This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft File: 8R8omgChsRW386TRuAEb-Q0aL3I.mft (raw, json) Hash identifier: 7R58G/EfcVA0xkMCe9fHSNa8kLRBIyOnPiCRU1f84gk= Subject key identifier: 70:0F:49:A2:07:87:05:AD:13:52:E9:50:56:19:5F:D4:49:5F:C4:8B Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72 Certificate issuer: /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72 Certificate serial: 019B1BAA1D239050D4941747064BCFFC4F0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft Manifest number: 0B46 Signing time: Sun 14 Dec 2025 07:01:31 +0000 Manifest this update: Sun 14 Dec 2025 07:01:31 +0000 Manifest next update: Mon 15 Dec 2025 07:01:31 +0000 Files and hashes: 1: 8R8omgChsRW386TRuAEb-Q0aL3I.crl (hash: F8mwgtEockzQ4zVroYPNsmuupoFVSKIc8RCl7RroX50=) 2: tRxgXr9YQwTbEh2NqyL9M68npkQ.roa (hash: QcuVE9jeWpJsMM52+9+6n7mFIjZuC9lNEDcWkB7O3NI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:aa:1d:23:90:50:d4:94:17:47:06:4b:cf:fc:4f:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72 Validity Not Before: Dec 14 07:01:31 2025 GMT Not After : Dec 15 07:01:31 2025 GMT Subject: CN=700f49a2078705ad1352e95056195fd4495fc48b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:51:4f:85:42:d4:7d:c3:38:ff:f3:e4:15:35: d0:7d:f0:c7:4c:c0:5f:3c:22:af:9f:89:df:46:e0: c0:20:5a:4b:ac:a5:1b:48:05:36:22:8b:44:e8:2c: b6:ed:f7:56:df:8b:c8:27:ee:91:7a:72:7a:9c:b3: 92:28:b2:f9:c9:3d:0c:15:6c:83:48:34:ba:b3:13: 21:ec:73:7f:09:dc:f9:8e:5a:19:54:ca:31:51:dd: 0c:3b:f4:01:c6:5c:82:93:4a:d9:c7:8f:1e:d2:7c: ab:84:4f:b0:68:96:66:d5:b9:aa:f7:b8:72:a2:2f: b9:ba:5c:48:e1:f9:29:fd:af:50:92:af:0d:2d:1b: 1a:20:a3:48:7c:01:10:33:b8:9e:95:eb:c2:3c:89: 34:ba:f2:8e:72:97:11:6b:c7:44:97:09:d3:f7:e0: 9d:27:63:b8:a1:74:9c:a6:09:f4:8d:f7:1c:d1:2e: 39:ab:5e:2b:b1:46:ff:aa:ce:13:c4:a2:66:44:40: 14:23:75:12:5a:63:9c:8e:94:de:3d:b1:d3:d8:d8: 94:ac:ef:60:aa:f2:7f:dc:4c:78:ea:ed:ee:d4:f1: 4a:6e:97:4b:53:6a:bb:6a:16:21:b2:ca:95:e2:c0: 71:0e:55:a3:4d:b3:2b:48:39:da:06:b3:5f:2c:05: df:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:0F:49:A2:07:87:05:AD:13:52:E9:50:56:19:5F:D4:49:5F:C4:8B X509v3 Authority Key Identifier: keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:7d:3f:7a:c5:ba:f7:f5:e1:43:c0:ec:27:62:f7:52:da:ce: c5:df:0f:1e:13:15:8d:28:58:05:1e:1d:f9:2c:ea:5e:7c:57: 17:8a:b9:fc:d6:ca:8a:a2:a1:71:89:05:56:3d:11:9d:ea:ce: 65:a5:e0:81:fe:59:7e:3f:3f:0b:c2:97:a0:68:0c:64:32:1e: b1:83:58:d9:d2:b5:4c:7d:a1:b1:7d:fd:8d:60:16:55:01:2c: be:8d:c2:fc:cb:a8:af:c5:76:12:7b:e7:3d:fa:97:b7:8d:77: 94:b5:dc:ee:62:fa:18:2e:e7:ac:96:e4:17:01:df:45:49:de: d7:70:a6:76:69:88:d3:94:6b:fe:e5:e5:ed:cf:5c:b0:e2:6c: 63:f0:e1:58:f1:c1:e2:d6:e6:51:7d:b1:c0:8a:57:73:d0:fb: e4:9e:1b:f9:f8:33:21:8f:35:ac:c9:98:e6:ae:ac:27:c8:16: d2:34:d6:69:49:e3:86:55:ce:81:9c:27:0d:9e:ac:e0:1f:5a: ac:44:f4:84:c0:ba:31:18:a1:6f:28:bc:e0:af:06:7d:41:84: 1d:66:c9:57:22:f6:8e:f0:a1:2e:27:96:64:f2:4f:55:a3:79: 2c:4a:2b:44:05:24:69:c1:5a:27:83:89:22:fd:09:5d:15:8d: f9:de:da:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqh0jkFDUlBdHBkvP/E8MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx YTJmNzIwHhcNMjUxMjE0MDcwMTMxWhcNMjUxMjE1MDcwMTMxWjAzMTEwLwYDVQQD Eyg3MDBmNDlhMjA3ODcwNWFkMTM1MmU5NTA1NjE5NWZkNDQ5NWZjNDhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulFPhULUfcM4//PkFTXQffDHTMBf PCKvn4nfRuDAIFpLrKUbSAU2IotE6Cy27fdW34vIJ+6RenJ6nLOSKLL5yT0MFWyD SDS6sxMh7HN/Cdz5jloZVMoxUd0MO/QBxlyCk0rZx48e0nyrhE+waJZm1bmq97hy oi+5ulxI4fkp/a9Qkq8NLRsaIKNIfAEQM7ielevCPIk0uvKOcpcRa8dElwnT9+Cd J2O4oXScpgn0jfcc0S45q14rsUb/qs4TxKJmREAUI3USWmOcjpTePbHT2NiUrO9g qvJ/3Ex46u3u1PFKbpdLU2q7ahYhssqV4sBxDlWjTbMrSDnaBrNfLAXfnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHAPSaIHhwWtE1LpUFYZX9RJX8SLMB8GA1UdIwQY MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct NzRlODQ5NjcxNjhiLzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMn0/esW6 9/XhQ8DsJ2L3UtrOxd8PHhMVjShYBR4d+SzqXnxXF4q5/NbKiqKhcYkFVj0RnerO ZaXggf5Zfj8/C8KXoGgMZDIesYNY2dK1TH2hsX39jWAWVQEsvo3C/Muor8V2Envn PfqXt413lLXc7mL6GC7nrJbkFwHfRUne13CmdmmI05Rr/uXl7c9csOJsY/DhWPHB 4tbmUX2xwIpXc9D75J4b+fgzIY81rMmY5q6sJ8gW0jTWaUnjhlXOgZwnDZ6s4B9a rET0hMC6MRihbyi84K8GfUGEHWbJVyL2jvChLieWZPJPVaN5LEorRAUkacFaJ4OJ Iv0JXRWN+d7aiw== -----END CERTIFICATE-----Generated at Sun Dec 14 12:09:20 2025 by rpki-client