This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft File: rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft (raw, json) Hash identifier: 9J+SUE9vENQnDwRsnDOIo/D0tQFLcVXPcC6nUUKPhYI= Subject key identifier: 39:49:15:C5:3E:2C:A5:19:48:72:C0:C1:78:58:7E:6C:62:2D:19:CE Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5 Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5 Certificate serial: 019B274180D231AF9D2BFB77123766C0C29C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft Manifest number: 1785 Signing time: Tue 16 Dec 2025 13:02:42 +0000 Manifest this update: Tue 16 Dec 2025 13:02:42 +0000 Manifest next update: Wed 17 Dec 2025 13:02:42 +0000 Files and hashes: 1: 7OSbUsexneQ0Q14f6d4gS3FqwKA.roa (hash: bTywqIASCFGsuBv+6N7v2D8L1Q+x4uOFKiuvSJi+2o4=) 2: BAFnA8E_-fRHFvJR66V5dNg4Xzc.roa (hash: zli04q+UUFDZ6LvNlKF4wEZntdZy+cQL9il9Oh4rSZo=) 3: rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl (hash: plJExXgKxCnGQ4rKDtjqZmsCzfEt+Yb5sXy+hPTahZU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 13:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:41:80:d2:31:af:9d:2b:fb:77:12:37:66:c0:c2:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5 Validity Not Before: Dec 16 13:02:42 2025 GMT Not After : Dec 17 13:02:42 2025 GMT Subject: CN=394915c53e2ca5194872c0c178587e6c622d19ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:69:cc:88:29:1f:6d:99:1b:ae:03:6e:47:89: df:87:65:0f:f5:d1:f5:3b:11:55:33:c0:c4:c0:f2: 60:23:a8:3c:98:97:e6:01:5a:49:84:dd:28:36:d2: b9:cc:d3:64:d2:fe:9a:b1:3a:16:c4:4c:1e:b4:69: 29:e8:fb:df:0e:91:56:2f:33:50:70:aa:c3:c1:0b: a0:70:16:33:8f:92:33:58:08:9d:71:08:c2:5e:c2: 7a:f2:36:7d:5d:fc:58:a2:40:e9:82:7a:d3:ed:83: ac:bb:85:92:79:67:3d:d1:8e:20:84:19:b3:58:04: 78:a6:3e:5e:aa:48:61:bf:3d:4a:ca:c7:b6:53:3c: 37:73:72:11:fe:05:aa:27:35:68:14:2e:4a:63:64: b4:00:7e:83:fd:98:e8:bd:67:f5:06:72:fb:66:f9: 89:b4:c3:47:3b:a0:bd:c5:1e:ae:ce:c4:59:8c:26: b5:0f:05:95:85:d4:fa:92:30:c5:1d:22:c7:2f:ed: 03:82:38:53:8a:f3:0e:14:7d:ff:59:dc:d3:95:44: f7:14:34:49:81:6e:92:8f:d3:c1:91:a9:c1:e1:ca: a8:db:a2:06:ed:8a:5f:6d:bf:2b:71:68:5c:87:cf: 92:a7:54:66:e8:80:d9:5d:b2:45:e1:4e:28:ad:c7: e0:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:49:15:C5:3E:2C:A5:19:48:72:C0:C1:78:58:7E:6C:62:2D:19:CE X509v3 Authority Key Identifier: keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:40:f1:73:a2:7b:b8:7c:f1:81:a6:82:83:a4:21:80:ce:89: 91:7a:12:b9:bc:49:16:cd:4e:f1:7e:4d:30:55:eb:77:7e:70: ae:c5:4b:2a:29:1c:51:7a:81:ff:25:98:43:5a:f9:03:29:f0: 99:87:fd:71:ea:24:70:c9:bd:a1:96:3f:96:12:c3:21:e4:6e: c7:78:d5:56:01:63:f4:6e:76:f7:c4:00:b4:29:e4:ac:b8:cc: 2e:02:fc:2c:a2:a3:72:a6:d3:a8:54:0b:b7:a5:07:49:3a:ab: d6:d9:0e:ae:69:4e:22:92:59:0e:0d:be:c8:a4:d9:3a:99:98: b7:b6:c7:e8:d5:1d:67:25:5b:1a:78:09:40:25:2d:5d:ab:76: bd:05:27:77:f9:0f:5f:9e:7f:7e:40:07:2d:3a:a8:2d:2e:77: 82:f3:03:31:51:d1:f8:28:16:fc:cc:4b:19:3b:62:0e:f3:ff: 0f:67:4f:97:94:fb:4a:71:01:71:55:47:f5:61:25:37:64:ad: 32:12:13:bf:ba:f6:a5:92:ec:f3:d2:c2:ea:4f:8e:96:d6:86: f1:d6:b9:7b:78:50:c7:01:2d:55:fc:fa:2e:07:dc:e5:c7:63: f4:87:84:93:f0:2e:37:24:4e:9f:ee:62:55:4d:40:9d:90:03: 02:62:1a:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnQYDSMa+dK/t3EjdmwMKcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4 Y2YyYjUwHhcNMjUxMjE2MTMwMjQyWhcNMjUxMjE3MTMwMjQyWjAzMTEwLwYDVQQD EygzOTQ5MTVjNTNlMmNhNTE5NDg3MmMwYzE3ODU4N2U2YzYyMmQxOWNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GnMiCkfbZkbrgNuR4nfh2UP9dH1 OxFVM8DEwPJgI6g8mJfmAVpJhN0oNtK5zNNk0v6asToWxEwetGkp6PvfDpFWLzNQ cKrDwQugcBYzj5IzWAidcQjCXsJ68jZ9XfxYokDpgnrT7YOsu4WSeWc90Y4ghBmz WAR4pj5eqkhhvz1Kyse2Uzw3c3IR/gWqJzVoFC5KY2S0AH6D/ZjovWf1BnL7ZvmJ tMNHO6C9xR6uzsRZjCa1DwWVhdT6kjDFHSLHL+0DgjhTivMOFH3/WdzTlUT3FDRJ gW6Sj9PBkanB4cqo26IG7Ypfbb8rcWhch8+Sp1Rm6IDZXbJF4U4orcfgKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDlJFcU+LKUZSHLAwXhYfmxiLRnOMB8GA1UdIwQY MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt ZGI4ZWZmMWIxMWEwLzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc0Dxc6J7 uHzxgaaCg6QhgM6JkXoSubxJFs1O8X5NMFXrd35wrsVLKikcUXqB/yWYQ1r5Aynw mYf9ceokcMm9oZY/lhLDIeRux3jVVgFj9G5298QAtCnkrLjMLgL8LKKjcqbTqFQL t6UHSTqr1tkOrmlOIpJZDg2+yKTZOpmYt7bH6NUdZyVbGngJQCUtXat2vQUnd/kP X55/fkAHLTqoLS53gvMDMVHR+CgW/MxLGTtiDvP/D2dPl5T7SnEBcVVH9WElN2St MhITv7r2pZLs89LC6k+OltaG8da5e3hQxwEtVfz6Lgfc5cdj9IeEk/AuNyROn+5i VU1AnZADAmIadg== -----END CERTIFICATE-----Generated at Tue Dec 16 23:15:14 2025 by rpki-client