17:10 2025 by rpki-client