This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.mft File: h8O4Wnvvu0SQ16yFLri-hL-Ti00.mft (raw, json) Hash identifier: uWheHECAUP2KtRJjuf/kuFvci+Cv893DEPWJ6hJuSsw= Subject key identifier: 43:5B:A3:4C:B3:BD:F5:82:9D:04:B8:9A:56:48:FF:2F:75:2F:B8:8D Authority key identifier: 87:C3:B8:5A:7B:EF:BB:44:90:D7:AC:85:2E:B8:BE:84:BF:93:8B:4D Certificate issuer: /CN=87c3b85a7befbb4490d7ac852eb8be84bf938b4d Certificate serial: 019B4A70F84262C98DC33719FDB18007639E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8O4Wnvvu0SQ16yFLri-hL-Ti00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.mft Manifest number: 09AF Signing time: Tue 23 Dec 2025 09:01:16 +0000 Manifest this update: Tue 23 Dec 2025 09:01:16 +0000 Manifest next update: Wed 24 Dec 2025 09:01:16 +0000 Files and hashes: 1: AO9S5FPNyFUFF8sl00iZG2uj63o.roa (hash: dj/tZS47oYr7HP4aHIaoRYk9wXqksDBdwIFty9clVxk=) 2: h8O4Wnvvu0SQ16yFLri-hL-Ti00.crl (hash: ufuWyTJ60KEtphz37MslngmR9wvFYv56OTwtbAAelPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.crl rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.mft rsync://rpki.ripe.net/repository/DEFAULT/h8O4Wnvvu0SQ16yFLri-hL-Ti00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:70:f8:42:62:c9:8d:c3:37:19:fd:b1:80:07:63:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87c3b85a7befbb4490d7ac852eb8be84bf938b4d Validity Not Before: Dec 23 09:01:16 2025 GMT Not After : Dec 24 09:01:16 2025 GMT Subject: CN=435ba34cb3bdf5829d04b89a5648ff2f752fb88d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:3b:26:25:3f:a4:09:db:52:86:a9:bf:59:09: 37:2a:88:ed:ca:d0:d2:7f:c6:ba:a3:08:95:46:a5: 6b:f1:8d:30:a8:93:f7:b0:07:e7:6a:b6:32:98:ad: 62:2e:25:e9:b5:79:74:54:dc:98:4c:f6:7b:c0:58: 17:1f:14:88:64:59:f0:6d:df:01:f3:3e:14:7e:36: bd:17:b2:6f:50:2c:5e:d9:f7:e1:7f:04:81:59:e5: ca:0d:7f:e0:d4:a2:0b:33:17:74:51:c3:d7:e7:c1: 39:e4:5f:d6:66:04:45:39:7f:35:5a:57:64:c1:1a: cb:ba:d5:71:d5:c2:0e:86:16:d3:9c:b9:80:f9:91: f7:7d:36:f4:05:cb:a2:f0:8e:16:8b:34:c4:1e:3b: 1a:32:e5:81:7f:2a:99:42:cd:9a:88:ef:0a:78:c0: 07:85:6f:64:2e:8a:88:d9:74:22:40:88:d8:25:08: cf:81:18:38:8b:de:65:5c:fc:d0:4e:61:41:7b:42: b8:c3:8c:21:6a:14:90:28:1e:3c:79:00:f9:e1:5c: 77:f7:4f:a8:4e:ed:f4:74:82:48:03:20:81:b0:78: 14:a0:61:0a:3e:f4:0a:f9:84:45:07:49:4a:bb:67: af:0a:d6:b2:7e:8d:cf:27:b8:d1:6d:f2:cc:0f:63: 83:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:5B:A3:4C:B3:BD:F5:82:9D:04:B8:9A:56:48:FF:2F:75:2F:B8:8D X509v3 Authority Key Identifier: