This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft File: g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft (raw, json) Hash identifier: dqGeaSqA4Xtu5QHHyLBprVOQLgUtP+fBdYm+/oTwRdI= Subject key identifier: 88:8A:A8:7D:0D:D5:3E:F5:A3:DF:A8:76:85:FA:EF:D6:A7:E9:2F:41 Authority key identifier: 83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6 Certificate issuer: /CN=83c8d01caf2b0751d035c537566f45627925e4f6 Certificate serial: 019B3A912D33155169FB2A74217A6A97B1B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft Manifest number: 12CC Signing time: Sat 20 Dec 2025 07:02:31 +0000 Manifest this update: Sat 20 Dec 2025 07:02:31 +0000 Manifest next update: Sun 21 Dec 2025 07:02:31 +0000 Files and hashes: 1: J4HW2mYS6aU6LfQRgOlYRDbLp5k.roa (hash: Bt4aDKGWyvEeRSoxrjAjHWSOknnKJY9L9kMvMSuInRo=) 2: g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl (hash: 8LxD/rfT8XwvkT1kS8LhvuudZG4HG7Eh7kBZJyJNvho=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:91:2d:33:15:51:69:fb:2a:74:21:7a:6a:97:b1:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83c8d01caf2b0751d035c537566f45627925e4f6 Validity Not Before: Dec 20 07:02:31 2025 GMT Not After : Dec 21 07:02:31 2025 GMT Subject: CN=888aa87d0dd53ef5a3dfa87685faefd6a7e92f41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c8:7f:21:3b:05:9b:3f:61:c4:e9:c8:ff:30: 31:ff:e8:07:77:f6:d9:91:39:6f:dd:82:af:51:62: 82:00:29:ff:a1:3e:f3:a0:0d:5b:3f:41:c0:e1:be: 9f:61:05:0e:80:4f:f3:cf:f2:0e:23:54:c0:62:77: 8d:95:18:de:5e:52:2d:86:c2:4f:5f:47:45:2f:e4: 1a:98:0a:d9:e2:21:8d:00:7b:84:ab:92:d4:d4:ac: 14:39:42:86:59:e9:9b:31:fb:2e:78:4c:81:83:35: af:c4:35:c8:66:53:69:6e:e2:b5:d8:21:b6:96:0d: 4b:3c:0d:aa:25:1e:55:3f:d3:3c:81:76:28:6d:46: 6f:97:f1:68:ac:ce:9b:e9:b7:51:89:de:11:e7:b9: ef:2d:d4:93:a6:41:10:e1:bf:e0:b3:61:c9:e4:5d: e3:12:c9:59:34:c1:46:98:a1:f2:14:cc:e1:b3:78: 60:8d:0d:0e:d7:59:29:74:72:36:bf:79:86:27:1d: 8e:b6:0f:6b:5d:dd:0f:ca:0a:02:48:90:fa:2f:a0: aa:53:94:9b:5f:46:17:3a:8b:58:0c:af:aa:c5:d7: cb:8f:48:d9:68:9f:2a:b3:00:a3:1b:4d:e9:27:4a: 38:00:b7:59:de:f1:68:c2:d6:ee:95:e8:1b:77:4a: 51:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8A:A8:7D:0D:D5:3E:F5:A3:DF:A8:76:85:FA:EF:D6:A7:E9:2F:41 X509v3 Authority Key Identifier: keyid:83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:c6:d2:5c:1c:99:49:ab:d5:0c:34:8b:dd:90:8f:78:49:96: 5a:cf:8f:ed:d6:7d:79:69:e9:b4:1e:f5:35:c2:17:62:54:7a: 28:33:1e:95:10:80:10:1c:cc:49:35:15:77:a8:91:18:81:32: 21:db:1c:28:18:f9:3b:88:c9:2b:3f:a7:81:b8:92:cf:38:75: fc:04:4a:32:e7:24:28:de:c2:eb:14:cf:70:ad:f0:79:c5:c5: 8b:d1:72:d4:88:28:8e:eb:8d:63:04:b3:26:91:1b:e1:1a:e9: 1c:ba:9c:c9:5b:8c:a4:21:fc:e4:f5:60:1d:d2:45:f2:d5:8b: 95:a6:8a:d6:61:b8:52:d1:a1:fb:78:c3:3e:c7:2b:0d:35:98: 9c:d3:ea:97:b0:69:85:9b:7d:9b:c0:7e:50:de:a4:54:3b:92: 29:50:ad:aa:f1:93:b9:96:8d:bd:31:0b:26:29:89:0e:92:6c: 2d:76:2f:4e:25:08:ce:9e:87:73:9f:55:74:c0:e7:a1:a7:18: 40:3e:13:67:e4:84:e1:13:32:bc:dd:34:d4:8d:6d:38:62:1c: 76:9b:28:e7:45:c8:a0:84:27:40:af:a5:13:a4:43:35:59:80: 52:92:8f:07:9f:44:2e:7a:21:4e:2a:e9:01:09:37:26:2a:20: 18:de:d8:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kS0zFVFp+yp0IXpql7GzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzYzhkMDFjYWYyYjA3NTFkMDM1YzUzNzU2NmY0NTYyNzky NWU0ZjYwHhcNMjUxMjIwMDcwMjMxWhcNMjUxMjIxMDcwMjMxWjAzMTEwLwYDVQQD Eyg4ODhhYTg3ZDBkZDUzZWY1YTNkZmE4NzY4NWZhZWZkNmE3ZTkyZjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8h/ITsFmz9hxOnI/zAx/+gHd/bZ kTlv3YKvUWKCACn/oT7zoA1bP0HA4b6fYQUOgE/zz/IOI1TAYneNlRjeXlIthsJP X0dFL+QamArZ4iGNAHuEq5LU1KwUOUKGWembMfsueEyBgzWvxDXIZlNpbuK12CG2 lg1LPA2qJR5VP9M8gXYobUZvl/ForM6b6bdRid4R57nvLdSTpkEQ4b/gs2HJ5F3j EslZNMFGmKHyFMzhs3hgjQ0O11kpdHI2v3mGJx2Otg9rXd0PygoCSJD6L6CqU5Sb X0YXOotYDK+qxdfLj0jZaJ8qswCjG03pJ0o4ALdZ3vFowtbulegbd0pRwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIiKqH0N1T71o9+odoX679an6S9BMB8GA1UdIwQY MBaAFIPI0ByvKwdR0DXFN1ZvRWJ5JeT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDct OWFiMjZiMjY2YWE3LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDctOWFiMjZiMjY2YWE3 LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8bSXByZ SavVDDSL3ZCPeEmWWs+P7dZ9eWnptB71NcIXYlR6KDMelRCAEBzMSTUVd6iRGIEy IdscKBj5O4jJKz+ngbiSzzh1/ARKMuckKN7C6xTPcK3wecXFi9Fy1IgojuuNYwSz JpEb4RrpHLqcyVuMpCH85PVgHdJF8tWLlaaK1mG4UtGh+3jDPscrDTWYnNPql7Bp hZt9m8B+UN6kVDuSKVCtqvGTuZaNvTELJimJDpJsLXYvTiUIzp6Hc59VdMDnoacY QD4TZ+SE4RMyvN001I1tOGIcdpso50XIoIQnQK+lE6RDNVmAUpKPB59ELnohTirp AQk3JiogGN7YJg== -----END CERTIFICATE-----Generated at Sat Dec 20 10:50:17 2025 by rpki-client