This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft File: 8VzG8-5-0llTHW0Izp4JNztxYGI.mft (raw, json) Hash identifier: Z/ezjV0iHR0APWK6Ui/2+VhfPTKnUDMMOrcoCnQTYew= Subject key identifier: 23:EE:5D:5E:44:4F:CD:9B:94:1E:19:25:80:DA:E5:95:C6:A5:B8:AE Authority key identifier: F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62 Certificate issuer: /CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062 Certificate serial: 019B40FF93EAC91298A4E5726CE658EA2238 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft Manifest number: 0527 Signing time: Sun 21 Dec 2025 13:00:49 +0000 Manifest this update: Sun 21 Dec 2025 13:00:49 +0000 Manifest next update: Mon 22 Dec 2025 13:00:49 +0000 Files and hashes: 1: 8VzG8-5-0llTHW0Izp4JNztxYGI.crl (hash: bwu3FV17sYUfwA2/ZihUyJ91aLs/pQFK16Tr0bfuM6s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:ff:93:ea:c9:12:98:a4:e5:72:6c:e6:58:ea:22:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062 Validity Not Before: Dec 21 13:00:49 2025 GMT Not After : Dec 22 13:00:49 2025 GMT Subject: CN=23ee5d5e444fcd9b941e192580dae595c6a5b8ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3f:b4:d0:75:28:5c:d9:ac:b5:bc:f7:05:35: 66:6f:67:6e:fc:c7:9d:45:69:6d:ec:ff:f8:4f:fc: 65:56:4f:be:7b:25:cf:c5:d0:db:7e:31:2a:e8:e1: 45:b8:f3:ef:6b:b9:fa:42:96:c1:8d:08:da:61:95: b3:47:1c:41:7b:8d:9a:30:b3:b1:8f:37:bc:05:45: 1f:c2:0e:e2:6a:59:de:14:61:78:92:18:ed:b4:e0: 50:a7:d6:65:f7:42:cb:15:b1:93:ac:dd:8a:66:c0: d3:88:ae:a6:b2:d9:10:ce:20:7b:2e:f3:0c:7c:15: f0:72:08:de:23:46:d8:ff:7d:56:de:72:d9:ce:67: 25:82:47:a7:ec:ff:2e:3e:db:3e:c1:39:9f:97:f4: 07:2e:0e:af:1f:16:c1:aa:34:0a:59:4e:e7:93:35: c3:32:d9:86:c9:b8:ea:0c:f5:cd:77:da:1f:9a:24: 53:a1:a6:10:5f:98:aa:fc:97:f9:81:68:20:11:96: 7d:d6:0c:ec:95:6c:99:ad:9a:47:15:07:00:e7:be: 70:a0:73:8e:b2:b4:51:50:65:5b:97:9f:f6:48:8a: 21:57:ec:4b:ac:4a:4b:7e:35:b4:a8:a3:24:0f:c9: c8:c5:58:62:8b:c9:6c:df:2a:18:3a:96:e7:97:3b: b1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:EE:5D:5E:44:4F:CD:9B:94:1E:19:25:80:DA:E5:95:C6:A5:B8:AE X509v3 Authority Key Identifier: keyid:F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:85:1e:76:0a:71:4e:a0:58:83:0f:c7:87:ae:ed:d6:e8:bc: 5e:21:6e:10:a5:1c:fc:a6:0b:73:4f:0c:36:bb:bc:95:92:6c: b7:61:16:22:10:f6:bd:c7:01:36:a6:75:99:b7:f4:f1:de:1e: a0:23:b9:95:09:2a:c3:3c:1f:0b:d6:b2:f9:b6:66:12:21:2f: c8:89:da:d5:dc:82:ae:6e:50:6a:2b:b4:32:d6:c9:ff:13:05: 1e:14:bb:e2:c9:7d:8b:8b:d2:3d:ad:c7:39:ae:56:3e:f4:5a: 49:98:4d:61:d9:af:53:ca:7c:98:0c:4f:ad:82:db:3c:ef:60: 92:63:87:86:83:33:8a:16:dd:03:35:47:04:06:f1:14:54:90: d4:37:72:67:6e:67:bf:60:a6:20:ad:d6:f1:a9:54:65:3c:59: 84:01:e9:c6:46:8c:d3:4a:1f:ba:5c:8f:7e:17:83:7e:9e:27: 40:3d:2b:15:34:0b:ff:ff:42:f7:8c:87:56:6d:96:5c:f5:8a: f2:7c:b7:d2:79:10:d7:56:6e:08:e0:4c:91:84:5e:e1:a1:29: b1:76:5c:2f:25:b8:39:05:ed:20:29:cd:9d:59:f4:6a:60:28: 06:a9:71:41:c1:79:7f:ac:24:58:3a:17:11:26:ce:be:73:19: 87:35:c4:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtA/5PqyRKYpOVybOZY6iI4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxNWNjNmYzZWU3ZWQyNTk1MzFkNmQwOGNlOWUwOTM3M2I3 MTYwNjIwHhcNMjUxMjIxMTMwMDQ5WhcNMjUxMjIyMTMwMDQ5WjAzMTEwLwYDVQQD EygyM2VlNWQ1ZTQ0NGZjZDliOTQxZTE5MjU4MGRhZTU5NWM2YTViOGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD+00HUoXNmstbz3BTVmb2du/Med RWlt7P/4T/xlVk++eyXPxdDbfjEq6OFFuPPva7n6QpbBjQjaYZWzRxxBe42aMLOx jze8BUUfwg7ialneFGF4khjttOBQp9Zl90LLFbGTrN2KZsDTiK6mstkQziB7LvMM fBXwcgjeI0bY/31W3nLZzmclgken7P8uPts+wTmfl/QHLg6vHxbBqjQKWU7nkzXD MtmGybjqDPXNd9ofmiRToaYQX5iq/Jf5gWggEZZ91gzslWyZrZpHFQcA575woHOO srRRUGVbl5/2SIohV+xLrEpLfjW0qKMkD8nIxVhii8ls3yoYOpbnlzuxLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPuXV5ET82blB4ZJYDa5ZXGpbiuMB8GA1UdIwQY MBaAFPFcxvPuftJZUx1tCM6eCTc7cWBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgt NjkxZWU0MWE2MDE0LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgtNjkxZWU0MWE2MDE0 LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmIUedgpx TqBYgw/Hh67t1ui8XiFuEKUc/KYLc08MNru8lZJst2EWIhD2vccBNqZ1mbf08d4e oCO5lQkqwzwfC9ay+bZmEiEvyIna1dyCrm5Qaiu0MtbJ/xMFHhS74sl9i4vSPa3H Oa5WPvRaSZhNYdmvU8p8mAxPrYLbPO9gkmOHhoMzihbdAzVHBAbxFFSQ1DdyZ25n v2CmIK3W8alUZTxZhAHpxkaM00ofulyPfheDfp4nQD0rFTQL//9C94yHVm2WXPWK 8ny30nkQ11ZuCOBMkYRe4aEpsXZcLyW4OQXtICnNnVn0amAoBqlxQcF5f6wkWDoX ESbOvnMZhzXE0w== -----END CERTIFICATE-----Generated at Sun Dec 21 18:06:56 2025 by rpki-client