This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json) Hash identifier: iaZv/PIcsusubf30xfGlFCXRuybHwUJ524QtQWbeNbs= Subject key identifier: 31:8F:46:37:32:AF:F7:F2:74:F8:C3:E7:07:08:F2:55:45:B4:84:5D Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Certificate serial: 019B3F115EB05FFC96C6BEEACA025CDFC692 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft Manifest number: 086E Signing time: Sun 21 Dec 2025 04:01:01 +0000 Manifest this update: Sun 21 Dec 2025 04:01:01 +0000 Manifest next update: Mon 22 Dec 2025 04:01:01 +0000 Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: sQDKODk6/Fq2FxMo0KsqMYlPBqqVr4JZ3J0rjvYAZKI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:5e:b0:5f:fc:96:c6:be:ea:ca:02:5c:df:c6:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Validity Not Before: Dec 21 04:01:01 2025 GMT Not After : Dec 22 04:01:01 2025 GMT Subject: CN=318f463732aff7f274f8c3e70708f25545b4845d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:fe:8a:ca:35:8b:a5:0c:17:16:74:42:b1:cd: 0c:77:e7:14:dc:7f:4d:f7:23:7d:ba:b1:4c:64:3d: 77:aa:3c:d1:73:12:2f:29:89:11:96:e9:d6:fa:f2: 98:ce:3f:c2:1d:42:c1:33:b3:9a:dd:6e:51:c3:08: 66:ae:11:d9:9b:be:c3:28:ac:e6:68:29:7d:52:0b: 7c:80:f5:b2:69:c3:e1:14:30:82:d4:0d:d8:15:32: 50:40:ec:ba:48:60:34:04:54:0d:81:50:05:3c:a9: 3f:5e:e7:fb:e2:84:e0:d8:b6:97:3d:b4:d8:b6:64: ab:89:1e:f3:cc:67:67:d3:6c:8b:07:b8:f2:0a:df: 1f:18:5d:80:bd:02:62:73:88:1a:ae:ff:7e:a9:99: 13:b9:6e:0e:9b:e0:7e:1d:17:31:fa:22:13:2c:c1: 21:48:1e:6f:7f:5c:10:34:3d:a0:ca:51:b8:4c:8b: 4f:52:dc:0e:e1:59:f9:0a:2f:fa:14:b2:38:99:24: a1:d7:57:b3:a2:2e:5e:fb:71:36:89:32:e0:01:da: 99:ce:ce:fe:ae:8d:d8:b1:ad:ac:08:1e:3e:4a:5a: 41:51:77:fd:ed:08:79:10:0a:ee:9a:36:f3:e0:6f: c1:79:34:a9:28:4d:d8:3a:17:99:77:e4:14:b4:3a: 77:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:8F:46:37:32:AF:F7:F2:74:F8:C3:E7:07:08:F2:55:45:B4:84:5D X509v3 Authority Key Identifier: keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:90:b1:1e:6c:44:a4:9e:fc:25:c1:66:1a:77:99:b4:33:65: e7:63:1e:fc:8c:19:83:99:da:a9:ec:91:15:a5:ab:4b:ce:c4: 59:c2:26:78:a2:b2:ac:18:9c:dc:81:3e:1d:66:00:a5:51:8f: b1:f2:3c:98:79:7c:0a:a3:29:bc:a6:91:a6:11:b4:0e:1a:c1: c5:0b:b0:1c:f3:af:62:2b:73:5e:2d:8d:0d:08:2c:03:dd:49: 2d:cc:37:ec:64:aa:6e:27:72:e2:de:a0:75:50:fc:d7:2f:35: d2:3a:2d:3a:95:cf:c8:68:a1:34:f3:b4:0f:8e:38:55:ac:2c: 24:dc:ed:8f:7a:53:94:2c:68:97:4e:d2:d8:aa:ca:42:72:fc: d7:29:a8:7a:79:6f:1e:09:1b:eb:d8:01:b4:21:34:d7:43:a1: 62:07:a9:f5:1c:7e:1f:1b:cb:b5:21:55:05:57:a6:7f:9c:3e: 3e:55:31:ca:8f:b5:c5:40:c8:a9:37:41:d1:3c:c6:af:a3:fc: d1:0b:60:0c:61:4c:82:00:8f:f4:5f:4c:f7:7a:2d:29:74:ba: 84:3a:97:a0:c1:f8:88:b3:43:91:bb:df:fb:6b:f6:13:bf:16: e8:af:b8:8e:38:ab:49:dc:9c:33:0b:8e:1f:f6:e9:1d:b3:d5: 8a:61:bf:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/EV6wX/yWxr7qygJc38aSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl MmExNzgwHhcNMjUxMjIxMDQwMTAxWhcNMjUxMjIyMDQwMTAxWjAzMTEwLwYDVQQD EygzMThmNDYzNzMyYWZmN2YyNzRmOGMzZTcwNzA4ZjI1NTQ1YjQ4NDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v6KyjWLpQwXFnRCsc0Md+cU3H9N 9yN9urFMZD13qjzRcxIvKYkRlunW+vKYzj/CHULBM7Oa3W5RwwhmrhHZm77DKKzm aCl9Ugt8gPWyacPhFDCC1A3YFTJQQOy6SGA0BFQNgVAFPKk/Xuf74oTg2LaXPbTY tmSriR7zzGdn02yLB7jyCt8fGF2AvQJic4garv9+qZkTuW4Om+B+HRcx+iITLMEh SB5vf1wQND2gylG4TItPUtwO4Vn5Ci/6FLI4mSSh11ezoi5e+3E2iTLgAdqZzs7+ ro3Ysa2sCB4+SlpBUXf97Qh5EArumjbz4G/BeTSpKE3YOheZd+QUtDp3yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDGPRjcyr/fydPjD5wcI8lVFtIRdMB8GA1UdIwQY MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJCxHmxE pJ78JcFmGneZtDNl52Me/IwZg5naqeyRFaWrS87EWcImeKKyrBic3IE+HWYApVGP sfI8mHl8CqMpvKaRphG0DhrBxQuwHPOvYitzXi2NDQgsA91JLcw37GSqbidy4t6g dVD81y810jotOpXPyGihNPO0D444VawsJNztj3pTlCxol07S2KrKQnL81ymoenlv Hgkb69gBtCE010OhYgep9Rx+HxvLtSFVBVemf5w+PlUxyo+1xUDIqTdB0TzGr6P8 0QtgDGFMggCP9F9M93otKXS6hDqXoMH4iLNDkbvf+2v2E78W6K+4jjirSdycMwuO H/bpHbPVimG/jw== -----END CERTIFICATE-----Generated at Sun Dec 21 13:55:08 2025 by rpki-client