This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft File: 8R8omgChsRW386TRuAEb-Q0aL3I.mft (raw, json) Hash identifier: i1eU/T955tXjRmF4CkEOcLNlVYe8JwjPdxvOnJ4iFPg= Subject key identifier: D7:44:8D:9E:79:8C:72:9E:70:3A:73:9D:37:76:D9:86:01:08:0C:27 Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72 Certificate issuer: /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72 Certificate serial: 019B3A905C6FD78A7F68DBC34E09C201B77B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft Manifest number: 0B56 Signing time: Sat 20 Dec 2025 07:01:37 +0000 Manifest this update: Sat 20 Dec 2025 07:01:37 +0000 Manifest next update: Sun 21 Dec 2025 07:01:37 +0000 Files and hashes: 1: 8R8omgChsRW386TRuAEb-Q0aL3I.crl (hash: PbYxeeOyPStEyWrsRPXDwiytMdvj2Euyl6L/8Jj+kFE=) 2: tRxgXr9YQwTbEh2NqyL9M68npkQ.roa (hash: QcuVE9jeWpJsMM52+9+6n7mFIjZuC9lNEDcWkB7O3NI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:5c:6f:d7:8a:7f:68:db:c3:4e:09:c2:01:b7:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72 Validity Not Before: Dec 20 07:01:37 2025 GMT Not After : Dec 21 07:01:37 2025 GMT Subject: CN=d7448d9e798c729e703a739d3776d98601080c27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:21:ab:a5:02:7e:62:50:4c:63:30:9c:7b:4f: 16:21:96:4b:f0:54:3b:3a:fc:bb:65:85:cf:9f:12: 55:7f:b9:db:2d:69:a6:23:51:e8:83:d5:99:6d:55: 39:8c:b7:66:a7:c8:d3:b1:e2:dc:8a:47:f8:cc:ab: 85:1a:77:e6:0f:3a:76:a8:fb:a3:74:5b:eb:9c:c6: 00:1b:51:f4:d9:49:1f:05:61:b6:44:81:dd:f2:f7: 27:ee:a9:64:0d:6f:fc:7d:53:7c:aa:01:52:4b:64: ef:3f:04:4b:92:4d:a2:71:e9:4c:4a:24:25:5d:39: ed:fb:c1:9d:40:74:56:c2:89:1d:e0:d9:f6:2a:48: cb:43:a8:83:32:c2:a1:b5:11:0c:28:cc:89:25:4e: b3:e7:1c:2b:b3:08:d5:36:bd:4a:04:8e:fb:d5:d2: 40:5d:19:22:e6:68:c7:ee:9a:c9:56:47:43:03:19: f4:00:f1:92:55:54:94:92:c9:a3:0d:f6:ac:cd:7c: 3a:0f:22:7c:9a:17:cb:54:38:5d:21:d7:fd:5a:4e: 89:27:cc:15:6d:7d:dd:c1:53:d6:b5:58:5f:55:1a: 1d:1a:69:8a:4c:17:ce:4e:09:e5:91:3f:98:a3:d2: 82:a8:37:2e:1a:8d:fd:99:cd:65:0d:ec:c4:00:41: 46:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:44:8D:9E:79:8C:72:9E:70:3A:73:9D:37:76:D9:86:01:08:0C:27 X509v3 Authority Key Identifier: keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:74:c5:e6:5b:1d:c5:e7:a0:be:fd:52:b5:8e:cf:0e:79:d3: 54:8e:8f:f7:25:01:12:3c:d2:04:18:69:8c:ee:0e:ad:00:21: 15:2a:54:5e:e4:10:8f:b7:54:af:54:a8:2e:e4:a3:62:9a:fa: 44:26:cf:64:08:4c:70:1a:f9:3c:31:d1:32:78:81:95:3e:c4: e6:31:f5:e6:5e:ea:c6:2c:34:29:a0:48:5e:5c:27:47:5c:62: ce:6a:d6:14:fe:bd:56:77:f7:14:c0:23:20:52:96:00:57:47: 70:87:e8:35:87:13:df:6e:84:8b:a8:47:21:b6:f5:11:4d:c0: 81:64:c9:20:98:31:74:08:28:fb:ae:48:ca:84:da:1f:6b:33: 95:80:2c:68:06:08:33:4c:9b:ab:74:53:c5:a5:f2:3e:28:00: 87:6e:df:4a:ba:43:7e:12:88:a8:49:23:d8:fc:38:d3:38:3f: 3f:10:10:dd:43:6b:40:09:d8:6e:96:45:56:e0:34:fd:b5:7f: be:42:6a:10:59:7b:56:ff:12:b0:9c:21:e5:a4:f3:ee:47:8d: 16:23:d3:3e:7b:b5:ef:4e:dd:6b:df:d4:38:c9:dc:5c:35:4a: ee:08:9d:82:9d:29:61:08:59:96:02:56:ad:3a:ea:11:7b:75: ea:05:1b:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kFxv14p/aNvDTgnCAbd7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx YTJmNzIwHhcNMjUxMjIwMDcwMTM3WhcNMjUxMjIxMDcwMTM3WjAzMTEwLwYDVQQD EyhkNzQ0OGQ5ZTc5OGM3MjllNzAzYTczOWQzNzc2ZDk4NjAxMDgwYzI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SGrpQJ+YlBMYzCce08WIZZL8FQ7 Ovy7ZYXPnxJVf7nbLWmmI1Hog9WZbVU5jLdmp8jTseLcikf4zKuFGnfmDzp2qPuj dFvrnMYAG1H02UkfBWG2RIHd8vcn7qlkDW/8fVN8qgFSS2TvPwRLkk2icelMSiQl XTnt+8GdQHRWwokd4Nn2KkjLQ6iDMsKhtREMKMyJJU6z5xwrswjVNr1KBI771dJA XRki5mjH7prJVkdDAxn0APGSVVSUksmjDfaszXw6DyJ8mhfLVDhdIdf9Wk6JJ8wV bX3dwVPWtVhfVRodGmmKTBfOTgnlkT+Yo9KCqDcuGo39mc1lDezEAEFGcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNdEjZ55jHKecDpznTd22YYBCAwnMB8GA1UdIwQY MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct NzRlODQ5NjcxNjhiLzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3TF5lsd xeegvv1StY7PDnnTVI6P9yUBEjzSBBhpjO4OrQAhFSpUXuQQj7dUr1SoLuSjYpr6 RCbPZAhMcBr5PDHRMniBlT7E5jH15l7qxiw0KaBIXlwnR1xizmrWFP69Vnf3FMAj IFKWAFdHcIfoNYcT326Ei6hHIbb1EU3AgWTJIJgxdAgo+65IyoTaH2szlYAsaAYI M0ybq3RTxaXyPigAh27fSrpDfhKIqEkj2Pw40zg/PxAQ3UNrQAnYbpZFVuA0/bV/ vkJqEFl7Vv8SsJwh5aTz7keNFiPTPnu1707da9/UOMncXDVK7gidgp0pYQhZlgJW rTrqEXt16gUbGQ== -----END CERTIFICATE-----Generated at Sat Dec 20 12:38:52 2025 by rpki-client