This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft File: 8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft (raw, json) Hash identifier: a2AqodeFh9OP0rnLVFwvHcFhtfXcbr/PtRLXb05Mkq0= Subject key identifier: 3F:06:F7:CE:77:33:7E:9F:4B:DE:44:D9:24:BF:15:81:FE:2B:A6:49 Authority key identifier: F0:AC:0C:E7:00:B1:7D:49:9E:89:8E:C7:A1:47:30:40:51:57:C4:78 Certificate issuer: /CN=f0ac0ce700b17d499e898ec7a14730405157c478 Certificate serial: 019B341FC796C5926D4443FC2E59B530DA4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft Manifest number: 1782 Signing time: Fri 19 Dec 2025 01:00:56 +0000 Manifest this update: Fri 19 Dec 2025 01:00:56 +0000 Manifest next update: Sat 20 Dec 2025 01:00:56 +0000 Files and hashes: 1: 8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl (hash: 9e1KwYZpq2nTc2NWdFfyPV5Sen3AZ5dztq1g5Kd0LVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:1f:c7:96:c5:92:6d:44:43:fc:2e:59:b5:30:da:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0ac0ce700b17d499e898ec7a14730405157c478 Validity Not Before: Dec 19 01:00:56 2025 GMT Not After : Dec 20 01:00:56 2025 GMT Subject: CN=3f06f7ce77337e9f4bde44d924bf1581fe2ba649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:99:36:6c:ca:4d:fd:94:8a:2b:24:42:4c:cc: da:ec:d3:7b:85:08:d3:56:9f:39:0d:4d:2f:27:60: 01:55:d5:69:c2:5c:72:3d:4c:f0:e1:33:46:6d:f7: 3c:5c:57:ed:6b:4f:05:21:aa:40:f0:13:90:d5:eb: cb:dd:c3:b0:8c:ce:a4:8f:c7:e1:4d:ca:ac:86:22: 5b:f4:20:ee:33:ed:e7:ba:8b:ee:a7:5d:be:7b:e0: b6:3a:e1:45:9f:a4:3a:3f:0f:28:7f:d2:0b:e3:f6: 92:4b:08:55:a2:49:c9:0a:07:af:c1:b1:97:cd:41: 0b:11:3e:99:f4:1f:e4:5e:14:d9:4b:d2:83:8c:23: d0:0c:34:b9:9e:13:50:b8:ac:10:b4:8a:39:26:1b: 8e:cf:81:b2:a8:84:4c:c0:97:89:d6:69:49:b3:10: c2:4e:ab:97:3b:4c:e2:0e:dc:ec:c4:a2:b6:8b:65: a2:19:25:c5:8b:d8:c1:a4:d6:86:89:e3:a4:a5:ea: 2b:14:d6:06:65:ef:06:f5:27:a0:2f:b1:ae:b7:32: fa:0c:c8:18:1b:af:ba:82:67:7c:bc:b1:02:ed:89: ea:e0:bd:1e:cd:28:b4:0f:1b:a3:fc:f2:ac:bb:71: 37:e0:9a:da:a8:c1:80:0e:33:38:7d:7d:32:27:13: a6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:06:F7:CE:77:33:7E:9F:4B:DE:44:D9:24:BF:15:81:FE:2B:A6:49 X509v3 Authority Key Identifier: keyid:F0:AC:0C:E7:00:B1:7D:49:9E:89:8E:C7:A1:47:30:40:51:57:C4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:68:10:c8:f7:57:ce:e9:66:41:d5:04:03:0a:f4:de:41:f9: 