This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft File: R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json) Hash identifier: A/HbTaVZi/VliwHmgMHx42ipFG8XjZcFGQxURWz/cq4= Subject key identifier: 5D:34:EA:A6:C2:B9:C0:2D:BA:35:AA:1A:31:FB:A0:BF:CC:6D:69:EB Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA Certificate issuer: /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da Certificate serial: 019B5976975E321748DCC9C1CF52A52B4C13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft Manifest number: 1793 Signing time: Fri 26 Dec 2025 07:01:42 +0000 Manifest this update: Fri 26 Dec 2025 07:01:42 +0000 Manifest next update: Sat 27 Dec 2025 07:01:42 +0000 Files and hashes: 1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: Qn3crSbqy23BV9PUcOGMqOHnWltYWX/GER0PWSGss3Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:97:5e:32:17:48:dc:c9:c1:cf:52:a5:2b:4c:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da Validity Not Before: Dec 26 07:01:42 2025 GMT Not After : Dec 27 07:01:42 2025 GMT Subject: CN=5d34eaa6c2b9c02dba35aa1a31fba0bfcc6d69eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d5:10:6b:68:6c:2b:d7:9f:56:32:83:b4:cb: 9e:75:ef:b1:70:22:15:9d:2c:0a:93:99:90:24:5f: 05:06:78:48:55:30:d3:5b:28:07:8b:74:ad:8d:c2: da:7e:d4:a0:90:5a:e7:94:20:78:29:64:9a:c1:f7: 93:49:ed:4d:ab:e3:ea:4c:f2:dc:93:90:08:25:f4: ca:01:22:d3:45:dd:2f:d9:25:f2:57:82:c0:cd:9f: 4f:d5:ce:e1:de:98:d1:6f:f3:d5:51:d4:63:09:12: 8c:c8:1f:87:b4:f8:71:41:41:61:ac:21:f4:17:bf: 6d:93:b3:d8:7f:0c:1b:bf:42:d8:8c:f1:09:6c:f5: af:51:0a:49:7e:b0:65:20:4d:6f:ec:cf:39:8e:45: 70:eb:47:77:8b:2d:8e:92:a9:06:3d:16:cc:58:05: 93:e5:cd:f4:60:65:a4:5b:52:0c:47:ba:c8:66:1d: 5b:aa:fe:1c:0a:83:e9:17:48:d2:cb:c9:e0:50:8f: 68:dc:0a:33:15:1f:3c:18:ca:ed:05:46:38:29:bd: 2b:09:71:f6:a9:0f:15:2e:ff:0f:c7:5b:5b:5a:da: a9:18:e3:38:83:69:5d:af:0c:da:1f:a5:50:98:b4: 16:a9:28:f0:d0:21:51:72:6e:4f:61:ff:75:6c:60: 1c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:34:EA:A6:C2:B9:C0:2D:BA:35:AA:1A:31:FB:A0:BF:CC:6D:69:EB X509v3 Authority Key Identifier: keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:5f:2a:88:ab:a2:21:85:9c:e1:7f:92:e4:f1:2b:ca:4d:1f: 5a:cd:ce:39:e0:80:95:3c:e4:10:71:5b:3b:19:09:eb:87:ba: cc:d7:f9:f2:dd:ca:c3:ca:ee:ab:03:8a:81:ce:4f:41:ef:f2: 3d:d3:40:d9:1d:91:8b:a9:19:aa:2e:24:f4:2e:e9:a1:d0:36: c3:a6:f2:0a:0a:70:a4:bf:01:5b:5a:2c:25:12:39:97:9a:ee: 8d:41:92:bc:a2:15:13:ad:51:65:20:d1:33:e0:07:7e:d1:22: dc:75:f0:4a:57:4d:a1:94:37:13:e1:0d:ae:1c:58:af:e2:e5: 1d:60:87:43:1a:7a:60:06:7a:e5:7c:2d:a3:f3:11:bb:2a:3f: 1c:8f:ea:5f:e6:65:b1:1f:32:46:af:7a:27:de:f3:aa:7f:8e: 85:a4:18:fe:bd:0f:97:15:c4:4b:45:ec:78:7d:9d:78:c3:c0: 22:91:80:95:e1:69:a4:23:e1:36:ec:72:bc:34:f6:0e:e8:6d: 32:fd:6d:f0:3d:70:5e:a3:d9:db:38:46:ac:f7:96:83:70:02: 2b:9d:d7:d9:8a:ba:6c:ed:25:c0:3e:20:fb:6e:23:33:86:25: 19:b4:40:b6:a0:26:d0:86:76:cb:46:ba:ab:fa:67:95:5b:a2: 2f:44:61:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdpdeMhdI3MnBz1KlK0wTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy Nzc0ZGEwHhcNMjUxMjI2MDcwMTQyWhcNMjUxMjI3MDcwMTQyWjAzMTEwLwYDVQQD Eyg1ZDM0ZWFhNmMyYjljMDJkYmEzNWFhMWEzMWZiYTBiZmNjNmQ2OWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdUQa2hsK9efVjKDtMuede+xcCIV nSwKk5mQJF8FBnhIVTDTWygHi3StjcLaftSgkFrnlCB4KWSawfeTSe1Nq+PqTPLc k5AIJfTKASLTRd0v2SXyV4LAzZ9P1c7h3pjRb/PVUdRjCRKMyB+HtPhxQUFhrCH0 F79tk7PYfwwbv0LYjPEJbPWvUQpJfrBlIE1v7M85jkVw60d3iy2OkqkGPRbMWAWT 5c30YGWkW1IMR7rIZh1bqv4cCoPpF0jSy8ngUI9o3AozFR88GMrtBUY4Kb0rCXH2 qQ8VLv8Px1tbWtqpGOM4g2ldrwzaH6VQmLQWqSjw0CFRcm5PYf91bGAcdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF006qbCucAtujWqGjH7oL/MbWnrMB8GA1UdIwQY MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADV8qiKui IYWc4X+S5PEryk0fWs3OOeCAlTzkEHFbOxkJ64e6zNf58t3Kw8ruqwOKgc5PQe/y PdNA2R2Ri6kZqi4k9C7podA2w6byCgpwpL8BW1osJRI5l5rujUGSvKIVE61RZSDR M+AHftEi3HXwSldNoZQ3E+ENrhxYr+LlHWCHQxp6YAZ65Xwto/MRuyo/HI/qX+Zl sR8yRq96J97zqn+OhaQY/r0PlxXES0XseH2deMPAIpGAleFppCPhNuxyvDT2Duht Mv1t8D1wXqPZ2zhGrPeWg3ACK53X2Yq6bO0lwD4g+24jM4YlGbRAtqAm0IZ2y0a6 q/pnlVuiL0RhNQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:24 2025 by rpki-client