This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft File: 8gLwqonAZ9ZjOLTVnSBSujmplEs.mft (raw, json) Hash identifier: K+0Xy21DlRsbkt/YBrLQ3f+IRLPXeOWs1NcONDo6GIY= Subject key identifier: A0:D0:2D:DC:14:D0:90:38:D0:45:95:34:D8:0B:41:9F:7A:42:E7:21 Authority key identifier: F2:02:F0:AA:89:C0:67:D6:63:38:B4:D5:9D:20:52:BA:39:A9:94:4B Certificate issuer: /CN=f202f0aa89c067d66338b4d59d2052ba39a9944b Certificate serial: 019B4D3A5FBF7B1B9D0A11C0AF181B7A673F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft Manifest number: 06F3 Signing time: Tue 23 Dec 2025 22:00:29 +0000 Manifest this update: Tue 23 Dec 2025 22:00:29 +0000 Manifest next update: Wed 24 Dec 2025 22:00:29 +0000 Files and hashes: 1: 8gLwqonAZ9ZjOLTVnSBSujmplEs.crl (hash: KutmL6a/6BPrvYGUpZmwUbTJ6FdzrKZBCIs+Dqspqvo=) 2: gxY3cqQ9AtbDjrB_-otpHb6Irb0.roa (hash: LD3l5OVkY9IZSD+ZJZMYqJis4oBCr+KMHwZEJzzuk0w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.crl rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:3a:5f:bf:7b:1b:9d:0a:11:c0:af:18:1b:7a:67:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f202f0aa89c067d66338b4d59d2052ba39a9944b Validity Not Before: Dec 23 22:00:29 2025 GMT Not After : Dec 24 22:00:29 2025 GMT Subject: CN=a0d02ddc14d09038d0459534d80b419f7a42e721 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b0:3c:b0:27:54:3d:b0:c0:1b:2c:3b:27:2b: ca:75:c4:6a:69:c0:68:ed:58:1b:0a:69:b2:af:6e: 45:8c:87:24:c8:77:8b:1a:0a:84:5a:9d:f5:a2:1c: 56:12:9c:c2:9e:f9:a4:1a:12:7f:cd:cf:4f:e7:f6: 86:3d:0e:70:1d:b5:b8:60:03:eb:fc:d4:11:75:aa: 75:48:5f:35:cd:3e:60:e4:0d:d6:7a:5f:ca:c3:66: a3:36:46:4c:e7:dd:d0:99:98:48:3e:b8:da:9c:f9: 2e:e0:57:37:31:66:d6:a6:62:59:e4:d2:dd:4f:03: 61:fa:33:88:07:62:9c:db:d2:20:90:b2:89:45:f2: 31:59:8d:b3:e9:ca:92:ed:19:f3:c7:1d:a3:9e:ee: 95:d2:21:e0:0d:c0:16:b1:e0:2e:d6:9e:76:75:59: 84:31:20:f8:43:31:43:5d:c9:d1:d7:20:62:6d:72: 4f:0f:4b:53:53:c5:6c:db:df:c0:6e:71:ef:79:54: 61:6e:2d:a1:24:f7:b2:3e:c6:06:cc:24:24:e6:4f: 44:4a:82:f5:8b:be:b0:d8:64:95:36:e9:bd:9b:89: a4:e0:ab:68:a4:bb:59:b5:ee:e5:f9:3d:69:e6:f1: ce:fa:82:26:d2:33:75:59:33:7b:bf:f9:da:93:a6: 74:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D0:2D:DC:14:D0:90:38:D0:45:95:34:D8:0B:41:9F:7A:42:E7:21 X509v3 Authority Key Identifier: keyid:F2:02:F0:AA:89:C0:67:D6:63:38:B4:D5:9D:20:52:BA:39:A9:94:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gLwqonAZ9ZjOLTVnSBSujmplEs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8769f1-b80b-4886-bb0b-f625700e8a90/1/8gLwqonAZ9ZjOLTVnSBSujmplEs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:14:2e:44:1c:e3:ef:b4:f5:52:89:5b:30:1b:09:e7:c6:07: 