This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.mft File: rn8YfBJ4L8TYRHYiNZkzKcRWOg0.mft (raw, json) Hash identifier: scenAuK6GGmvxwS/B8ul4Xb9RI7S2AyDySfAu9ualIk= Subject key identifier: DD:DF:D1:D9:2B:03:84:D9:2A:3F:65:11:D8:C7:75:1B:8F:F1:FB:32 Authority key identifier: AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D Certificate issuer: /CN=ae7f187c12782fc4d844762235993329c4563a0d Certificate serial: 019B446E9D2BC4BB0396F0F23C74FC404B8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.mft Manifest number: 0DA9 Signing time: Mon 22 Dec 2025 05:00:58 +0000 Manifest this update: Mon 22 Dec 2025 05:00:58 +0000 Manifest next update: Tue 23 Dec 2025 05:00:58 +0000 Files and hashes: 1: 9SHpbhL3XuwxiKnoCroL_5tpXVo.roa (hash: xPrIpxk+JNMXsVLk++89joWnIkf6ad6w3ouFrsF8d/w=) 2: rn8YfBJ4L8TYRHYiNZkzKcRWOg0.crl (hash: Y1j4w09SnvDJ4qZGS1SxOrmo/fFKQzXdi7+FIvxgoHQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.mft rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:6e:9d:2b:c4:bb:03:96:f0:f2:3c:74:fc:40:4b:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae7f187c12782fc4d844762235993329c4563a0d Validity Not Before: Dec 22 05:00:58 2025 GMT Not After : Dec 23 05:00:58 2025 GMT Subject: CN=dddfd1d92b0384d92a3f6511d8c7751b8ff1fb32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:08:54:87:f8:42:96:7a:1f:19:fc:45:38:09: 26:25:ad:ca:f4:3d:6d:51:0c:e8:11:b6:49:ac:bc: 75:da:ea:1a:69:8d:b4:57:fc:61:0e:9a:92:af:1a: 80:e2:b7:18:62:53:3d:98:8c:88:80:91:e1:47:4d: 89:d6:e0:8b:42:50:40:37:28:d4:1d:94:a1:22:60: cb:0e:fe:07:e7:39:2a:cf:0b:a1:59:8f:dd:1f:27: 28:1d:d8:20:e8:e6:5f:48:4b:bd:14:ee:30:00:55: c8:61:e1:cb:d4:bf:16:69:a1:f9:27:ea:d9:cf:06: 4f:62:47:a5:5b:90:a4:66:bf:c2:6e:c9:05:ab:d4: 81:52:ec:db:5f:05:c2:84:69:b8:21:3f:d2:bc:0e: 8c:25:eb:15:7c:0d:6b:67:26:86:81:20:9c:6f:e0: 84:71:b3:14:f6:c0:72:e4:d2:1f:e8:f4:04:92:50: a3:f6:08:49:e2:47:58:cb:47:14:0c:61:29:3d:ca: 73:15:57:fc:69:c0:d4:03:e2:c0:be:7f:8a:85:1e: b7:4d:de:08:68:ca:49:66:eb:45:18:0b:19:1c:57: ea:28:26:22:fd:b9:f7:79:f1:46:25:f2:d9:66:10: e0:13:da:54:1f:f6:ed:72:7e:64:b3:48:6a:47:00: 60:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:DF:D1:D9:2B:03:84:D9:2A:3F:65:11:D8:C7:75:1B:8F:F1:FB:32 X509v3 Authority Key Identifier: