This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft File: 8zXtZqwB15F1zk149nKh_kcgN4A.mft (raw, json) Hash identifier: 8pSL86sV7ZgLsjtOcYuUotOypEZ+s+tQRWB6D0P6Bv0= Subject key identifier: EA:44:18:69:D6:57:59:24:BF:06:2A:9F:75:0E:DC:44:6C:CE:AD:CE Authority key identifier: F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80 Certificate issuer: /CN=f335ed66ac01d79175ce4d78f672a1fe47203780 Certificate serial: 019B3CB4ACAD893FE99C6817C05CF59F8B86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft Manifest number: 014D Signing time: Sat 20 Dec 2025 17:00:32 +0000 Manifest this update: Sat 20 Dec 2025 17:00:32 +0000 Manifest next update: Sun 21 Dec 2025 17:00:32 +0000 Files and hashes: 1: 8zXtZqwB15F1zk149nKh_kcgN4A.crl (hash: n++UqX0mal5t0GxyAWsuEEd0fc78puy0C9KfhNOQH2o=) 2: Gc7bIWg_002hRPQXdkZu34Nt1hk.roa (hash: rYe2LH24NobxlRDRXW8nW9SeQn4FShUkG8Kt27Qhtsg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:ac:ad:89:3f:e9:9c:68:17:c0:5c:f5:9f:8b:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f335ed66ac01d79175ce4d78f672a1fe47203780 Validity Not Before: Dec 20 17:00:32 2025 GMT Not After : Dec 21 17:00:32 2025 GMT Subject: CN=ea441869d6575924bf062a9f750edc446cceadce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b6:be:27:a3:ed:15:1a:5d:fd:a2:59:75:62: 95:47:ec:63:54:7e:47:f5:ad:79:9e:f7:b4:09:3d: 5b:7b:a7:4c:b6:80:94:60:06:94:5d:e3:77:b3:d9: 48:f3:90:32:b5:8d:77:f5:95:2e:13:44:e6:93:ab: 67:fc:7c:23:87:34:2c:f2:8e:45:8e:82:fe:74:9e: 81:91:e4:b5:d5:ce:ea:6a:b3:dc:b8:15:be:e2:30: aa:78:fb:5a:30:e6:8c:7b:a5:2b:ab:3f:61:d7:e9: f1:7e:d7:2f:70:23:01:76:71:df:14:6a:bb:38:63: 11:d6:0c:12:bc:38:6d:62:57:30:2b:00:c3:07:bb: eb:72:bb:8e:ac:b3:d1:d8:e2:bd:59:a1:7a:80:0b: a9:9f:6b:7a:99:ef:98:aa:46:9d:b5:4f:0b:10:ef: 5a:6a:38:23:c8:bb:ba:d5:b9:79:2b:1f:f8:8d:d2: 1d:e1:bf:91:b8:0d:88:3e:78:6e:6d:47:ad:68:7f: 8d:14:af:01:7c:98:5d:bd:21:99:fb:8a:85:63:c1: 90:4b:ad:c0:b4:f2:2d:07:aa:ec:91:4c:51:45:dc: 09:c3:25:fc:56:27:1f:ac:33:a5:48:90:65:c6:08: 91:d1:6f:5c:d0:57:f7:8d:6c:a6:e6:78:11:e0:5d: 85:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:44:18:69:D6:57:59:24:BF:06:2A:9F:75:0E:DC:44:6C:CE:AD:CE X509v3 Authority Key Identifier: keyid:F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:b1:c9:f3:5b:c1:7a:32:6a:b4:63:c2:bd:b8:5f:7c:76:ba: d0:60:aa:75:8f:36:ea:fa:20:46:a4:d8:89:0f:18:a6:3f:8e: 0c:fb:95:47:fb:fd:74:6e:33:b5:72:0a:e3:fc:0d:51:51:0d: 7a:a3:5b:ba:5b:11:fd:26:51:d9:7c:fd:14:d0:79:38:5e:43: 00:a5:d7:44:34:a3:38:d6:3f:74:9f:7a:00:f0:67:f4:09:1b: 05:0a:a2:f1:12:c8:c6:e0:4e:ab:6c:a8:04:0f:d8:0a:c7:17: 76:27:d4:61:bc:f9:d7:e7:30:b2:87:17:1a:43:ca:7f:27:cc: ca:12:f0:37:d2:33:9b:40:18:d1:4b:7d:47:34:57:a4:c3:97: 60:34:44:f9:b8:58:f4:a4:12:17:fd:45:98:d2:78:27:e2:46: f7:8b:08:fe:40:7e:c4:a5:57:2a:e2:af:78:99:01:0e:e5:65: a0:9e:14:42:39:da:c5:b6:b4:b4:df:b4:ec:9f:81:d0:ec:b6: 07:08:32:bc:17:dc:22:35:cb:11:51:ec:b0:e4:33:b8:3b:63: 52:e7:09:2a:ac:b5:d2:82:32:2f:73:2f:f1:2c:a7:06:97:1b: e0:60:53:f9:2d:cc:38:1d:e0:cd:23:08:36:2d:e1:19:1b:2c: 5c:cf:7a:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tKytiT/pnGgXwFz1n4uGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMzVlZDY2YWMwMWQ3OTE3NWNlNGQ3OGY2NzJhMWZlNDcy MDM3ODAwHhcNMjUxMjIwMTcwMDMyWhcNMjUxMjIxMTcwMDMyWjAzMTEwLwYDVQQD EyhlYTQ0MTg2OWQ2NTc1OTI0YmYwNjJhOWY3NTBlZGM0NDZjY2VhZGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsra+J6PtFRpd/aJZdWKVR+xjVH5H 9a15nve0CT1be6dMtoCUYAaUXeN3s9lI85AytY139ZUuE0Tmk6tn/HwjhzQs8o5F joL+dJ6BkeS11c7qarPcuBW+4jCqePtaMOaMe6Urqz9h1+nxftcvcCMBdnHfFGq7 OGMR1gwSvDhtYlcwKwDDB7vrcruOrLPR2OK9WaF6gAupn2t6me+YqkadtU8LEO9a ajgjyLu61bl5Kx/4jdId4b+RuA2IPnhubUetaH+NFK8BfJhdvSGZ+4qFY8GQS63A tPItB6rskUxRRdwJwyX8VicfrDOlSJBlxgiR0W9c0Ff3jWym5ngR4F2FCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOpEGGnWV1kkvwYqn3UO3ERszq3OMB8GA1UdIwQY MBaAFPM17WasAdeRdc5NePZyof5HIDeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEt NTBhY2JhZWVjN2NhLzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEtNTBhY2JhZWVjN2Nh LzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLHJ81vB ejJqtGPCvbhffHa60GCqdY826vogRqTYiQ8Ypj+ODPuVR/v9dG4ztXIK4/wNUVEN eqNbulsR/SZR2Xz9FNB5OF5DAKXXRDSjONY/dJ96APBn9AkbBQqi8RLIxuBOq2yo BA/YCscXdifUYbz51+cwsocXGkPKfyfMyhLwN9Izm0AY0Ut9RzRXpMOXYDRE+bhY 9KQSF/1FmNJ4J+JG94sI/kB+xKVXKuKveJkBDuVloJ4UQjnaxba0tN+07J+B0Oy2 BwgyvBfcIjXLEVHssOQzuDtjUucJKqy10oIyL3Mv8SynBpcb4GBT+S3MOB3gzSMI Ni3hGRssXM96jg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:44:42 2025 by rpki-client