8d:b1:e7:bd:3f:87:ae:76:c6:e1:a6:16:24:a8:a2:30:d6:c6: 80:03:d3:3d:f1:c0:31:95:15:ca:12:78:58:63:9a:07:ad:a9: f6:26:d5:1f:48:26:8c:15:81:18:73:48:a4:91:c9:6e:b0:de: c5:24:fc:92:21:f5:f8:5d:73:45:ff:60:b9:34:15:af:2f:21: 22:30:a6:99:4d:8b:ab:f1:28:12:0c:39:1a:36:ba:de:6d:68: e7:a4:93:38:c3:fd:2e:23:38:bc:94:65:e3:c0:5b:be:00:46: ef:90:e7:ad:8d:0d:77:43:d1:bd:ac:fe:8f:9c:6d:8e:12:d3: a3:ad:b4:7a:ac:29:d7:d3:0a:55:66:16:d5:da:bc:7d:4f:c5: 8c:2c:f9:67:6f:20:e6:9d:d3:e6:c9:22:a4:10:81:09:1f:fa: a1:7d:84:90:0f:0d:e7:f5:2f:12:f2:59:e3:41:c8:cb:7b:2d: 23:4a:ce:c6:f0:3a:8d:79:89:40:5e:4e:bb:f4:78:b4:94:42: 20:24:ce:96:cf:93:58:a8:a3:82:55:aa:68:c9:ce:6e:4b:94: be:12:22:be:b1:a1:9f:66:8f:ec:73:5f:39:b0:5a:47:2b:41: 23:05:07:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0H8eWxZJtREP8Llm1MNpNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwYWMwY2U3MDBiMTdkNDk5ZTg5OGVjN2ExNDczMDQwNTE1 N2M0NzgwHhcNMjUxMjE5MDEwMDU2WhcNMjUxMjIwMDEwMDU2WjAzMTEwLwYDVQQD EygzZjA2ZjdjZTc3MzM3ZTlmNGJkZTQ0ZDkyNGJmMTU4MWZlMmJhNjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZk2bMpN/ZSKKyRCTMza7NN7hQjT Vp85DU0vJ2ABVdVpwlxyPUzw4TNGbfc8XFfta08FIapA8BOQ1evL3cOwjM6kj8fh TcqshiJb9CDuM+3nuovup12+e+C2OuFFn6Q6Pw8of9IL4/aSSwhVoknJCgevwbGX zUELET6Z9B/kXhTZS9KDjCPQDDS5nhNQuKwQtIo5JhuOz4GyqIRMwJeJ1mlJsxDC TquXO0ziDtzsxKK2i2WiGSXFi9jBpNaGieOkpeorFNYGZe8G9SegL7GutzL6DMgY G6+6gmd8vLEC7Ynq4L0ezSi0Dxuj/PKsu3E34JraqMGADjM4fX0yJxOmawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD8G9853M36fS95E2SS/FYH+K6ZJMB8GA1UdIwQY MBaAFPCsDOcAsX1JnomOx6FHMEBRV8R4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84ZmIyYTYtY2FlNS00ZjM5LWE4NTgt N2U0NmNjMzcwMWI5LzEvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC84ZmIyYTYtY2FlNS00ZjM5LWE4NTgtN2U0NmNjMzcwMWI5 LzEvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGgQyPdX zulmQdUEAwr03kH5jbHnvT+HrnbG4aYWJKiiMNbGgAPTPfHAMZUVyhJ4WGOaB62p 9ibVH0gmjBWBGHNIpJHJbrDexST8kiH1+F1zRf9guTQVry8hIjCmmU2Lq/EoEgw5 Gja63m1o56STOMP9LiM4vJRl48BbvgBG75DnrY0Nd0PRvaz+j5xtjhLTo620eqwp 19MKVWYW1dq8fU/FjCz5Z28g5p3T5skipBCBCR/6oX2EkA8N5/UvEvJZ40HIy3st I0rOxvA6jXmJQF5Ou/R4tJRCICTOls+TWKijglWqaMnObkuUvhIivrGhn2aP7HNf ObBaRytBIwUHQg== -----END CERTIFICATE-----Generated at Fri Dec 19 08:08:15 2025 by rpki-client