This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft File: 8PsNC-KW3BtxnSRA-2rZx10I4uI.mft (raw, json) Hash identifier: 5+hg35d9eOhhiv6g01Ayvn3VOSju5zxm0lorIbwLV+w= Subject key identifier: DA:51:CF:F1:83:24:51:6F:49:79:5C:5C:13:AF:48:0F:5C:D8:81:A9 Authority key identifier: F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2 Certificate issuer: /CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2 Certificate serial: 019B3C7FCC61DAE4E27E201EDAF33884B756 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft Manifest number: 1719 Signing time: Sat 20 Dec 2025 16:02:46 +0000 Manifest this update: Sat 20 Dec 2025 16:02:46 +0000 Manifest next update: Sun 21 Dec 2025 16:02:46 +0000 Files and hashes: 1: 0TX6bG3AW3Ort-Rt8qCc1TR12hM.roa (hash: XGv/DCUiOeegPa2KE+7yV2/GQEE1zmTFiu2PMDuWufY=) 2: 8PsNC-KW3BtxnSRA-2rZx10I4uI.crl (hash: XYL23Vygzl3Z922mVxmWClnsfNXCXzf4zp4y/qRxaJM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:cc:61:da:e4:e2:7e:20:1e:da:f3:38:84:b7:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2 Validity Not Before: Dec 20 16:02:46 2025 GMT Not After : Dec 21 16:02:46 2025 GMT Subject: CN=da51cff18324516f49795c5c13af480f5cd881a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:54:23:51:55:44:8b:fc:47:9b:38:96:50:30: ba:cc:83:25:86:24:81:db:4a:c0:9f:6d:e4:7b:fb: b6:e8:14:49:09:87:cb:c5:5a:8c:ef:0b:41:2c:10: 79:4f:e5:68:1f:39:3c:f1:9a:7f:54:38:75:13:e4: e0:24:4f:bf:10:be:81:a3:0b:06:53:f8:28:57:1d: be:e5:07:52:ae:46:87:0a:12:4e:b4:ac:1b:c5:2d: 8e:34:f3:73:98:55:7c:80:65:e9:a4:7b:6e:e6:46: 1b:58:2e:6a:08:cf:fc:03:eb:a5:cc:ce:e5:7c:9a: b4:1c:59:78:63:5d:07:e8:b5:21:f2:69:35:57:7c: ec:93:7d:bc:d0:e6:50:6b:8c:df:2b:00:d1:43:64: ef:96:6a:cd:2a:01:a9:4b:b2:47:eb:05:b6:44:9c: 60:50:5e:96:d1:34:fc:eb:c4:5d:dd:63:bd:5f:91: f7:dc:67:34:85:41:00:f0:e0:73:5b:d9:d6:e7:b2: f4:70:4d:2b:cf:5c:12:01:07:82:d6:79:08:05:a3: 54:0e:cb:a2:93:08:89:b2:ad:bc:b5:52:5f:36:ef: 60:99:7b:ce:1e:e9:d2:49:00:b5:2a:b6:4a:ee:4e: 99:6c:90:43:f1:64:23:69:e5:7c:41:05:4e:9c:ce: 69:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:51:CF:F1:83:24:51:6F:49:79:5C:5C:13:AF:48:0F:5C:D8:81:A9 X509v3 Authority Key Identifier: keyid:F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:9e:7f:de:d0:37:10:5f:4e:ae:fa:b3:7e:08:6b:a5:83:59: 00:19:55:77:55:da:6f:25:f4:c6:0c:f6:70:ee:be:96:55:57: 22:f6:b0:27:f9:a6:0a:5d:44:8d:7a:0c:46:38:a7:22:1d:a6: 5b:47:14:9b:df:63:3b:16:6e:fe:55:af:fb:4b:a0:03:2c:07: de:6c:45:40:a3:cc:b2:f4:19:5e:4d:ee:45:35:62:15:a6:e0: 2a:6d:28:45:f4:88:16:bd:28:f2:c6:b1:63:e3:4f:ca:4c:68: 03:fb:d6:d8:64:62:e1:58:2d:cc:58:a6:3a:a0:dc:d2:01:7d: 3f:47:ef:c2:07:2b:47:24:1a:44:56:fa:2c:04:37:8e:33:e1: ff:9b:ba:a7:12:ab:6b:48:24:af:d9:94:30:9c:8c:b7:b0:9b: d4:c7:98:0d:24:97:68:48:a2:ab:60:4e:06:03:f2:11:24:0e: 02:e7:36:41:a7:84:bf:36:29:75:ee:e9:d9:05:50:42:99:42: a8:22:42:8e:2c:c0:e8:9c:41:0d:89:46:20:0d:2f:9d:aa:f3: 05:5b:ff:68:2f:15:a7:65:f4:09:59:b5:24:db:99:fa:97:68: 85:b2:73:82:84:7f:7b:ad:8d:58:b0:c8:b8:4d:32:68:92:b2: ca:c1:14:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f8xh2uTifiAe2vM4hLdWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZmIwZDBiZTI5NmRjMWI3MTlkMjQ0MGZiNmFkOWM3NWQw OGUyZTIwHhcNMjUxMjIwMTYwMjQ2WhcNMjUxMjIxMTYwMjQ2WjAzMTEwLwYDVQQD EyhkYTUxY2ZmMTgzMjQ1MTZmNDk3OTVjNWMxM2FmNDgwZjVjZDg4MWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlQjUVVEi/xHmziWUDC6zIMlhiSB 20rAn23ke/u26BRJCYfLxVqM7wtBLBB5T+VoHzk88Zp/VDh1E+TgJE+/EL6BowsG U/goVx2+5QdSrkaHChJOtKwbxS2ONPNzmFV8gGXppHtu5kYbWC5qCM/8A+ulzM7l fJq0HFl4Y10H6LUh8mk1V3zsk3280OZQa4zfKwDRQ2TvlmrNKgGpS7JH6wW2RJxg UF6W0TT868Rd3WO9X5H33Gc0hUEA8OBzW9nW57L0cE0rz1wSAQeC1nkIBaNUDsui kwiJsq28tVJfNu9gmXvOHunSSQC1KrZK7k6ZbJBD8WQjaeV8QQVOnM5pxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNpRz/GDJFFvSXlcXBOvSA9c2IGpMB8GA1UdIwQY MBaAFPD7DQviltwbcZ0kQPtq2cddCOLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEt YzBlMjc4NzM2Yzg4LzEvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEtYzBlMjc4NzM2Yzg4 LzEvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuZ5/3tA3 EF9OrvqzfghrpYNZABlVd1XabyX0xgz2cO6+llVXIvawJ/mmCl1EjXoMRjinIh2m W0cUm99jOxZu/lWv+0ugAywH3mxFQKPMsvQZXk3uRTViFabgKm0oRfSIFr0o8sax Y+NPykxoA/vW2GRi4VgtzFimOqDc0gF9P0fvwgcrRyQaRFb6LAQ3jjPh/5u6pxKr a0gkr9mUMJyMt7Cb1MeYDSSXaEiiq2BOBgPyESQOAuc2QaeEvzYpde7p2QVQQplC qCJCjizA6JxBDYlGIA0vnarzBVv/aC8Vp2X0CVm1JNuZ+pdohbJzgoR/e62NWLDI uE0yaJKyysEUVQ== -----END CERTIFICATE-----Generated at Sat Dec 20 17:50:51 2025 by rpki-client