This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft File: 8HHkN5gsw0b26BfKZIknI-21QZo.mft (raw, json) Hash identifier: NIaVsR4rjqsezuO1SA7UU01gVD5bUiuIZS5JQ1pXg9s= Subject key identifier: AB:34:26:E6:3C:8C:C1:AB:CF:1D:45:05:8C:58:0B:E6:A0:C6:CD:1A Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a Certificate serial: 019B42B71D547E1ADF461BC2800EA4A2FDB3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft Manifest number: 10EC Signing time: Sun 21 Dec 2025 21:00:55 +0000 Manifest this update: Sun 21 Dec 2025 21:00:55 +0000 Manifest next update: Mon 22 Dec 2025 21:00:55 +0000 Files and hashes: 1: 8HHkN5gsw0b26BfKZIknI-21QZo.crl (hash: OoR/EA6Pon6hv41wc3RaVQIzCg3YFgOgd84cyXhwcCQ=) 2: Wb0clcxCuCcUH9RDxENV44_1l9w.roa (hash: IOO34gWbQwbQwVQDhS544nKGrCLE+a+zuAW9waRkyRU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:1d:54:7e:1a:df:46:1b:c2:80:0e:a4:a2:fd:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a Validity Not Before: Dec 21 21:00:55 2025 GMT Not After : Dec 22 21:00:55 2025 GMT Subject: CN=ab3426e63c8cc1abcf1d45058c580be6a0c6cd1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7b:7e:4c:74:91:e0:c3:d6:2d:2b:ec:b0:b6: 90:98:5c:78:17:1b:ca:f1:5b:78:86:40:8b:7a:69: 2d:48:69:5d:02:4c:7d:63:82:72:37:b7:3d:4b:4f: 81:76:ed:66:ed:e3:95:86:db:6e:c9:ac:2c:ef:25: f6:c8:07:7d:6a:76:6d:3d:ae:d1:52:33:22:2e:a9: 52:f5:13:96:21:70:e3:9c:3b:1c:7b:83:99:83:4a: 80:aa:b8:04:e4:da:07:ea:20:83:68:11:2f:65:47: 03:d6:3c:cc:e4:11:6a:68:3f:64:1d:45:19:f6:74: 2e:f9:f5:db:22:49:c9:3a:57:58:17:8c:d0:e6:7a: a5:d2:76:b6:a4:56:c2:c8:64:17:01:9a:ad:58:32: 8c:bf:0a:9a:c1:65:5d:89:b6:0f:18:99:7a:5a:8f: 38:ca:72:58:45:33:56:d8:6f:7d:fb:f2:ac:c2:61: 91:c2:1c:7f:4e:a1:25:bd:34:94:60:ec:8d:23:eb: 6f:e3:d1:75:95:d6:8a:95:d1:7f:86:15:58:f8:83: a4:53:4f:9d:c2:4d:58:c2:0d:66:19:19:6e:31:0b: 86:98:79:5b:28:0d:0b:22:8b:35:4e:e6:68:3a:2c: 6c:ad:89:9c:7c:98:6c:a7:68:3c:b8:53:d0:5a:21: 72:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:34:26:E6:3C:8C:C1:AB:CF:1D:45:05:8C:58:0B:E6:A0:C6:CD:1A X509v3 Authority Key Identifier: keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:3f:43:41:fa:bf:83:01:44:1b:bd:bb:d1:52:df:11:10:dd: 19:84:8b:75:aa:4c:80:90:1f:7f:23:7f:77:3c:a4:0b:41:df: b5:c9:58:8f:01:3c:a1:1c:42:81:f2:d2:7b:8d:4a:c9:96:bf: 2b:e2:36:7f:fb:34:e0:0e:0d:40:31:fa:4f:10:16:d6:90:25: b0:04:4c:20:ef:56:3a:ff:ce:e3:71:ff:70:2b:60:2e:c0:3e: 42:7f:1c:60:66:07:ad:8b:50:78:3f:54:66:27:55:fb:82:ca: 46:21:1b:f4:ee:51:a8:d1:4c:86:30:cc:f1:10:22:b3:28:a5: ed:38:e9:58:d6:38:28:a9:a6:48:ec:d7:94:42:ab:22:9e:b1: 0c:fc:e2:2a:9b:a7:52:c8:a0:e0:50:db:a8:db:bf:05:23:43: 54:49:89:0e:59:a7:47:fb:46:83:1f:91:da:f4:54:82:47:c1: 18:ce:87:f1:56:fb:c9:3c:1e:38:66:97:e0:0e:8a:31:69:d4: 3e:5a:da:c0:3d:1b:57:d3:17:da:11:38:a9:0e:67:40:42:50: b8:84:61:e0:4b:ea:fb:31:3c:51:97:04:5d:1a:6e:ed:19:5c: fb:e7:3b:b8:7c:0d:a7:15:e3:77:e7:c5:97:1c:23:62:53:d0: 77:dd:c9:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCtx1UfhrfRhvCgA6kov2zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi NTQxOWEwHhcNMjUxMjIxMjEwMDU1WhcNMjUxMjIyMjEwMDU1WjAzMTEwLwYDVQQD EyhhYjM0MjZlNjNjOGNjMWFiY2YxZDQ1MDU4YzU4MGJlNmEwYzZjZDFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnt+THSR4MPWLSvssLaQmFx4FxvK 8Vt4hkCLemktSGldAkx9Y4JyN7c9S0+Bdu1m7eOVhttuyaws7yX2yAd9anZtPa7R UjMiLqlS9ROWIXDjnDsce4OZg0qAqrgE5NoH6iCDaBEvZUcD1jzM5BFqaD9kHUUZ 9nQu+fXbIknJOldYF4zQ5nql0na2pFbCyGQXAZqtWDKMvwqawWVdibYPGJl6Wo84 ynJYRTNW2G99+/KswmGRwhx/TqElvTSUYOyNI+tv49F1ldaKldF/hhVY+IOkU0+d wk1Ywg1mGRluMQuGmHlbKA0LIos1TuZoOixsrYmcfJhsp2g8uFPQWiFyuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKs0JuY8jMGrzx1FBYxYC+agxs0aMB8GA1UdIwQY MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct NzhjYjU5Yjc4YTRmLzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALT9DQfq/ gwFEG7270VLfERDdGYSLdapMgJAffyN/dzykC0HftclYjwE8oRxCgfLSe41KyZa/ K+I2f/s04A4NQDH6TxAW1pAlsARMIO9WOv/O43H/cCtgLsA+Qn8cYGYHrYtQeD9U ZidV+4LKRiEb9O5RqNFMhjDM8RAisyil7TjpWNY4KKmmSOzXlEKrIp6xDPziKpun Usig4FDbqNu/BSNDVEmJDlmnR/tGgx+R2vRUgkfBGM6H8Vb7yTweOGaX4A6KMWnU PlrawD0bV9MX2hE4qQ5nQEJQuIRh4Evq+zE8UZcEXRpu7Rlc++c7uHwNpxXjd+fF lxwjYlPQd93JCg== -----END CERTIFICATE-----Generated at Mon Dec 22 06:50:33 2025 by rpki-client