keyid:AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:52:ba:b0:ec:28:61:44:7a:0c:fb:e5:8a:2e:74:83:85:72: 7d:02:3e:7e:8f:d0:41:3b:51:a1:b0:2a:de:a8:13:c7:6f:52: 54:e8:85:55:2e:c3:49:95:91:22:09:e7:6c:ec:14:14:1c:5a: 77:95:41:17:f4:7a:2a:1e:be:82:a6:93:58:21:ba:a2:4a:a4: 5c:0e:79:52:35:8e:05:8f:ab:59:83:d6:8a:c7:04:6e:c6:4a: 98:9f:51:ab:63:2b:34:a2:1c:cc:36:bc:54:2c:73:56:02:ac: ca:e7:e6:84:e0:b4:ca:73:84:73:ba:d0:53:c4:24:3e:f2:5b: 63:db:02:eb:ec:5b:70:6f:2e:bb:af:05:6b:44:dc:a1:20:aa: fc:92:7a:4b:94:0c:f7:da:1d:2d:9e:07:7a:79:ca:01:28:8f: 9f:1e:78:64:f7:3d:f9:33:b6:2c:0c:27:b6:4c:f3:23:e0:59: 23:3b:c0:f4:c9:ef:e4:62:f3:b4:11:2d:e4:ad:bd:f0:2b:64: c0:88:dd:66:cc:b8:39:b7:06:b8:73:ad:2c:48:62:22:a5:db: 84:c1:4c:d2:2f:d8:b1:c2:61:3d:32:4d:54:80:5a:66:63:08: 1b:7f:7d:f3:21:71:b0:cc:62:f9:d6:e5:2a:89:6f:b0:64:70: 4a:12:c1:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEbp0rxLsDlvDyPHT8QEuMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlN2YxODdjMTI3ODJmYzRkODQ0NzYyMjM1OTkzMzI5YzQ1 NjNhMGQwHhcNMjUxMjIyMDUwMDU4WhcNMjUxMjIzMDUwMDU4WjAzMTEwLwYDVQQD EyhkZGRmZDFkOTJiMDM4NGQ5MmEzZjY1MTFkOGM3NzUxYjhmZjFmYjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQhUh/hClnofGfxFOAkmJa3K9D1t UQzoEbZJrLx12uoaaY20V/xhDpqSrxqA4rcYYlM9mIyIgJHhR02J1uCLQlBANyjU HZShImDLDv4H5zkqzwuhWY/dHycoHdgg6OZfSEu9FO4wAFXIYeHL1L8WaaH5J+rZ zwZPYkelW5CkZr/CbskFq9SBUuzbXwXChGm4IT/SvA6MJesVfA1rZyaGgSCcb+CE cbMU9sBy5NIf6PQEklCj9ghJ4kdYy0cUDGEpPcpzFVf8acDUA+LAvn+KhR63Td4I aMpJZutFGAsZHFfqKCYi/bn3efFGJfLZZhDgE9pUH/btcn5ks0hqRwBgyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3f0dkrA4TZKj9lEdjHdRuP8fsyMB8GA1UdIwQY MBaAFK5/GHwSeC/E2ER2IjWZMynEVjoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jOGY2NDctZWQ3OS00MmQ5LThkZjYt MDU4Nzc2MDRhMDFkLzEvcm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9jOGY2NDctZWQ3OS00MmQ5LThkZjYtMDU4Nzc2MDRhMDFk LzEvcm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn1K6sOwo YUR6DPvlii50g4VyfQI+fo/QQTtRobAq3qgTx29SVOiFVS7DSZWRIgnnbOwUFBxa d5VBF/R6Kh6+gqaTWCG6okqkXA55UjWOBY+rWYPWiscEbsZKmJ9Rq2MrNKIczDa8 VCxzVgKsyufmhOC0ynOEc7rQU8QkPvJbY9sC6+xbcG8uu68Fa0TcoSCq/JJ6S5QM 99odLZ4HennKASiPnx54ZPc9+TO2LAwntkzzI+BZIzvA9Mnv5GLztBEt5K298Ctk wIjdZsy4ObcGuHOtLEhiIqXbhMFM0i/YscJhPTJNVIBaZmMIG3998yFxsMxi+dbl KolvsGRwShLBMA== -----END CERTIFICATE-----Generated at Mon Dec 22 14:29:46 2025 by rpki-client