This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft File: r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft (raw, json) Hash identifier: 38gvZSZfRcJXGm3iVoXZBcAgy8zZhh67gvk7SQ5rmWc= Subject key identifier: 8D:64:8F:4F:36:34:D1:DD:EE:41:C9:36:BD:34:36:42:9C:ED:F6:F3 Authority key identifier: AF:FF:13:A6:7F:22:5C:3C:2A:60:66:58:C2:39:65:B8:19:1D:40:08 Certificate issuer: /CN=afff13a67f225c3c2a606658c23965b8191d4008 Certificate serial: 019B5976509D9B8E69BA3F3AC6595421AD3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft Manifest number: 0DBC Signing time: Fri 26 Dec 2025 07:01:24 +0000 Manifest this update: Fri 26 Dec 2025 07:01:24 +0000 Manifest next update: Sat 27 Dec 2025 07:01:24 +0000 Files and hashes: 1: r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl (hash: Ku5zX1nI4Cbrm9u53p3lZJ3t1S7bBsF4+0d2A0UoH+Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:50:9d:9b:8e:69:ba:3f:3a:c6:59:54:21:ad:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afff13a67f225c3c2a606658c23965b8191d4008 Validity Not Before: Dec 26 07:01:24 2025 GMT Not After : Dec 27 07:01:24 2025 GMT Subject: CN=8d648f4f3634d1ddee41c936bd3436429cedf6f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:81:3f:4a:dc:50:54:13:f3:1c:62:7a:4e:7e: 61:f4:e0:ee:2f:d9:82:2e:b8:42:34:6b:52:c9:6a: d8:14:de:91:cc:bc:d4:09:b1:2e:07:9d:36:6f:c5: cf:4e:88:60:8b:d8:8e:4d:21:ce:62:3a:ce:71:c5: 01:d0:c2:ad:02:f7:ba:03:c2:06:9e:61:79:fd:9b: 93:81:d7:f0:00:0a:58:37:35:72:1e:d2:34:80:be: 19:fa:2b:c5:c0:98:e8:bc:fb:af:64:2d:91:54:b0: 94:0d:d2:71:34:20:6a:3e:db:2e:00:46:28:7b:ad: f6:bf:ed:b0:05:37:4c:5a:b7:98:c9:b6:5e:49:b2: 2c:c2:8e:12:6c:13:2f:f8:ef:da:00:23:e2:27:9c: 03:3b:d8:52:4c:96:1a:70:56:a2:07:54:31:e8:14: 50:a0:27:a2:9a:33:c1:7b:7a:df:5e:14:2e:ec:11: 47:a5:25:84:e1:b9:86:9d:bf:48:ce:6f:ec:65:e9: 92:69:41:37:cb:f3:82:b2:66:6d:c1:a6:23:bf:51: 67:90:c8:f1:98:d3:80:b4:6c:18:d4:a4:c5:3d:b7: c7:c1:96:d6:89:be:81:5e:da:76:86:98:cd:22:ee: 7c:58:68:85:21:e8:fc:47:5e:7c:a7:14:45:97:6c: 85:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:64:8F:4F:36:34:D1:DD:EE:41:C9:36:BD:34:36:42:9C:ED:F6:F3 X509v3 Authority Key Identifier: keyid:AF:FF:13:A6:7F:22:5C:3C:2A:60:66:58:C2:39:65:B8:19:1D:40:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_8Tpn8iXDwqYGZYwjlluBkdQAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8f063c-119a-47a0-8b0d-6d2b2ba2a88a/1/r_8Tpn8iXDwqYGZYwjlluBkdQAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:85:42:ab:94:7c:2b:88:1e:ba:1f:bc:af:56:c5:e9:52:c6: 