This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft File: 8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json) Hash identifier: vzQe2FEv5GkGtg1hLCCiWLaf+2gepTliXkbfzwJwEGI= Subject key identifier: E8:9B:A4:97:3D:7D:43:9D:F1:29:D8:42:1D:AC:60:0A:C2:DA:5C:45 Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 Certificate issuer: /CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Certificate serial: 019B44A5C547F602F5812EA9F0DE8AC1DDD4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft Manifest number: 1340 Signing time: Mon 22 Dec 2025 06:01:13 +0000 Manifest this update: Mon 22 Dec 2025 06:01:13 +0000 Manifest next update: Tue 23 Dec 2025 06:01:13 +0000 Files and hashes: 1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: w954qIgD/kYV2FaWYVzqFI03Fojbwp8sbW7YuL0bkXU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:c5:47:f6:02:f5:81:2e:a9:f0:de:8a:c1:dd:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Validity Not Before: Dec 22 06:01:13 2025 GMT Not After : Dec 23 06:01:13 2025 GMT Subject: CN=e89ba4973d7d439df129d8421dac600ac2da5c45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:c9:97:9b:85:1d:4c:be:30:7d:ac:3a:f3:b6: cb:0d:13:c7:e0:5f:52:ef:2b:d8:04:cc:ba:14:6c: 71:c7:20:d2:eb:b1:4f:fe:87:b8:bf:a1:0e:15:ee: b9:96:96:a7:b9:fa:75:41:52:e8:4e:86:d8:fd:87: 87:49:f3:40:ed:56:33:2e:d9:64:5a:35:4d:8a:e3: 39:30:83:9a:4b:4b:d7:c0:39:e2:5b:43:f7:9e:24: f2:2e:37:ef:2d:7b:07:57:6b:95:e8:7e:d0:fd:eb: f9:9e:25:65:21:00:31:3a:ef:54:c8:2b:11:71:fc: c2:01:9f:c1:6c:cc:84:13:7a:97:84:6d:7a:2a:df: 9f:1f:15:9b:55:ed:77:d7:ef:44:84:5a:3e:b7:c6: 66:c4:b4:a7:0a:6c:be:66:49:54:61:f4:7b:31:90: 4c:da:be:94:bc:a8:c8:8b:a9:64:05:10:6c:12:45: 36:5b:40:12:67:fd:b5:b7:19:83:e6:3c:1a:b3:55: ad:96:f8:ec:a7:a0:fe:54:44:a0:ac:c0:13:02:eb: 21:d3:05:c7:79:1e:59:99:67:7d:72:c5:24:81:2d: 78:c9:c0:33:be:cf:7f:50:f5:b7:00:16:c5:b2:ee: 30:14:7b:f2:6c:21:17:6e:ab:d5:f9:62:94:8e:ad: eb:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:9B:A4:97:3D:7D:43:9D:F1:29:D8:42:1D:AC:60:0A:C2:DA:5C:45 X509v3 Authority Key Identifier: keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:88:6d:b8:f7:f1:eb:43:82:53:1c:78:a4:da:d7:ec:bf:ec: c8:e8:01:93:f6:8f:e4:74:34:90:63:59:60:8f:e4:9c:49:90: 33:6f:03:5c:7d:87:be:c7:56:49:04:3b:ef:6d:01:3e:15:39: ec:8b:03:28:4d:9f:f0:bd:6d:b1:82:83:a4:fd:76:42:9f:9d: 59:af:71:d6:eb:a3:02:b2:9c:88:17:ea:54:10:97:a1:76:b4: 7f:91:15:b6:2d:e5:7a:cd:36:45:01:24:0a:72:9a:8e:e9:1b: df:2a:14:26:11:f6:11:29:d2:51:52:82:17:e7:43:14:7f:18: 1c:dd:48:89:4a:cf:49:61:eb:55:4a:d2:46:3d:0a:81:dc:96: d0:0e:51:bc:b8:56:5f:68:e1:28:ff:26:06:63:d0:34:fb:21: bb:d9:5c:db:71:ce:9d:93:80:04:3a:2b:e6:2b:5f:84:7e:fb: cd:e9:46:ac:3e:04:d7:ba:d1:a2:39:87:9a:65:a7:49:3c:f4: 2a:cc:3d:86:67:e5:e4:c2:6b:4d:68:21:1e:5f:26:cf:f0:95: 0c:a3:9d:ae:7f:4a:ae:b5:b0:07:71:35:91:e1:96:c6:16:35: d4:a9:3d:e6:c6:18:ad:66:12:67:b3:c2:96:ef:56:91:4b:bd: 8b:6e:0b:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpcVH9gL1gS6p8N6Kwd3UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx YzkyNTkwHhcNMjUxMjIyMDYwMTEzWhcNMjUxMjIzMDYwMTEzWjAzMTEwLwYDVQQD EyhlODliYTQ5NzNkN2Q0MzlkZjEyOWQ4NDIxZGFjNjAwYWMyZGE1YzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAismXm4UdTL4wfaw687bLDRPH4F9S 7yvYBMy6FGxxxyDS67FP/oe4v6EOFe65lpanufp1QVLoTobY/YeHSfNA7VYzLtlk WjVNiuM5MIOaS0vXwDniW0P3niTyLjfvLXsHV2uV6H7Q/ev5niVlIQAxOu9UyCsR cfzCAZ/BbMyEE3qXhG16Kt+fHxWbVe131+9EhFo+t8ZmxLSnCmy+ZklUYfR7MZBM 2r6UvKjIi6lkBRBsEkU2W0ASZ/21txmD5jwas1Wtlvjsp6D+VESgrMATAush0wXH eR5ZmWd9csUkgS14ycAzvs9/UPW3ABbFsu4wFHvybCEXbqvV+WKUjq3rqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOibpJc9fUOd8SnYQh2sYArC2lxFMB8GA1UdIwQY MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOohtuPfx 60OCUxx4pNrX7L/syOgBk/aP5HQ0kGNZYI/knEmQM28DXH2HvsdWSQQ7720BPhU5 7IsDKE2f8L1tsYKDpP12Qp+dWa9x1uujArKciBfqVBCXoXa0f5EVti3les02RQEk CnKajukb3yoUJhH2ESnSUVKCF+dDFH8YHN1IiUrPSWHrVUrSRj0KgdyW0A5RvLhW X2jhKP8mBmPQNPshu9lc23HOnZOABDor5itfhH77zelGrD4E17rRojmHmmWnSTz0 Ksw9hmfl5MJrTWghHl8mz/CVDKOdrn9KrrWwB3E1keGWxhY11Kk95sYYrWYSZ7PC lu9WkUu9i24LtQ== -----END CERTIFICATE-----Generated at Mon Dec 22 14:07:40 2025 by rpki-client