This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.mft File: cM8vAv8fpzt72x-_g6u77C07HL0.mft (raw, json) Hash identifier: RwBYcu4b9y5nBbX0gHwqv4Oi2JQYNaOM9vEaSViLSgk= Subject key identifier: 78:70:92:8F:BD:89:D2:FB:33:2A:75:E5:0C:48:40:AD:08:08:DA:F5 Authority key identifier: 70:CF:2F:02:FF:1F:A7:3B:7B:DB:1F:BF:83:AB:BB:EC:2D:3B:1C:BD Certificate issuer: /CN=70cf2f02ff1fa73b7bdb1fbf83abbbec2d3b1cbd Certificate serial: 019B5A51F9B1EDE9FD2B327A735463F25B8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cM8vAv8fpzt72x-_g6u77C07HL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.mft Manifest number: 71 Signing time: Fri 26 Dec 2025 11:01:20 +0000 Manifest this update: Fri 26 Dec 2025 11:01:20 +0000 Manifest next update: Sat 27 Dec 2025 11:01:20 +0000 Files and hashes: 1: cM8vAv8fpzt72x-_g6u77C07HL0.crl (hash: 9s+ME0gaiMIbDhQRJdgjASMYszEeeyZr2bvD+bQ/0Ag=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.mft rsync://rpki.ripe.net/repository/DEFAULT/cM8vAv8fpzt72x-_g6u77C07HL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:f9:b1:ed:e9:fd:2b:32:7a:73:54:63:f2:5b:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70cf2f02ff1fa73b7bdb1fbf83abbbec2d3b1cbd Validity Not Before: Dec 26 11:01:20 2025 GMT Not After : Dec 27 11:01:20 2025 GMT Subject: CN=7870928fbd89d2fb332a75e50c4840ad0808daf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f8:67:20:f6:2a:db:34:51:e8:4e:67:42:b5: be:70:75:23:9d:71:88:63:b6:49:d0:cb:f2:6d:9c: 16:5f:80:83:e5:10:95:c9:71:1d:e8:af:c0:57:af: f9:2b:0e:f8:92:0d:6d:de:3a:2c:9c:76:ad:ba:24: 3a:39:50:15:f1:7f:de:2b:26:93:99:cf:66:3a:31: 4a:9d:49:cd:7f:4e:31:1c:6e:92:61:b0:d5:06:a4: 3b:e5:14:1e:af:94:8e:ac:06:6a:d0:f5:64:45:34: 3f:9c:12:7a:f2:b8:13:1e:f8:44:a6:fe:6e:4f:19: ca:7b:79:80:57:a2:3a:d4:35:4d:88:2d:5a:c3:6f: d4:36:25:2c:6a:f9:84:a9:73:dc:c0:39:20:e8:6b: 03:c6:e2:d8:03:8b:24:94:df:fa:2a:a3:55:de:81: e3:39:87:40:5b:20:f5:db:7c:a3:0b:aa:87:a3:2c: e4:bc:9a:bb:9a:7e:fb:ff:58:58:a4:9f:54:7c:73: f6:b4:e6:d2:8a:58:f8:63:4c:be:e4:32:10:5b:ab: 50:33:c7:55:8a:98:d9:6c:52:33:b3:1b:ac:f7:68: 32:30:86:e8:24:c8:02:57:66:27:34:67:08:25:65: 1c:a0:ed:4c:da:32:83:15:50:c3:70:6b:c4:c3:15: 10:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:70:92:8F:BD:89:D2:FB:33:2A:75:E5:0C:48:40:AD:08:08:DA:F5 X509v3 Authority Key Identifier: keyid:70:CF:2F:02:FF:1F:A7:3B:7B:DB:1F:BF:83:AB:BB:EC:2D:3B:1C:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cM8vAv8fpzt72x-_g6u77C07HL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4cfd0c-8c20-45c2-97fa-4ac3a4ee4b3e/1/cM8vAv8fpzt72x-_g6u77C07HL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:46:e7:7e:b4:53:3d:20:8c:44:9f:4f:f5:b7:63:e8:37:b1: 