This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json) Hash identifier: LGCuA0DivxZfi2TfN+92pECUAB0Umqzpq1WdurpZKAY= Subject key identifier: 00:A5:0A:AE:A5:AE:E0:BC:20:50:60:15:69:99:12:34:D9:76:43:A5 Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9 Certificate serial: 019B16BA5D1F10032D16E92DE5C7092CEEE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft Manifest number: 0C19 Signing time: Sat 13 Dec 2025 08:01:10 +0000 Manifest this update: Sat 13 Dec 2025 08:01:10 +0000 Manifest next update: Sun 14 Dec 2025 08:01:10 +0000 Files and hashes: 1: 9ZpW1MFLfzhcDdO5wTaJpRND5LI.roa (hash: eD8scxSV/Ipj3PNHolMKD1Dy5Nq6O0rfumsVRuff780=) 2: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: m6A5GWzFWHC2a7EXoNEX4WcuGWUVhveLGa8FNu4kG9w=) 3: yGExv6aT2zwwq4E64R4PQ7ZXbjU.roa (hash: UK4ZT9heAIw8jcnXNcqfBznXiBKMuH0NwH/ajGH3z/U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 08:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:16:ba:5d:1f:10:03:2d:16:e9:2d:e5:c7:09:2c:ee:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9 Validity Not Before: Dec 13 08:01:10 2025 GMT Not After : Dec 14 08:01:10 2025 GMT Subject: CN=00a50aaea5aee0bc2050601569991234d97643a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:51:73:65:03:22:40:b0:9d:72:9e:fa:c8:e1: f7:ae:b1:34:0f:56:19:31:68:80:ed:a7:27:ab:a6: f9:f3:b1:5e:3a:d8:43:93:fd:ff:e5:0e:27:4c:36: 7c:08:a8:ef:c7:df:30:ec:a6:df:13:f7:02:61:2b: 3d:78:bf:9a:37:cb:f5:3b:72:d4:af:4d:f1:59:be: ef:7d:76:a7:89:c0:06:0d:4a:a6:9c:92:9d:f9:4d: 90:a5:8b:39:2b:07:90:f8:eb:ad:fc:58:4c:19:63: 5c:ea:0d:b7:a3:d0:56:aa:a2:a3:2d:ba:df:1b:71: 7c:3b:b4:f4:59:25:ec:ca:d6:c8:91:a5:46:99:b8: 14:7b:b8:24:04:94:e1:35:77:71:d5:b9:23:b5:e5: 46:06:d8:34:e0:14:d0:26:72:d1:aa:ae:eb:70:09: 8d:e5:7e:bf:8a:81:12:66:16:32:51:eb:aa:65:2e: eb:db:d5:58:d1:e3:32:02:f5:6a:d7:12:0b:5c:a7: 33:8e:a8:c8:f1:f2:95:5e:b5:9e:35:34:cb:19:0d: fa:24:d9:f4:4d:c7:de:3d:62:e4:2c:48:e3:b5:97: 06:7d:9f:9e:e5:96:95:c8:49:4a:0d:ae:62:2c:38: 0b:70:a0:51:69:42:88:a9:51:07:cd:3e:b5:3c:1d: b8:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:A5:0A:AE:A5:AE:E0:BC:20:50:60:15:69:99:12:34:D9:76:43:A5 X509v3 Authority Key Identifier: keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:e7:d8:92:18:ee:c6:4b:00:e4:95:d6:17:8b:7f:d2:c7:28: 17:10:7a:06:69:cb:0f:cf:b5:42:d3:c7:3c:f8:fb:d5:5e:7b: a4:e7:66:f6:c9:11:10:e6:23:80:d2:fe:db:ae:0c:2f:57:51: 09:28:20:de:ee:f6:8d:91:84:48:cd:ba:fe:7d:82:2f:2f:8c: 8c:4f:06:eb:59:b2:dd:67:fc:f0:76:b6:15:96:ff:4d:a1:c3: c0:4e:36:7d:73:40:f6:3d:b8:1e:46:66:c8:ff:dc:3f:fd:4a: 67:e9:c8:25:33:fb:fb:de:02:cb:f9:3b:5e:0f:8a:b7:7e:1d: 30:0a:dc:52:fc:ac:9a:64:d2:54:48:66:98:b4:20:15:e3:c5: 03:bf:57:53:12:5c:3d:0b:cb:c5:41:c3:64:df:7c:51:8f:04: d0:2a:9e:68:5a:62:ea:e2:65:14:49:e7:80:66:15:25:59:dd: 9f:16:e9:23:e9:57:f8:14:e7:50:d4:71:63:93:4f:72:6b:28: 18:39:97:39:20:51:d7:3e:9d:2a:e2:ce:5b:35:0a:11:f2:b1: 17:0b:f3:9b:c3:7d:fd:fc:6d:79:ff:01:f1:e5:0a:a0:3f:86: 15:54:42:26:9f:6c:2a:76:6a:db:6e:64:75:1d:bd:e8:2f:07: c7:fa:d2:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsWul0fEAMtFukt5ccJLO7nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5 ZDk3YzkwHhcNMjUxMjEzMDgwMTEwWhcNMjUxMjE0MDgwMTEwWjAzMTEwLwYDVQQD EygwMGE1MGFhZWE1YWVlMGJjMjA1MDYwMTU2OTk5MTIzNGQ5NzY0M2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlFzZQMiQLCdcp76yOH3rrE0D1YZ MWiA7acnq6b587FeOthDk/3/5Q4nTDZ8CKjvx98w7KbfE/cCYSs9eL+aN8v1O3LU r03xWb7vfXanicAGDUqmnJKd+U2QpYs5KweQ+Out/FhMGWNc6g23o9BWqqKjLbrf G3F8O7T0WSXsytbIkaVGmbgUe7gkBJThNXdx1bkjteVGBtg04BTQJnLRqq7rcAmN 5X6/ioESZhYyUeuqZS7r29VY0eMyAvVq1xILXKczjqjI8fKVXrWeNTTLGQ36JNn0 TcfePWLkLEjjtZcGfZ+e5ZaVyElKDa5iLDgLcKBRaUKIqVEHzT61PB24FQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAClCq6lruC8IFBgFWmZEjTZdkOlMB8GA1UdIwQY MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv+fYkhju xksA5JXWF4t/0scoFxB6BmnLD8+1QtPHPPj71V57pOdm9skREOYjgNL+264ML1dR CSgg3u72jZGESM26/n2CLy+MjE8G61my3Wf88Ha2FZb/TaHDwE42fXNA9j24HkZm yP/cP/1KZ+nIJTP7+94Cy/k7Xg+Kt34dMArcUvysmmTSVEhmmLQgFePFA79XUxJc PQvLxUHDZN98UY8E0CqeaFpi6uJlFEnngGYVJVndnxbpI+lX+BTnUNRxY5NPcmso GDmXOSBR1z6dKuLOWzUKEfKxFwvzm8N9/fxtef8B8eUKoD+GFVRCJp9sKnZq225k dR296C8Hx/rSqg== -----END CERTIFICATE-----Generated at Sat Dec 13 13:34:23 2025 by rpki-client