This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft File: o8B3uDdyoALVxPi5IY7A3H8EDL8.mft (raw, json) Hash identifier: ws2XfIi4aKrEFIGLXzo5NRCchP/HUnAgqOoFKCm316E= Subject key identifier: 34:67:42:C2:3E:A8:99:D8:C8:BD:AF:D7:FD:CE:43:A3:45:7E:90:95 Authority key identifier: A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF Certificate issuer: /CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf Certificate serial: 019B378EF7690EED6083D288FB3A0E03F502 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft Manifest number: 1784 Signing time: Fri 19 Dec 2025 17:01:14 +0000 Manifest this update: Fri 19 Dec 2025 17:01:14 +0000 Manifest next update: Sat 20 Dec 2025 17:01:14 +0000 Files and hashes: 1: o8B3uDdyoALVxPi5IY7A3H8EDL8.crl (hash: TnHDEwpKuPOdJqKOuCl1xfJmQm4wRvFiMvqhkWZ0F0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:8e:f7:69:0e:ed:60:83:d2:88:fb:3a:0e:03:f5:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3c077b83772a002d5c4f8b9218ec0dc7f040cbf Validity Not Before: Dec 19 17:01:14 2025 GMT Not After : Dec 20 17:01:14 2025 GMT Subject: CN=346742c23ea899d8c8bdafd7fdce43a3457e9095 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f9:a2:c5:f4:06:3b:7a:92:a0:ab:35:00:4c: fc:cd:71:ca:00:4c:6b:3d:14:75:f4:69:6a:ef:8e: c9:90:8c:7f:24:8b:e4:ea:7d:6b:67:96:eb:cf:12: 86:ca:c1:71:1a:c7:e8:d1:1e:28:c8:4e:b1:32:5b: d1:78:37:c3:26:5e:05:67:42:c4:bc:f5:8a:36:5d: 68:34:ef:76:e0:3d:28:a8:42:1c:30:3c:4b:ea:51: 7e:f1:e0:cc:05:60:d3:07:2e:63:cb:6b:f7:54:be: 0a:f4:80:f9:5e:f1:d6:1a:f8:d4:6c:52:14:1c:be: 2c:c9:a9:28:e3:13:56:7c:a5:54:54:7d:be:9a:c6: 67:ac:e8:1a:72:62:63:95:10:68:38:74:7f:08:c4: 41:da:6b:cd:06:76:df:92:07:a8:46:8c:cc:cc:2b: 8a:7a:5b:05:fa:54:e5:1a:07:c4:c1:e5:e5:7b:f4: 0e:9f:bb:1a:27:cd:c0:e4:85:cb:ae:51:5b:fc:f1: 99:93:cc:da:08:61:a6:30:01:6a:4d:e0:fc:47:39: 01:fd:10:33:c1:8b:6b:96:11:e5:1b:d8:ae:9f:b6: c6:90:ab:31:be:64:9c:c4:a6:3c:9e:72:20:67:40: 88:66:ef:2d:42:31:94:20:e4:f6:79:45:46:61:27: f3:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:67:42:C2:3E:A8:99:D8:C8:BD:AF:D7:FD:CE:43:A3:45:7E:90:95 X509v3 Authority Key Identifier: keyid:A3:C0:77:B8:37:72:A0:02:D5:C4:F8:B9:21:8E:C0:DC:7F:04:0C:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8B3uDdyoALVxPi5IY7A3H8EDL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fceb02-b0f1-4917-85c2-706ab3e83d1d/1/o8B3uDdyoALVxPi5IY7A3H8EDL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:78:f9:44:db:70:bd:83:69:a7:20:95:3e:ff:6c:40:81:ed: 