96:9e:1f:9b:02:bd:67:8c:82:32:7c:9e:c0:79:a9:32:69:07: 9c:8f:bd:1d:a7:7d:63:7b:3e:08:6b:3b:dd:e0:8d:d2:6f:2a: f2:49:0f:fa:6f:47:30:d4:3f:f2:4f:b8:1f:c0:2e:fe:eb:78: 8b:e2:91:32:05:b6:2b:63:f6:36:a7:0d:28:97:0a:68:04:94: 55:13:a0:2b:1d:f7:30:86:fe:fc:a8:50:b5:02:4b:07:ff:e9: 3e:a5:d5:27:0e:dc:6a:3b:ed:8b:1d:f2:c1:7b:36:7c:15:f6: 15:74:94:4b:57:c9:e5:19:39:1e:9d:19:c1:b8:6a:29:78:b8: 2e:5e:2e:62:38:ec:97:1d:c0:4d:62:16:80:14:0d:f0:90:4a: ef:bb:71:ce:5a:26:a2:87:88:bc:09:c1:8f:78:8d:7c:4d:04: 8e:17:d5:9d:f1:c1:5e:a1:c4:ac:36:ff:0f:94:4e:55:a9:72: 82:bf:df:92:ac:23:d7:d2:2d:78:46:3e:ae:a9:52:2c:76:80: ed:5b:09:55:71:5d:ee:7e:af:c6:8c:f9:00:c1:86:2b:62:77: 19:0f:31:0c:03:da:4b:b0:9d:ef:cb:f8:35:09:e2:db:29:18: 96:33:01:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUfmx7en9KzJ6c1Rj8luNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwY2YyZjAyZmYxZmE3M2I3YmRiMWZiZjgzYWJiYmVjMmQz YjFjYmQwHhcNMjUxMjI2MTEwMTIwWhcNMjUxMjI3MTEwMTIwWjAzMTEwLwYDVQQD Eyg3ODcwOTI4ZmJkODlkMmZiMzMyYTc1ZTUwYzQ4NDBhZDA4MDhkYWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPhnIPYq2zRR6E5nQrW+cHUjnXGI Y7ZJ0MvybZwWX4CD5RCVyXEd6K/AV6/5Kw74kg1t3josnHatuiQ6OVAV8X/eKyaT mc9mOjFKnUnNf04xHG6SYbDVBqQ75RQer5SOrAZq0PVkRTQ/nBJ68rgTHvhEpv5u TxnKe3mAV6I61DVNiC1aw2/UNiUsavmEqXPcwDkg6GsDxuLYA4sklN/6KqNV3oHj OYdAWyD123yjC6qHoyzkvJq7mn77/1hYpJ9UfHP2tObSilj4Y0y+5DIQW6tQM8dV ipjZbFIzsxus92gyMIboJMgCV2YnNGcIJWUcoO1M2jKDFVDDcGvEwxUQ8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhwko+9idL7Myp15QxIQK0ICNr1MB8GA1UdIwQY MBaAFHDPLwL/H6c7e9sfv4Oru+wtOxy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY004dkF2OGZwenQ3MngtX2c2dTc3QzA3SEwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80Y2ZkMGMtOGMyMC00NWMyLTk3ZmEt NGFjM2E0ZWU0YjNlLzEvY004dkF2OGZwenQ3MngtX2c2dTc3QzA3SEwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi80Y2ZkMGMtOGMyMC00NWMyLTk3ZmEtNGFjM2E0ZWU0YjNl LzEvY004dkF2OGZwenQ3MngtX2c2dTc3QzA3SEwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhkbnfrRT PSCMRJ9P9bdj6Dexlp4fmwK9Z4yCMnyewHmpMmkHnI+9Had9Y3s+CGs73eCN0m8q 8kkP+m9HMNQ/8k+4H8Au/ut4i+KRMgW2K2P2NqcNKJcKaASUVROgKx33MIb+/KhQ tQJLB//pPqXVJw7cajvtix3ywXs2fBX2FXSUS1fJ5Rk5Hp0ZwbhqKXi4Ll4uYjjs lx3ATWIWgBQN8JBK77txzlomooeIvAnBj3iNfE0EjhfVnfHBXqHErDb/D5ROValy gr/fkqwj19IteEY+rqlSLHaA7VsJVXFd7n6vxoz5AMGGK2J3GQ8xDAPaS7Cd78v4 NQni2ykYljMBoA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:25 2025 by rpki-client