This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft File: 8j79S9kntM6jMSCiG09zFNy-oXk.mft (raw, json) Hash identifier: 3YFQLHhbdBgRQbuA96hrbYiL/VX28YyxS2q/PbQ9jtI= Subject key identifier: 9A:DE:49:3B:23:F5:91:42:81:9D:37:68:8C:7B:78:DE:B6:B8:09:06 Authority key identifier: F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79 Certificate issuer: /CN=f23efd4bd927b4cea33120a21b4f7314dcbea179 Certificate serial: 019B6BB2D02A59AAAC40227A7444DCA8F088 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft Manifest number: 0F45 Signing time: Mon 29 Dec 2025 20:00:39 +0000 Manifest this update: Mon 29 Dec 2025 20:00:39 +0000 Manifest next update: Tue 30 Dec 2025 20:00:39 +0000 Files and hashes: 1: 8j79S9kntM6jMSCiG09zFNy-oXk.crl (hash: gi6DptBR1X13go31nyHxdsYYKS6PLzuXRDO2j9Vszq0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 20:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:b2:d0:2a:59:aa:ac:40:22:7a:74:44:dc:a8:f0:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f23efd4bd927b4cea33120a21b4f7314dcbea179 Validity Not Before: Dec 29 20:00:39 2025 GMT Not After : Dec 30 20:00:39 2025 GMT Subject: CN=9ade493b23f59142819d37688c7b78deb6b80906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:40:8a:18:76:21:b4:a2:c9:d2:0c:73:80:fc: 83:95:d4:80:37:80:52:cb:b6:ce:f4:9a:c8:0c:32: 49:5f:7b:96:86:f0:72:14:85:65:c4:3b:a2:5a:96: 7f:26:04:11:55:c2:e8:1f:73:23:da:b0:af:bc:65: ad:d4:b1:15:4f:c9:62:9b:0a:67:6f:f3:4f:2b:75: 98:6c:76:b5:dc:08:4b:71:74:6f:57:c4:b4:5c:ba: e1:5a:7f:d1:e5:fc:b2:13:f1:cc:e0:87:e1:76:5f: e8:ae:24:ae:1f:38:a9:ec:05:89:08:a2:9f:c3:b2: 79:5c:4a:c9:ff:a6:f5:7b:a8:d6:bb:67:77:6d:d8: 2c:02:1c:ce:a4:0f:1d:1d:03:41:58:60:4c:74:27: 92:f5:d3:6b:61:94:24:2a:49:1a:ac:22:7f:06:48: b9:0f:dd:0b:61:ff:20:bd:68:06:03:f8:fe:1b:fa: dd:78:b3:bd:49:a6:36:b8:d9:e1:be:e3:51:3e:73: e7:53:09:17:80:24:2c:4c:58:bf:5d:ca:2b:29:04: 54:12:52:3c:cd:98:04:c3:da:ad:41:00:66:0b:79: 1f:16:b2:b4:c7:c2:57:95:97:de:77:ba:fe:0f:0f: e5:b2:8b:ed:20:38:88:f4:18:e3:de:58:14:30:7f: c4:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:DE:49:3B:23:F5:91:42:81:9D:37:68:8C:7B:78:DE:B6:B8:09:06 X509v3 Authority Key Identifier: keyid:F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:ff:34:cc:f0:31:4c:47:ed:7e:d4:f6:ef:be:41:00:08:f3: d1:4f:fc:a9:94:3f:86:e1:b6:a9:7d:91:24:02:c3:ef:33:84: f4:13:c3:e0:ca:49:00:42:bd:80:7c:ae:d1:78:90:ce:b2:00: 53:bf:49:82:3f:ef:f6:62:9c:b8:0f:b2:2b:0e:aa:fc:31:81: 08:61:54:7d:d4:b5:e8:53:a8:79:b6:46:e8:26:24:7c:5a:d9: 2f:68:7c:41:2f:25:37:43:7e:07:31:8d:9d:f4:2c:ff:3f:51: de:31:d2:47:bc:d4:e3:42:b8:5b:02:c1:ea:f8:ff:38:8b:c2: 34:c3:7e:08:84:9c:0b:94:95:04:a1:ac:c2:bc:99:83:3a:f9: 95:c5:6a:7b:7d:ec:00:76:17:d3:7f:e9:14:a1:fe:35:ef:02: 6e:62:22:2f:ae:86:61:2d:09:e6:9f:51:e1:b1:e9:b1:d6:b4: bc:39:25:b6:db:cd:cc:f3:d4:b4:ea:c3:e0:70:0b:30:45:c9: 6b:00:1f:43:d3:74:82:30:cf:09:8c:5f:d7:43:b0:9a:8a:d4: 59:66:5e:93:a8:d4:05:e5:35:60:e0:64:a0:f7:a2:9c:b6:e1: 88:99:d1:06:da:ef:51:4d:f4:bf:db:0c:e4:13:65:20:61:5c: f2:7a:a9:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtrstAqWaqsQCJ6dETcqPCIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyM2VmZDRiZDkyN2I0Y2VhMzMxMjBhMjFiNGY3MzE0ZGNi ZWExNzkwHhcNMjUxMjI5MjAwMDM5WhcNMjUxMjMwMjAwMDM5WjAzMTEwLwYDVQQD Eyg5YWRlNDkzYjIzZjU5MTQyODE5ZDM3Njg4YzdiNzhkZWI2YjgwOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0CKGHYhtKLJ0gxzgPyDldSAN4BS y7bO9JrIDDJJX3uWhvByFIVlxDuiWpZ/JgQRVcLoH3Mj2rCvvGWt1LEVT8limwpn b/NPK3WYbHa13AhLcXRvV8S0XLrhWn/R5fyyE/HM4Ifhdl/oriSuHzip7AWJCKKf w7J5XErJ/6b1e6jWu2d3bdgsAhzOpA8dHQNBWGBMdCeS9dNrYZQkKkkarCJ/Bki5 D90LYf8gvWgGA/j+G/rdeLO9SaY2uNnhvuNRPnPnUwkXgCQsTFi/XcorKQRUElI8 zZgEw9qtQQBmC3kfFrK0x8JXlZfed7r+Dw/lsovtIDiI9Bjj3lgUMH/E8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJreSTsj9ZFCgZ03aIx7eN62uAkGMB8GA1UdIwQY MBaAFPI+/UvZJ7TOozEgohtPcxTcvqF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTIt ZDJjOGE2NWFhY2ZlLzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTItZDJjOGE2NWFhY2Zl LzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoP80zPAx TEftftT2775BAAjz0U/8qZQ/huG2qX2RJALD7zOE9BPD4MpJAEK9gHyu0XiQzrIA U79Jgj/v9mKcuA+yKw6q/DGBCGFUfdS16FOoebZG6CYkfFrZL2h8QS8lN0N+BzGN nfQs/z9R3jHSR7zU40K4WwLB6vj/OIvCNMN+CIScC5SVBKGswryZgzr5lcVqe33s AHYX03/pFKH+Ne8CbmIiL66GYS0J5p9R4bHpsda0vDklttvNzPPUtOrD4HALMEXJ awAfQ9N0gjDPCYxf10OwmorUWWZek6jUBeU1YOBkoPeinLbhiJnRBtrvUU30v9sM 5BNlIGFc8nqpzw== -----END CERTIFICATE-----Generated at Tue Dec 30 06:20:56 2025 by rpki-client