This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft File: 8A5uimGIP2gBZbX0FUhfjw1PWo0.mft (raw, json) Hash identifier: QFQtkoEcBhXLg9p+ss4nUEeHKkzfoBpke65g5xv/5A8= Subject key identifier: A5:C1:13:13:85:B8:60:69:BC:01:02:3D:AC:CB:C5:C7:BB:7C:26:1A Authority key identifier: F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D Certificate issuer: /CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d Certificate serial: 019B7CA687A58AC43D4E24883F803864374A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft Manifest number: 14A2 Signing time: Fri 02 Jan 2026 03:00:47 +0000 Manifest this update: Fri 02 Jan 2026 03:00:47 +0000 Manifest next update: Sat 03 Jan 2026 03:00:47 +0000 Files and hashes: 1: 8A5uimGIP2gBZbX0FUhfjw1PWo0.crl (hash: gK8lwxmtKHDPgIOKJKieng5uGtsKpX+87AQFnz804zY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:a6:87:a5:8a:c4:3d:4e:24:88:3f:80:38:64:37:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d Validity Not Before: Jan 2 03:00:47 2026 GMT Not After : Jan 3 03:00:47 2026 GMT Subject: CN=a5c1131385b86069bc01023daccbc5c7bb7c261a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:98:50:ad:71:c9:60:70:00:42:7a:31:96:9b: 96:60:75:b3:8c:4b:d1:37:29:74:4d:0e:80:2e:7b: 06:fc:ca:03:9f:07:51:ef:aa:35:f4:ce:28:d4:23: 3f:9a:e6:8c:dc:63:a4:01:e9:08:0b:6a:02:09:91: 82:d9:1e:6a:5c:96:74:91:22:38:18:1d:da:24:b3: d1:fd:1c:60:54:6c:9e:5e:ee:8a:f2:18:92:bd:60: 03:11:99:ed:50:7c:f5:c1:84:e7:8f:85:ee:e3:10: c6:ff:d1:4e:8a:03:c0:06:6e:72:92:9c:b8:0f:93: 3d:d8:fa:76:eb:0a:75:6d:56:53:c7:e0:3b:0f:43: 65:df:3c:08:59:34:f1:e4:65:94:d5:bf:44:85:19: 42:12:6b:14:7d:80:8a:3d:fb:6c:a7:b2:29:f3:5b: c8:a0:cb:6d:c2:0b:fb:13:90:9d:75:26:3e:88:37: ec:2b:14:b3:95:c0:8a:6f:60:64:90:6c:ed:51:ef: 89:73:1c:ac:b1:3b:bb:85:9f:ac:34:2d:90:50:f6: f6:98:6d:9b:41:85:21:a6:4c:11:0d:1d:2b:36:10: d8:bb:6d:f5:59:0b:43:03:46:11:f1:f4:7d:02:66: 55:ec:c3:63:21:da:16:29:fa:f4:0f:91:16:d3:5d: 88:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:C1:13:13:85:B8:60:69:BC:01:02:3D:AC:CB:C5:C7:BB:7C:26:1A X509v3 Authority Key Identifier: keyid:F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:a5:30:39:2a:cb:a0:f3:bf:9a:03:b7:66:cd:f1:5e:95:2f: b6:4b:6c:d7:7c:b4:be:33:86:c1:ea:ec:bf:bc:e8:f3:35:08: 7e:1d:74:20:54:3c:fe:fb:38:9f:2e:90:03:7a:31:26:41:d7: b3:ad:a9:ec:9b:80:06:1f:99:ee:83:7f:4e:14:f5:b4:5c:84: 56:c0:7f:3b:17:4e:f2:f1:72:a7:14:cd:4d:c2:88:bc:00:19: 8d:0e:5f:56:aa:f8:96:4f:fa:35:14:a4:1c:ed:bc:4b:33:44: db:db:a0:bd:dc:a1:83:6f:5b:28:3d:1b:98:4c:a3:4c:e8:66: ae:e3:ad:92:92:b3:24:bb:86:c3:24:a6:c0:43:20:12:1a:9c: c4:7e:3f:eb:9e:1e:6d:3f:70:e1:d1:75:ab:93:6d:39:b1:80: 66:0e:11:55:4e:e3:69:10:17:4d:5e:fe:9c:8d:da:91:a8:f6: b4:f4:2e:3a:f5:9c:2e:d2:3b:7d:13:ed:28:c2:c2:39:59:f4: d3:fa:91:b0:29:7a:f5:45:a9:24:3b:7c:bc:bd:87:e0:f2:2a: 07:2f:6b:16:45:94:fe:5c:e3:b7:f7:17:db:b3:2e:4e:e8:83: fc:05:af:ed:67:89:25:fb:7d:1d:e2:df:91:4a:10:48:28:66: 3c:55:91:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt8poelisQ9TiSIP4A4ZDdKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwMGU2ZThhNjE4ODNmNjgwMTY1YjVmNDE1NDg1ZjhmMGQ0 ZjVhOGQwHhcNMjYwMTAyMDMwMDQ3WhcNMjYwMTAzMDMwMDQ3WjAzMTEwLwYDVQQD EyhhNWMxMTMxMzg1Yjg2MDY5YmMwMTAyM2RhY2NiYzVjN2JiN2MyNjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZhQrXHJYHAAQnoxlpuWYHWzjEvR Nyl0TQ6ALnsG/MoDnwdR76o19M4o1CM/muaM3GOkAekIC2oCCZGC2R5qXJZ0kSI4 GB3aJLPR/RxgVGyeXu6K8hiSvWADEZntUHz1wYTnj4Xu4xDG/9FOigPABm5ykpy4 D5M92Pp26wp1bVZTx+A7D0Nl3zwIWTTx5GWU1b9EhRlCEmsUfYCKPftsp7Ip81vI oMttwgv7E5CddSY+iDfsKxSzlcCKb2BkkGztUe+JcxyssTu7hZ+sNC2QUPb2mG2b QYUhpkwRDR0rNhDYu231WQtDA0YR8fR9AmZV7MNjIdoWKfr0D5EW012INQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKXBExOFuGBpvAECPazLxce7fCYaMB8GA1UdIwQY MBaAFPAObophiD9oAWW19BVIX48NT1qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMt M2NmZjE0ODI4ZGZkLzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMtM2NmZjE0ODI4ZGZk LzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6UwOSrL oPO/mgO3Zs3xXpUvtkts13y0vjOGwersv7zo8zUIfh10IFQ8/vs4ny6QA3oxJkHX s62p7JuABh+Z7oN/ThT1tFyEVsB/OxdO8vFypxTNTcKIvAAZjQ5fVqr4lk/6NRSk HO28SzNE29ugvdyhg29bKD0bmEyjTOhmruOtkpKzJLuGwySmwEMgEhqcxH4/654e bT9w4dF1q5NtObGAZg4RVU7jaRAXTV7+nI3akaj2tPQuOvWcLtI7fRPtKMLCOVn0 0/qRsCl69UWpJDt8vL2H4PIqBy9rFkWU/lzjt/cX27MuTuiD/AWv7WeJJft9HeLf kUoQSChmPFWR9w== -----END CERTIFICATE-----Generated at Fri Jan 2 09:52:41 2026 by rpki-client