54:cf:83:40:50:81:cf:67:f1:2a:4d:72:b1:a7:8f:ea:51:06: 45:20:d8:9b:b3:c8:ef:5f:d6:95:ac:2c:bf:d7:88:33:d7:42: 3f:09:d9:25:66:d7:26:0b:0a:98:df:43:81:c7:5c:b2:19:df: 30:ef:d1:7f:38:43:ee:ff:94:d3:ac:38:55:6e:d5:44:20:f9: dc:0c:eb:9a:7e:91:2f:d8:af:1e:ea:a3:71:88:dd:38:71:05: ae:a0:a2:d8:ed:cc:2d:8c:ab:71:2a:68:c5:ae:9c:78:0f:72: 8d:90:0c:c6:bb:84:44:ea:da:22:04:02:b9:44:a1:a0:cb:ba: fb:ad:f7:20:cf:ca:c8:59:3e:80:8c:e9:05:c9:7a:0c:fb:74: 51:aa:cc:b0:a0:02:7c:13:e6:a7:94:99:04:4a:2e:40:ba:1d: 01:6d:6c:bb:09:4d:d9:28:43:66:a7:de:64:10:65:9e:3c:b7: 8b:04:96:9e:33:fe:03:5a:57:fb:da:71:2a:0e:da:60:de:60: 43:ce:a9:45:17:2a:e1:18:4b:91:03:bb:5a:cb:75:52:85:88: 45:46:a5:c6:bf:be:3e:d1:d5:91:da:3b:ba:52:04:1f:9e:84: 20:98:f1:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3jvdpDu1gg9KI+zoOA/UCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzYzA3N2I4Mzc3MmEwMDJkNWM0ZjhiOTIxOGVjMGRjN2Yw NDBjYmYwHhcNMjUxMjE5MTcwMTE0WhcNMjUxMjIwMTcwMTE0WjAzMTEwLwYDVQQD EygzNDY3NDJjMjNlYTg5OWQ4YzhiZGFmZDdmZGNlNDNhMzQ1N2U5MDk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvmixfQGO3qSoKs1AEz8zXHKAExr PRR19Glq747JkIx/JIvk6n1rZ5brzxKGysFxGsfo0R4oyE6xMlvReDfDJl4FZ0LE vPWKNl1oNO924D0oqEIcMDxL6lF+8eDMBWDTBy5jy2v3VL4K9ID5XvHWGvjUbFIU HL4syako4xNWfKVUVH2+msZnrOgacmJjlRBoOHR/CMRB2mvNBnbfkgeoRozMzCuK elsF+lTlGgfEweXle/QOn7saJ83A5IXLrlFb/PGZk8zaCGGmMAFqTeD8RzkB/RAz wYtrlhHlG9iun7bGkKsxvmScxKY8nnIgZ0CIZu8tQjGUIOT2eUVGYSfzAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDRnQsI+qJnYyL2v1/3OQ6NFfpCVMB8GA1UdIwQY MBaAFKPAd7g3cqAC1cT4uSGOwNx/BAy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzIt NzA2YWIzZTgzZDFkLzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9mY2ViMDItYjBmMS00OTE3LTg1YzItNzA2YWIzZTgzZDFk LzEvbzhCM3VEZHlvQUxWeFBpNUlZN0EzSDhFREw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtXj5RNtw vYNppyCVPv9sQIHtVM+DQFCBz2fxKk1ysaeP6lEGRSDYm7PI71/Wlawsv9eIM9dC PwnZJWbXJgsKmN9DgcdcshnfMO/RfzhD7v+U06w4VW7VRCD53Azrmn6RL9ivHuqj cYjdOHEFrqCi2O3MLYyrcSpoxa6ceA9yjZAMxruEROraIgQCuUShoMu6+633IM/K yFk+gIzpBcl6DPt0UarMsKACfBPmp5SZBEouQLodAW1suwlN2ShDZqfeZBBlnjy3 iwSWnjP+A1pX+9pxKg7aYN5gQ86pRRcq4RhLkQO7Wst1UoWIRUalxr++PtHVkdo7 ulIEH56EIJjx0g== -----END CERTIFICATE-----Generated at Sat Dec 20 01:47:16 2025 by rpki-client