4a:a7:da:fa:22:6b:ab:86:7b:b7:e6:48:62:a6:d7:7e:3d:a1: 97:90:d4:90:ea:8f:5d:b3:bc:f7:9a:23:0a:06:c6:a5:2f:c0: c2:01:99:6b:79:94:7d:67:fd:bc:56:08:02:ee:98:d2:b9:4d: 78:5d:4a:a3:70:85:e0:cd:31:61:01:2d:85:3b:70:28:c5:21: d2:31:c2:a1:d1:c6:0c:ab:2c:c1:77:b3:9d:59:f1:9b:90:71: bd:1a:a5:9c:9d:bf:f4:27:cb:6b:c0:89:b4:48:14:84:f5:c4: 44:4d:53:aa:0d:46:55:0c:0c:83:b2:37:b7:0f:c7:d1:d5:1f: d6:59:5d:fc:cb:ac:74:b1:61:e2:93:cf:f6:e6:4a:1a:cc:68: 7e:ac:87:cf:4f:c0:ba:00:e3:da:7b:51:a0:43:fd:60:33:a4: 50:f2:b4:50:f9:ca:47:1d:02:3e:16:3a:b5:da:c7:89:60:78: dc:d9:5b:2d:9f:13:e2:42:45:0a:1c:59:2d:41:fb:db:07:a4: ab:03:70:f9:e6:b8:5d:85:21:4f:bc:8a:20:f9:4d:fc:8c:ad: 2f:a8:2d:1a:1a:6b:a2:4e:77:a0:bb:7c:db:38:19:52:ca:dd: 32:0a:1c:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdlCdm45puj86xllUIa0+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZmYxM2E2N2YyMjVjM2MyYTYwNjY1OGMyMzk2NWI4MTkx ZDQwMDgwHhcNMjUxMjI2MDcwMTI0WhcNMjUxMjI3MDcwMTI0WjAzMTEwLwYDVQQD Eyg4ZDY0OGY0ZjM2MzRkMWRkZWU0MWM5MzZiZDM0MzY0MjljZWRmNmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+oE/StxQVBPzHGJ6Tn5h9ODuL9mC LrhCNGtSyWrYFN6RzLzUCbEuB502b8XPTohgi9iOTSHOYjrOccUB0MKtAve6A8IG nmF5/ZuTgdfwAApYNzVyHtI0gL4Z+ivFwJjovPuvZC2RVLCUDdJxNCBqPtsuAEYo e632v+2wBTdMWreYybZeSbIswo4SbBMv+O/aACPiJ5wDO9hSTJYacFaiB1Qx6BRQ oCeimjPBe3rfXhQu7BFHpSWE4bmGnb9Izm/sZemSaUE3y/OCsmZtwaYjv1FnkMjx mNOAtGwY1KTFPbfHwZbWib6BXtp2hpjNIu58WGiFIej8R158pxRFl2yFUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI1kj082NNHd7kHJNr00NkKc7fbzMB8GA1UdIwQY MBaAFK//E6Z/Ilw8KmBmWMI5ZbgZHUAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84ZjA2M2MtMTE5YS00N2EwLThiMGQt NmQyYjJiYTJhODhhLzEvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS84ZjA2M2MtMTE5YS00N2EwLThiMGQtNmQyYjJiYTJhODhh LzEvcl84VHBuOGlYRHdxWUdaWXdqbGx1QmtkUUFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPIVCq5R8 K4geuh+8r1bF6VLGSqfa+iJrq4Z7t+ZIYqbXfj2hl5DUkOqPXbO895ojCgbGpS/A wgGZa3mUfWf9vFYIAu6Y0rlNeF1Ko3CF4M0xYQEthTtwKMUh0jHCodHGDKsswXez nVnxm5BxvRqlnJ2/9CfLa8CJtEgUhPXERE1Tqg1GVQwMg7I3tw/H0dUf1lld/Mus dLFh4pPP9uZKGsxofqyHz0/AugDj2ntRoEP9YDOkUPK0UPnKRx0CPhY6tdrHiWB4 3NlbLZ8T4kJFChxZLUH72wekqwNw+ea4XYUhT7yKIPlN/IytL6gtGhprok53oLt8 2zgZUsrdMgocPw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:26 2025 by rpki-client