4d:85:50:45:eb:4d:7f:ae:82:c7:c2:8b:66:e1:a1:52:e5:e0: 0b:a9:b3:5e:b1:8e:6b:9b:0c:2f:25:a5:4e:b0:fa:1d:04:05: a0:78:35:28:fa:c8:48:f5:3f:92:2a:1d:b6:f1:0e:51:77:1d: cb:03:87:ec:b8:f2:c1:94:7f:d1:31:c9:6b:5e:44:21:39:80: 3c:ff:1e:91:5e:f1:81:e5:d7:9b:86:1b:c2:da:6f:63:85:65: 01:e7:e0:dd:67:3c:4f:c7:e2:96:f5:17:0e:24:87:6c:62:95: d8:ed:dc:68:16:d9:45:20:b0:62:69:9b:6e:bd:0c:79:98:c1: 89:07:84:e1:e6:06:3e:59:cc:a5:0a:27:d5:95:0a:6e:a7:62: 55:17:ef:14:fe:f6:b0:17:5f:2c:84:9b:03:85:b6:ce:87:70: a6:7b:e6:98:6d:39:92:ba:31:8d:92:16:c3:5f:66:f5:60:47: 29:31:37:9d:11:7b:63:63:32:48:52:a6:84:3d:25:f1:14:32: 6a:07:51:4a:90:ec:02:12:e2:34:96:18:97:e9:a0:26:cb:e3: 42:0a:8b:d5:bd:c5:16:15:a8:6b:b0:97:12:7e:25:7f:f9:2e: 9f:9c:82:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtNOl+/exudChHArxgbemc/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyMDJmMGFhODljMDY3ZDY2MzM4YjRkNTlkMjA1MmJhMzlh OTk0NGIwHhcNMjUxMjIzMjIwMDI5WhcNMjUxMjI0MjIwMDI5WjAzMTEwLwYDVQQD EyhhMGQwMmRkYzE0ZDA5MDM4ZDA0NTk1MzRkODBiNDE5ZjdhNDJlNzIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrA8sCdUPbDAGyw7JyvKdcRqacBo 7VgbCmmyr25FjIckyHeLGgqEWp31ohxWEpzCnvmkGhJ/zc9P5/aGPQ5wHbW4YAPr /NQRdap1SF81zT5g5A3Wel/Kw2ajNkZM593QmZhIPrjanPku4Fc3MWbWpmJZ5NLd TwNh+jOIB2Kc29IgkLKJRfIxWY2z6cqS7Rnzxx2jnu6V0iHgDcAWseAu1p52dVmE MSD4QzFDXcnR1yBibXJPD0tTU8Vs29/AbnHveVRhbi2hJPeyPsYGzCQk5k9ESoL1 i76w2GSVNum9m4mk4KtopLtZte7l+T1p5vHO+oIm0jN1WTN7v/nak6Z0kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKDQLdwU0JA40EWVNNgLQZ96QuchMB8GA1UdIwQY MBaAFPIC8KqJwGfWYzi01Z0gUro5qZRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84NzY5ZjEtYjgwYi00ODg2LWJiMGIt ZjYyNTcwMGU4YTkwLzEvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi84NzY5ZjEtYjgwYi00ODg2LWJiMGItZjYyNTcwMGU4YTkw LzEvOGdMd3FvbkFaOVpqT0xUVm5TQlN1am1wbEVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxQuRBzj 77T1UolbMBsJ58YHTYVQRetNf66Cx8KLZuGhUuXgC6mzXrGOa5sMLyWlTrD6HQQF oHg1KPrISPU/kiodtvEOUXcdywOH7LjywZR/0THJa15EITmAPP8ekV7xgeXXm4Yb wtpvY4VlAefg3Wc8T8filvUXDiSHbGKV2O3caBbZRSCwYmmbbr0MeZjBiQeE4eYG PlnMpQon1ZUKbqdiVRfvFP72sBdfLISbA4W2zodwpnvmmG05kroxjZIWw19m9WBH KTE3nRF7Y2MySFKmhD0l8RQyagdRSpDsAhLiNJYYl+mgJsvjQgqL1b3FFhWoa7CX En4lf/kun5yC8w== -----END CERTIFICATE-----Generated at Wed Dec 24 00:14:15 2025 by rpki-client