This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json) Hash identifier: NbKxxtPRplnUxeNhNV2XlZIMhh16jen2UQIvBdF6ACg= Subject key identifier: 9D:5D:11:EF:EF:B3:0F:3D:9D:7E:A6:A5:77:83:73:1A:7E:22:76:B7 Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4 Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4 Certificate serial: 019B48EFD1B30F41A90B4C904387F0818E00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft Manifest number: 0B62 Signing time: Tue 23 Dec 2025 02:00:34 +0000 Manifest this update: Tue 23 Dec 2025 02:00:34 +0000 Manifest next update: Wed 24 Dec 2025 02:00:34 +0000 Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: RwUuNtCFNmBy0B69UtLmsTCYi4TEaQo+VEV5df8Vwlc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:ef:d1:b3:0f:41:a9:0b:4c:90:43:87:f0:81:8e:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4 Validity Not Before: Dec 23 02:00:34 2025 GMT Not After : Dec 24 02:00:34 2025 GMT Subject: CN=9d5d11efefb30f3d9d7ea6a57783731a7e2276b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:3a:77:9d:04:44:07:ec:ab:3e:29:a0:68:f2: 00:7a:5d:e5:12:17:4b:56:4a:8e:df:94:12:1a:49: 7e:95:6e:87:04:bd:6f:ef:7e:00:f1:7c:7b:86:ce: 78:b5:6c:10:57:61:88:96:e2:88:58:84:0e:68:d0: 43:9e:c5:68:60:60:64:ef:25:98:3f:03:94:ec:77: e7:24:bf:9d:ac:3a:40:de:96:75:24:44:32:b1:cd: 19:ba:8a:05:48:11:e9:66:66:ac:06:70:c4:47:7e: 29:3a:9f:96:62:ab:c0:38:de:bd:2e:0c:08:ef:45: 6f:46:b2:ba:9b:29:b3:ae:ae:5e:fd:f8:bb:49:b1: 9f:95:b0:fa:ad:84:c9:00:47:f0:d3:67:0f:2f:3f: e3:1d:40:dd:fb:a3:1b:a0:6a:4e:2a:8e:f1:25:93: c3:04:1e:44:57:8a:17:2f:2f:3b:bb:31:ca:2a:c8: e0:cf:d8:c2:1c:59:c4:f9:eb:37:30:50:27:23:3b: ae:d7:d9:db:a3:1c:9f:c1:8a:19:0a:3a:16:66:b1: a4:12:41:3a:56:51:9d:98:e4:fb:11:9c:29:4b:3b: 81:25:ab:e6:3c:17:84:d2:99:66:c4:4d:c3:44:b1: 1a:c9:6a:d1:db:d8:09:1f:79:6c:b0:14:a1:92:3e: e3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:5D:11:EF:EF:B3:0F:3D:9D:7E:A6:A5:77:83:73:1A:7E:22:76:B7 X509v3 Authority Key Identifier: keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:9a:80:3f:8b:72:23:fa:58:d2:b8:57:8d:55:20:49:61:88: 4a:99:e0:8a:2a:da:e3:77:12:ab:d7:42:17:4e:e4:3f:b3:ee: eb:2c:c9:df:c5:19:66:e6:ed:b8:4a:cc:81:c9:0a:d2:12:a0: d2:6b:99:cf:9f:8a:26:d2:48:6d:34:56:a4:bc:38:24:e3:4b: 45:d2:98:2c:49:eb:2d:8a:87:10:58:fe:58:6d:e5:d4:4f:56: 62:db:e0:30:d1:97:a2:7a:8c:ce:15:70:c8:be:2f:ff:7d:83: 7b:c4:25:93:80:81:72:cb:05:08:ca:c3:0f:b2:49:b3:42:b8: ca:44:a7:2c:e3:a2:6f:1e:7f:7e:f4:c5:51:99:ea:83:f1:fa: c7:54:89:9a:23:28:3f:7d:9b:c8:df:13:ab:4b:1d:36:32:73: ca:18:a3:59:56:2f:f3:ee:e8:f2:03:26:ef:6f:2e:3a:a0:c6: 34:80:fe:b4:c9:7a:d8:63:53:6a:84:78:a0:f6:a5:7c:74:31: 1f:75:bf:83:56:99:8c:a8:1c:fd:b7:73:db:77:fb:51:19:dd: fe:73:e6:11:ab:9f:d5:45:33:d0:3a:28:ad:c6:31:66:4f:23: 11:0e:1c:ed:90:60:ad:1e:f7:d9:83:ac:fb:3d:a2:d0:bd:b0: 1a:fa:db:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtI79GzD0GpC0yQQ4fwgY4AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj OTJlZTQwHhcNMjUxMjIzMDIwMDM0WhcNMjUxMjI0MDIwMDM0WjAzMTEwLwYDVQQD Eyg5ZDVkMTFlZmVmYjMwZjNkOWQ3ZWE2YTU3NzgzNzMxYTdlMjI3NmI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTp3nQREB+yrPimgaPIAel3lEhdL VkqO35QSGkl+lW6HBL1v734A8Xx7hs54tWwQV2GIluKIWIQOaNBDnsVoYGBk7yWY PwOU7HfnJL+drDpA3pZ1JEQysc0ZuooFSBHpZmasBnDER34pOp+WYqvAON69LgwI 70VvRrK6mymzrq5e/fi7SbGflbD6rYTJAEfw02cPLz/jHUDd+6MboGpOKo7xJZPD BB5EV4oXLy87uzHKKsjgz9jCHFnE+es3MFAnIzuu19nboxyfwYoZCjoWZrGkEkE6 VlGdmOT7EZwpSzuBJavmPBeE0plmxE3DRLEayWrR29gJH3lssBShkj7j4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ1dEe/vsw89nX6mpXeDcxp+Ina3MB8GA1UdIwQY MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3 LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATJqAP4ty I/pY0rhXjVUgSWGISpngiira43cSq9dCF07kP7Pu6yzJ38UZZubtuErMgckK0hKg 0muZz5+KJtJIbTRWpLw4JONLRdKYLEnrLYqHEFj+WG3l1E9WYtvgMNGXonqMzhVw yL4v/32De8Qlk4CBcssFCMrDD7JJs0K4ykSnLOOibx5/fvTFUZnqg/H6x1SJmiMo P32byN8Tq0sdNjJzyhijWVYv8+7o8gMm728uOqDGNID+tMl62GNTaoR4oPalfHQx H3W/g1aZjKgc/bdz23f7URnd/nPmEauf1UUz0DoorcYxZk8jEQ4c7ZBgrR732YOs +z2i0L2wGvrbng== -----END CERTIFICATE-----Generated at Tue Dec 23 05:01:48 2025 by rpki-client