This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.mft File: 8uOrazEY4L3g5kiOa-1slpQeDoQ.mft (raw, json) Hash identifier: Ptl+x1gBMUcOZuVAJjvCNQC8+3LKkJt5qH+LwKmMORY= Subject key identifier: 19:0D:96:E0:D1:1D:EA:63:9F:79:77:94:AB:ED:CE:A7:B1:30:43:A3 Authority key identifier: F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84 Certificate issuer: /CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84 Certificate serial: 019B31C389D5BF6BC15052BD93EB7C617F08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.mft Manifest number: 0C18 Signing time: Thu 18 Dec 2025 14:00:56 +0000 Manifest this update: Thu 18 Dec 2025 14:00:56 +0000 Manifest next update: Fri 19 Dec 2025 14:00:56 +0000 Files and hashes: 1: 8uOrazEY4L3g5kiOa-1slpQeDoQ.crl (hash: obKKGYjskTrx6YFbnEZ1ueEy0VD93lzJOKGb8ej5Lgk=) 2: TwUAmEwQxO2jeeE0IG7nOUuBRU8.roa (hash: 5uZF7JHC6Cu/tuWa9kusO7lA0+dh5OGQEqs1E5VZ/5E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.mft rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:89:d5:bf:6b:c1:50:52:bd:93:eb:7c:61:7f:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84 Validity Not Before: Dec 18 14:00:56 2025 GMT Not After : Dec 19 14:00:56 2025 GMT Subject: CN=190d96e0d11dea639f797794abedcea7b13043a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:9b:b8:3e:5f:bb:d8:60:5b:c5:62:52:e3:a9: ca:e5:3d:44:f1:18:2b:bc:3a:0e:3a:78:52:83:d0: be:0a:2d:13:84:34:f5:af:6f:b0:ec:69:7a:c6:2b: 30:93:62:29:85:22:ca:42:7f:84:58:19:da:a3:ac: fe:2d:13:b1:3e:2a:97:cb:7a:02:0d:d8:21:60:ed: 60:8c:79:0e:7c:84:f3:fd:10:25:8c:cb:d7:dd:ca: 37:cb:be:49:eb:ee:86:35:3f:0c:e4:eb:ca:87:d6: f8:cc:64:d0:8d:e2:02:cf:ca:16:15:39:3e:53:23: a9:55:93:b0:15:57:77:dc:0b:16:ae:34:6c:90:46: 54:31:45:78:52:98:71:da:99:f6:c2:0b:e4:10:f5: cc:64:c3:5b:43:ff:6c:5b:20:67:43:a9:e5:af:c7: 71:b5:71:60:56:ad:71:4b:ee:6e:af:45:29:33:a5: 17:e8:2d:33:eb:36:6e:7b:f7:a7:e5:3c:19:a5:07: 5a:b9:af:15:bd:31:fd:51:90:ed:87:9a:24:9c:67: c8:d4:74:19:13:14:c0:69:e3:a5:f8:e0:fc:10:f0: d5:e9:97:9b:16:4a:ea:4c:0d:91:fb:df:71:cd:2e: 81:36:53:9b:82:92:87:29:24:13:d1:2b:f3:3c:d2: 7b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:0D:96:E0:D1:1D:EA:63:9F:79:77:94:AB:ED:CE:A7:B1:30:43:A3 X509v3 Authority Key Identifier: keyid:F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:14:86:b0:f8:3a:5d:01:41:c3:7d:bf:0a:af:3e:d7:85:b3: b5:3d:0a:eb:7b:10:31:d6:cc:ad:96:46:3d:f7:7d:de:28:f0: e1:59:da:85:a5:48:9f:64:05:81:7b:79:b5:c4:9d:e5:ac:b4: 17:ec:55:e8:e8:25:3e:ae:fd:53:fb:a8:59:66:f1:a8:e2:61: f8:ac:ff:ee:f5:97:87:3a:d9:db:c3:19:b1:48:eb:69:4a:f1: 6a:78:19:d6:c3:d2:fc:79:dd:e3:36:9b:8e:3b:5d:fc:f0:14: 10:25:f6:8a:29:00:b0:5a:62:d0:55:ad:b5:24:a5:a2:16:f1: b7:b1:08:24:96:24:c3:ea:30:1d:7b:d4:c6:48:ab:22:66:b7: 32:b2:00:62:d3:66:31:dc:70:bb:c8:29:d8:28:57:63:e9:45: aa:01:e2:d9:c2:50:7f:d8:19:84:d3:fc:22:47:11:78:e6:13: 80:cd:1e:5b:c3:aa:d3:56:ff:17:66:cd:ff:bf:82:88:a1:ad: 45:be:a1:38:bc:ad:87:32:75:21:15:17:d7:95:64:04:cc:d1: c7:66:02:6c:40:72:7b:58:69:55:51:df:6f:87:42:de:93:3f: fe:52:6e:ca:db:fd:f1:dd:34:20:ab:62:c0:c5:c7:10:b2:ed: 57:d9:55:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw4nVv2vBUFK9k+t8YX8IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyZTNhYjZiMzExOGUwYmRlMGU2NDg4ZTZiZWQ2Yzk2OTQx ZTBlODQwHhcNMjUxMjE4MTQwMDU2WhcNMjUxMjE5MTQwMDU2WjAzMTEwLwYDVQQD EygxOTBkOTZlMGQxMWRlYTYzOWY3OTc3OTRhYmVkY2VhN2IxMzA0M2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpu4Pl+72GBbxWJS46nK5T1E8Rgr vDoOOnhSg9C+Ci0ThDT1r2+w7Gl6xiswk2IphSLKQn+EWBnao6z+LROxPiqXy3oC DdghYO1gjHkOfITz/RAljMvX3co3y75J6+6GNT8M5OvKh9b4zGTQjeICz8oWFTk+ UyOpVZOwFVd33AsWrjRskEZUMUV4Uphx2pn2wgvkEPXMZMNbQ/9sWyBnQ6nlr8dx tXFgVq1xS+5ur0UpM6UX6C0z6zZue/en5TwZpQdaua8VvTH9UZDth5oknGfI1HQZ ExTAaeOl+OD8EPDV6ZebFkrqTA2R+99xzS6BNlObgpKHKSQT0SvzPNJ76wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBkNluDRHepjn3l3lKvtzqexMEOjMB8GA1UdIwQY MBaAFPLjq2sxGOC94OZIjmvtbJaUHg6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAt ODNiMDM4NzAwOTRkLzEvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAtODNiMDM4NzAwOTRk LzEvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnRSGsPg6 XQFBw32/Cq8+14WztT0K63sQMdbMrZZGPfd93ijw4VnahaVIn2QFgXt5tcSd5ay0 F+xV6OglPq79U/uoWWbxqOJh+Kz/7vWXhzrZ28MZsUjraUrxangZ1sPS/Hnd4zab jjtd/PAUECX2iikAsFpi0FWttSSlohbxt7EIJJYkw+owHXvUxkirIma3MrIAYtNm Mdxwu8gp2ChXY+lFqgHi2cJQf9gZhNP8IkcReOYTgM0eW8Oq01b/F2bN/7+CiKGt Rb6hOLythzJ1IRUX15VkBMzRx2YCbEBye1hpVVHfb4dC3pM//lJuytv98d00IKti wMXHELLtV9lVQg== -----END CERTIFICATE-----Generated at Thu Dec 18 18:08:26 2025 by rpki-client