This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft File: CBG8UM_tnQLlgZaiyByYjjC6EmA.mft (raw, json) Hash identifier: B8t5ZfxM8M2UlVLOIKWYzudrA6W8nXJtOQiMbTsgT6E= Subject key identifier: B5:09:09:01:3F:EF:86:3B:A0:2B:70:C0:9F:61:44:04:BA:74:13:BD Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60 Certificate issuer: /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260 Certificate serial: 019B3D22DD79D11456D9E7E7F3A7C1835C6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 19:00:53 +0000 Manifest this update: Sat 20 Dec 2025 19:00:53 +0000 Manifest next update: Sun 21 Dec 2025 19:00:53 +0000 Files and hashes: 1: CBG8UM_tnQLlgZaiyByYjjC6EmA.crl (hash: sFZC9YuOWTUbPf3PZ/9VgYhaMoZNhc0MTCRXRIaUwsQ=) 2: mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa (hash: HyXUe+PYjqIKyOZOZZRdFXR1ckNBvzFOngXjiDgbrBY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:dd:79:d1:14:56:d9:e7:e7:f3:a7:c1:83:5c:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260 Validity Not Before: Dec 20 19:00:53 2025 GMT Not After : Dec 21 19:00:53 2025 GMT Subject: CN=b50909013fef863ba02b70c09f614404ba7413bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5a:67:a3:e6:26:9e:0b:57:0e:fb:ac:39:99: 1f:f6:fb:f1:06:34:99:08:32:50:13:91:1e:ee:48: 16:88:e0:5e:f2:70:eb:60:1f:60:ae:13:2a:a8:6a: d8:8e:85:5e:50:2b:ba:f7:02:6d:38:3c:7d:3e:be: 83:c0:02:d4:d1:c6:ce:69:6c:3e:9a:05:ac:68:73: 40:ea:df:04:24:45:0b:85:47:fb:64:f7:ba:06:f9: 46:26:6c:e2:5d:70:96:0d:fb:d4:59:f4:a2:da:64: 7b:01:ee:44:f7:d1:a3:8e:4a:04:4c:84:6e:36:f3: 17:f7:f3:49:52:56:2c:52:c4:28:cb:1a:42:4a:70: c4:33:02:88:f1:3f:f1:2a:fe:c0:21:54:e8:99:18: 65:1a:ed:1a:da:63:1f:7b:6b:93:96:cf:7b:3d:09: 68:43:86:a4:32:6d:f0:83:5d:4a:b5:b5:fa:7c:93: fa:c8:c2:aa:ea:3f:13:cc:97:a9:39:2d:4f:28:7e: 24:45:37:93:aa:30:83:83:38:d2:d2:dc:cf:08:f5: 1b:eb:8b:39:b4:ac:b3:84:93:29:37:cd:ee:7b:65: c1:e4:cd:a1:e2:3c:00:14:3e:bb:8c:13:4a:aa:58: 31:bf:67:d6:51:81:e1:74:72:2b:3e:72:51:be:0b: f8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:09:09:01:3F:EF:86:3B:A0:2B:70:C0:9F:61:44:04:BA:74:13:BD X509v3 Authority Key Identifier: keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:fb:67:f7:48:37:fd:4f:01:91:fc:1f:5d:ab:7a:49:fe:6e: 33:61:ba:f3:b5:30:12:b8:79:37:0f:68:77:fb:ad:9b:6e:e0: c8:c5:1d:6a:67:3d:bd:e8:76:49:79:95:e4:ec:2c:e7:4e:5f: 8a:13:90:40:ec:21:34:1e:b9:f3:74:21:2f:a4:36:c0:5c:d9: f8:7d:28:74:fb:f6:a9:a3:31:7a:e1:c4:e8:2f:1d:e1:dc:53: 51:b3:c8:20:2f:b7:ec:98:02:2e:7a:ff:59:9d:21:ad:3d:dd: 85:a8:dc:6c:3f:09:ed:26:d3:9f:02:6e:c2:03:18:cc:28:8c: 66:39:68:d1:51:6f:87:a2:50:24:fc:82:71:4f:56:a2:b1:93: 4b:33:fb:f1:bf:d5:c1:52:fc:a6:dc:f5:59:d2:42:0e:6f:bf: 84:68:9d:0d:31:2d:5a:d9:b2:09:3c:fa:86:b3:5f:5d:c1:7e: d0:dd:bd:8b:c6:f7:f4:f6:35:e1:e8:fd:53:ea:a9:01:b4:ad: de:33:fd:1c:fa:66:bc:48:78:39:2d:e6:d6:98:47:10:1c:32: 06:95:db:7f:95:43:b4:25:27:f4:08:0f:6e:0e:62:4c:89:cf: 59:bb:a0:13:35:91:b7:f1:9e:4e:39:b5:50:d6:ba:fa:d8:d5: e5:ae:48:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9It150RRW2efn86fBg1xrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4MTFiYzUwY2ZlZDlkMDJlNTgxOTZhMmM4MWM5ODhlMzBi YTEyNjAwHhcNMjUxMjIwMTkwMDUzWhcNMjUxMjIxMTkwMDUzWjAzMTEwLwYDVQQD EyhiNTA5MDkwMTNmZWY4NjNiYTAyYjcwYzA5ZjYxNDQwNGJhNzQxM2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlpno+YmngtXDvusOZkf9vvxBjSZ CDJQE5Ee7kgWiOBe8nDrYB9grhMqqGrYjoVeUCu69wJtODx9Pr6DwALU0cbOaWw+ mgWsaHNA6t8EJEULhUf7ZPe6BvlGJmziXXCWDfvUWfSi2mR7Ae5E99GjjkoETIRu NvMX9/NJUlYsUsQoyxpCSnDEMwKI8T/xKv7AIVTomRhlGu0a2mMfe2uTls97PQlo Q4akMm3wg11KtbX6fJP6yMKq6j8TzJepOS1PKH4kRTeTqjCDgzjS0tzPCPUb64s5 tKyzhJMpN83ue2XB5M2h4jwAFD67jBNKqlgxv2fWUYHhdHIrPnJRvgv41wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLUJCQE/74Y7oCtwwJ9hRAS6dBO9MB8GA1UdIwQY MBaAFAgRvFDP7Z0C5YGWosgcmI4wuhJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYt ZWU1YTY3NDNiZTU2LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYtZWU1YTY3NDNiZTU2 LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtvtn90g3 /U8BkfwfXat6Sf5uM2G687UwErh5Nw9od/utm27gyMUdamc9veh2SXmV5Ows505f ihOQQOwhNB6583QhL6Q2wFzZ+H0odPv2qaMxeuHE6C8d4dxTUbPIIC+37JgCLnr/ WZ0hrT3dhajcbD8J7SbTnwJuwgMYzCiMZjlo0VFvh6JQJPyCcU9WorGTSzP78b/V wVL8ptz1WdJCDm+/hGidDTEtWtmyCTz6hrNfXcF+0N29i8b39PY14ej9U+qpAbSt 3jP9HPpmvEh4OS3m1phHEBwyBpXbf5VDtCUn9AgPbg5iTInPWbugEzWRt/GeTjm1 UNa6+tjV5a5I3g== -----END CERTIFICATE-----Generated at Sun Dec 21 01:34:43 2025 by rpki-client