This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft File: 8M0rO57YMSbUXboSAD1sbjWms4A.mft (raw, json) Hash identifier: HAtGB8Hm+KYJlhCtOXAev9O/T5dbJHowEWcMACDWS3c= Subject key identifier: 9F:4C:09:BD:1E:7E:AB:F2:9D:97:58:98:02:18:B7:F8:54:27:9B:FA Authority key identifier: F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80 Certificate issuer: /CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380 Certificate serial: 019B58D18A272BE9FD11A3AC871842AC7B6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft Manifest number: 14BD Signing time: Fri 26 Dec 2025 04:01:25 +0000 Manifest this update: Fri 26 Dec 2025 04:01:25 +0000 Manifest next update: Sat 27 Dec 2025 04:01:25 +0000 Files and hashes: 1: 8M0rO57YMSbUXboSAD1sbjWms4A.crl (hash: LW32IqxWHQfA7EXONql3Sz445oABl2FOhhYpOue8m4o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:8a:27:2b:e9:fd:11:a3:ac:87:18:42:ac:7b:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380 Validity Not Before: Dec 26 04:01:25 2025 GMT Not After : Dec 27 04:01:25 2025 GMT Subject: CN=9f4c09bd1e7eabf29d9758980218b7f854279bfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a6:13:38:b9:1d:17:b7:70:4b:ac:a9:ee:6e: 33:e3:13:81:d3:d0:fd:63:80:8b:8c:36:02:fc:d9: 3a:cf:2b:24:ff:48:1a:b9:b7:ce:7e:2f:e5:a8:2c: 48:32:fc:32:1b:40:d0:bc:56:fd:54:5b:27:a0:48: 94:18:4c:93:0e:90:35:90:a2:f7:1d:fd:5d:9f:c2: 2d:71:69:f4:cd:d0:51:62:4b:bb:42:34:2b:a6:bf: b2:85:61:8c:94:aa:7c:49:d5:73:26:66:54:60:4d: cd:6c:c4:2d:35:17:17:80:98:f6:49:e2:fa:81:fb: 9f:9e:61:a1:86:57:c8:56:00:c0:c4:e9:87:ee:87: 33:02:03:47:5f:25:98:c4:f8:17:1e:22:72:9f:01: 2f:31:8f:22:90:91:d5:8d:fc:ae:21:f8:09:d5:d1: ba:86:4c:87:03:28:c0:e6:e1:eb:35:f0:ed:d7:1a: d7:56:e5:3b:0e:49:78:9a:f6:69:46:42:3b:14:1e: 7f:46:84:53:7c:0a:60:c1:6e:f3:37:ed:c2:b1:b3: 24:42:a6:89:5c:eb:d5:23:5f:ac:1f:27:5e:eb:3b: ac:06:d8:0d:1a:08:31:b3:3d:e0:8d:d1:15:65:31: 26:44:63:fa:14:c2:47:4b:64:61:f2:bf:f2:11:4a: ac:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:4C:09:BD:1E:7E:AB:F2:9D:97:58:98:02:18:B7:F8:54:27:9B:FA X509v3 Authority Key Identifier: keyid:F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:c3:50:45:b1:fb:ee:22:e2:73:d7:19:fb:bd:73:98:0a:4c: f9:87:98:8f:cc:de:22:cc:28:e5:a6:ae:f1:57:1d:60:1d:d9: 6f:15:00:52:04:b8:19:d8:80:bf:f2:f9:93:11:ce:ba:a5:b4: 72:85:aa:39:d4:80:74:8e:68:2d:69:3f:90:ed:67:a5:ce:a7: 3b:80:92:87:c7:c4:6c:bb:50:38:e8:8b:2f:d7:02:ee:49:cb: b5:0f:82:2c:ce:a3:a5:5f:11:98:f8:c4:16:8e:7e:7e:a9:05: 6f:ee:58:da:03:11:39:04:ec:d1:0e:a7:bb:fc:77:f1:6d:2f: 03:1b:98:93:e4:17:a8:3c:60:41:01:1f:74:4c:2c:8d:4c:11: 72:90:72:17:47:78:39:00:33:fd:6b:6c:a2:86:67:3e:af:c5: ca:a4:89:0b:58:a7:36:fa:60:57:5a:32:f9:77:91:0c:3f:64: e4:a4:7d:51:d0:5d:3c:bd:79:11:02:d3:cc:6b:69:a3:b3:a9: f1:0b:2a:0d:a1:d5:23:c7:0c:23:34:9b:65:77:2d:13:da:c3: 13:b7:4c:ab:0e:95:33:6a:d6:c3:96:e1:88:f4:fd:85:45:c2: 32:39:1f:89:ab:65:e5:ed:f1:2e:4e:51:b1:9f:f8:b7:94:ef: 9a:28:9e:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0YonK+n9EaOshxhCrHtvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwY2QyYjNiOWVkODMxMjZkNDVkYmExMjAwM2Q2YzZlMzVh NmIzODAwHhcNMjUxMjI2MDQwMTI1WhcNMjUxMjI3MDQwMTI1WjAzMTEwLwYDVQQD Eyg5ZjRjMDliZDFlN2VhYmYyOWQ5NzU4OTgwMjE4YjdmODU0Mjc5YmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqYTOLkdF7dwS6yp7m4z4xOB09D9 Y4CLjDYC/Nk6zysk/0gaubfOfi/lqCxIMvwyG0DQvFb9VFsnoEiUGEyTDpA1kKL3 Hf1dn8ItcWn0zdBRYku7QjQrpr+yhWGMlKp8SdVzJmZUYE3NbMQtNRcXgJj2SeL6 gfufnmGhhlfIVgDAxOmH7oczAgNHXyWYxPgXHiJynwEvMY8ikJHVjfyuIfgJ1dG6 hkyHAyjA5uHrNfDt1xrXVuU7Dkl4mvZpRkI7FB5/RoRTfApgwW7zN+3CsbMkQqaJ XOvVI1+sHyde6zusBtgNGggxsz3gjdEVZTEmRGP6FMJHS2Rh8r/yEUqsdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ9MCb0efqvynZdYmAIYt/hUJ5v6MB8GA1UdIwQY MBaAFPDNKzue2DEm1F26EgA9bG41prOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQt N2M5ZTEwNTE3YzI1LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQtN2M5ZTEwNTE3YzI1 LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEsNQRbH7 7iLic9cZ+71zmApM+YeYj8zeIswo5aau8VcdYB3ZbxUAUgS4GdiAv/L5kxHOuqW0 coWqOdSAdI5oLWk/kO1npc6nO4CSh8fEbLtQOOiLL9cC7knLtQ+CLM6jpV8RmPjE Fo5+fqkFb+5Y2gMROQTs0Q6nu/x38W0vAxuYk+QXqDxgQQEfdEwsjUwRcpByF0d4 OQAz/WtsooZnPq/FyqSJC1inNvpgV1oy+XeRDD9k5KR9UdBdPL15EQLTzGtpo7Op 8QsqDaHVI8cMIzSbZXctE9rDE7dMqw6VM2rWw5bhiPT9hUXCMjkfiatl5e3xLk5R sZ/4t5TvmiiexQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:06:28 2025 by rpki-client