keyid:87:C3:B8:5A:7B:EF:BB:44:90:D7:AC:85:2E:B8:BE:84:BF:93:8B:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8O4Wnvvu0SQ16yFLri-hL-Ti00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc5cc8-b3ef-40fc-ae40-78ec8023068f/1/h8O4Wnvvu0SQ16yFLri-hL-Ti00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:61:77:40:bd:52:40:9f:c8:a8:a7:e9:5d:05:4f:f9:a6:3f: 47:c4:66:40:bb:74:38:45:7b:4e:0f:b6:53:c1:5a:c9:ae:a8: 65:5b:d6:41:a1:ff:e0:74:d5:92:51:04:0b:0f:6f:b0:18:cf: 88:f0:af:8c:6f:a0:44:86:79:4a:c7:2a:71:d8:a4:55:09:17: 87:7b:6f:57:fd:64:26:fa:75:5b:b4:44:72:91:cc:2a:8e:e5: b4:7d:11:36:9a:10:10:06:b1:68:17:77:1d:b4:de:77:3f:1a: fd:b6:9d:e7:32:5c:dd:e4:68:a7:b3:07:ca:c1:4d:c5:63:3b: 31:e6:c5:cc:6f:ac:84:c2:49:d1:6e:3b:13:20:ff:3c:8b:d3: f0:8a:b9:19:d1:66:9e:0c:d3:f5:be:ae:37:37:31:c4:d7:39: 48:a7:23:5d:82:12:fb:d4:7b:ef:7c:f3:40:ec:fb:4d:a4:94: 89:35:70:85:21:02:0c:d9:96:19:f1:f7:8e:2e:2a:d9:0b:c8: 66:31:f8:8b:4a:b0:2c:84:e4:22:6c:c4:55:71:5c:d2:0e:c5: 5a:da:2a:4a:41:1d:36:bb:a1:97:e6:51:ab:e1:85:7d:87:f8: 71:7c:e3:90:58:a5:c5:22:61:56:24:c8:5f:9a:ba:b1:34:89: 1f:b4:32:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKcPhCYsmNwzcZ/bGAB2OeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YzNiODVhN2JlZmJiNDQ5MGQ3YWM4NTJlYjhiZTg0YmY5 MzhiNGQwHhcNMjUxMjIzMDkwMTE2WhcNMjUxMjI0MDkwMTE2WjAzMTEwLwYDVQQD Eyg0MzViYTM0Y2IzYmRmNTgyOWQwNGI4OWE1NjQ4ZmYyZjc1MmZiODhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTsmJT+kCdtShqm/WQk3KojtytDS f8a6owiVRqVr8Y0wqJP3sAfnarYymK1iLiXptXl0VNyYTPZ7wFgXHxSIZFnwbd8B 8z4Ufja9F7JvUCxe2ffhfwSBWeXKDX/g1KILMxd0UcPX58E55F/WZgRFOX81Wldk wRrLutVx1cIOhhbTnLmA+ZH3fTb0Bcui8I4WizTEHjsaMuWBfyqZQs2aiO8KeMAH hW9kLoqI2XQiQIjYJQjPgRg4i95lXPzQTmFBe0K4w4whahSQKB48eQD54Vx390+o Tu30dIJIAyCBsHgUoGEKPvQK+YRFB0lKu2evCtayfo3PJ7jRbfLMD2OD8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFENbo0yzvfWCnQS4mlZI/y91L7iNMB8GA1UdIwQY MBaAFIfDuFp777tEkNeshS64voS/k4tNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDhPNFdudnZ1MFNRMTZ5RkxyaS1oTC1UaTAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzVjYzgtYjNlZi00MGZjLWFlNDAt NzhlYzgwMjMwNjhmLzEvaDhPNFdudnZ1MFNRMTZ5RkxyaS1oTC1UaTAwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9iYzVjYzgtYjNlZi00MGZjLWFlNDAtNzhlYzgwMjMwNjhm LzEvaDhPNFdudnZ1MFNRMTZ5RkxyaS1oTC1UaTAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa2F3QL1S QJ/IqKfpXQVP+aY/R8RmQLt0OEV7Tg+2U8Faya6oZVvWQaH/4HTVklEECw9vsBjP iPCvjG+gRIZ5SscqcdikVQkXh3tvV/1kJvp1W7REcpHMKo7ltH0RNpoQEAaxaBd3 HbTedz8a/bad5zJc3eRop7MHysFNxWM7MebFzG+shMJJ0W47EyD/PIvT8Iq5GdFm ngzT9b6uNzcxxNc5SKcjXYIS+9R773zzQOz7TaSUiTVwhSECDNmWGfH3ji4q2QvI ZjH4i0qwLITkImzEVXFc0g7FWtoqSkEdNruhl+ZRq+GFfYf4cXzjkFilxSJhViTI X5q6sTSJH7QyDg== -----END CERTIFICATE-----Generated at Tue Dec 23 16:43:55 2025 by rpki-client