This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json) Hash identifier: qVHDycGkcFMIAprVcrVB1xt8X56Wma5kfUA/rDIPURk= Subject key identifier: CE:26:0F:D7:F2:7A:82:D7:1F:E3:19:54:B9:52:00:BD:14:55:43:34 Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9 Certificate serial: 019B3F486FAB7B4828A9A79E1A612C33F873 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft Manifest number: 0C2E Signing time: Sun 21 Dec 2025 05:01:10 +0000 Manifest this update: Sun 21 Dec 2025 05:01:10 +0000 Manifest next update: Mon 22 Dec 2025 05:01:10 +0000 Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=) 2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: +r0iFN703s2dRhbPbQsS1z9HEScTObg70HKAd9CboRE=) 3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:6f:ab:7b:48:28:a9:a7:9e:1a:61:2c:33:f8:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9 Validity Not Before: Dec 21 05:01:10 2025 GMT Not After : Dec 22 05:01:10 2025 GMT Subject: CN=ce260fd7f27a82d71fe31954b95200bd14554334 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:81:48:1f:f4:01:dc:e5:07:69:2f:b5:c9:4a: de:0b:9e:04:6a:c3:8b:21:21:86:e6:35:1b:aa:b0: 18:ea:f5:e7:5d:ec:57:ab:1e:80:6c:a4:ce:24:0c: 5a:3a:e8:70:61:e5:4c:9d:0e:ce:ce:17:cb:b8:32: d8:97:22:87:b0:a3:00:64:8d:52:49:cf:d1:ba:38: 80:c4:b5:27:9a:81:db:70:0d:a0:c5:ac:d0:96:86: 39:39:34:4d:4b:70:24:8e:2e:35:33:5b:ee:db:03: 0d:f9:e6:f3:d0:de:d5:fc:e9:51:62:65:8e:f7:ec: 95:00:ce:88:a0:7f:93:82:8e:19:a0:03:99:8d:d7: 43:38:da:6e:9c:fc:1d:72:69:ed:4c:8a:33:89:6b: 82:8d:97:1a:0e:41:f6:28:ca:bf:ba:45:d9:c6:c7: 6f:1b:54:af:01:7a:d0:18:04:98:35:01:ca:02:9b: fb:f5:02:89:41:9b:85:c0:d2:1c:91:65:76:18:48: 64:5f:0e:74:61:34:93:41:cf:f0:06:82:7f:24:34: 52:59:0b:07:0b:bf:b3:26:d1:aa:0c:b9:14:0f:64: c1:1b:fa:0b:f1:64:3a:3e:0d:34:8e:e1:b5:a9:e2: b3:4a:ab:88:3e:38:1f:0c:39:cb:9a:6a:ae:c9:7a: 81:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:26:0F:D7:F2:7A:82:D7:1F:E3:19:54:B9:52:00:BD:14:55:43:34 X509v3 Authority Key Identifier: keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:c1:4f:5e:16:e4:3e:a1:1e:a9:74:ec:41:7e:00:fc:58:a1: 19:88:cc:b4:c4:58:a9:90:e1:44:9f:be:5a:de:d9:99:20:31: f2:a8:e0:2f:82:90:2d:d4:aa:11:ef:e7:50:52:fb:23:58:fb: 21:54:de:27:9b:cd:3e:a6:81:cd:08:bd:2a:68:88:72:cb:4a: 88:fa:7b:24:6c:f0:ff:01:f0:98:55:b2:8b:5b:bb:d4:41:1f: 75:4c:f1:7d:92:fa:26:69:6d:e2:0b:80:5f:ad:e2:7b:7a:af: 15:0c:7d:cd:4f:38:53:68:d9:0a:48:d8:3d:fc:37:0b:e5:00: eb:fe:7f:78:0d:d0:fc:8b:31:bc:9d:0b:e8:84:d0:72:dd:a5: f1:e9:83:cb:3c:31:e0:e7:24:7a:1b:20:31:d0:52:8f:97:fe: a2:28:3c:d3:9a:54:e8:3f:a1:a3:e8:fb:16:22:3e:b6:61:8c: 8a:1f:2d:29:c0:94:ec:57:ce:ae:29:41:2c:e4:26:01:eb:7c: c9:0d:f3:6a:74:23:29:b6:8f:c9:76:14:10:12:c6:f4:3f:31: 43:26:37:85:9b:6d:cf:8e:f1:7f:c3:14:ce:d8:c7:7b:54:3e: 14:a8:1a:6b:eb:9d:ad:e2:b5:46:b9:13:53:54:f4:b7:c7:ab: 20:d2:70:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SG+re0goqaeeGmEsM/hzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5 ZDk3YzkwHhcNMjUxMjIxMDUwMTEwWhcNMjUxMjIyMDUwMTEwWjAzMTEwLwYDVQQD EyhjZTI2MGZkN2YyN2E4MmQ3MWZlMzE5NTRiOTUyMDBiZDE0NTU0MzM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoFIH/QB3OUHaS+1yUreC54EasOL ISGG5jUbqrAY6vXnXexXqx6AbKTOJAxaOuhwYeVMnQ7OzhfLuDLYlyKHsKMAZI1S Sc/RujiAxLUnmoHbcA2gxazQloY5OTRNS3Akji41M1vu2wMN+ebz0N7V/OlRYmWO 9+yVAM6IoH+Tgo4ZoAOZjddDONpunPwdcmntTIoziWuCjZcaDkH2KMq/ukXZxsdv G1SvAXrQGASYNQHKApv79QKJQZuFwNIckWV2GEhkXw50YTSTQc/wBoJ/JDRSWQsH C7+zJtGqDLkUD2TBG/oL8WQ6Pg00juG1qeKzSquIPjgfDDnLmmquyXqB+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4mD9fyeoLXH+MZVLlSAL0UVUM0MB8GA1UdIwQY MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesFPXhbk PqEeqXTsQX4A/FihGYjMtMRYqZDhRJ++Wt7ZmSAx8qjgL4KQLdSqEe/nUFL7I1j7 IVTeJ5vNPqaBzQi9KmiIcstKiPp7JGzw/wHwmFWyi1u71EEfdUzxfZL6Jmlt4guA X63ie3qvFQx9zU84U2jZCkjYPfw3C+UA6/5/eA3Q/IsxvJ0L6ITQct2l8emDyzwx 4OckehsgMdBSj5f+oig805pU6D+ho+j7FiI+tmGMih8tKcCU7FfOrilBLOQmAet8 yQ3zanQjKbaPyXYUEBLG9D8xQyY3hZttz47xf8MUztjHe1Q+FKgaa+udreK1RrkT U1T0t8erINJwAw== -----END CERTIFICATE-----Generated at Sun Dec 21 13:09:24 2025 by rpki-client