This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft File: i9lSvUDOCXP5EEEfWS426QE2wuo.mft (raw, json) Hash identifier: QN8SPtfXNnsY7DE9Lw7ArW/HgA9nOxjLh0eUyPtesAI= Subject key identifier: D5:41:A4:07:6B:D3:FD:DE:FD:8A:A9:DA:C9:C5:AE:96:F9:10:CA:08 Authority key identifier: 8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA Certificate issuer: /CN=8bd952bd40ce0973f910411f592e36e90136c2ea Certificate serial: 019AF276ACEDD4FC66A3A5626199D94B009F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft Manifest number: 08E1 Signing time: Sat 06 Dec 2025 07:00:54 +0000 Manifest this update: Sat 06 Dec 2025 07:00:54 +0000 Manifest next update: Sun 07 Dec 2025 07:00:54 +0000 Files and hashes: 1: i9lSvUDOCXP5EEEfWS426QE2wuo.crl (hash: r18YqYelnRTD56iimZeOIVoYCWDK6h3ZNjQ55ZG50zs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:ac:ed:d4:fc:66:a3:a5:62:61:99:d9:4b:00:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bd952bd40ce0973f910411f592e36e90136c2ea Validity Not Before: Dec 6 07:00:54 2025 GMT Not After : Dec 7 07:00:54 2025 GMT Subject: CN=d541a4076bd3fddefd8aa9dac9c5ae96f910ca08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:25:0e:cc:96:ec:02:a7:15:89:fa:a0:00:d8: cf:f8:6e:6f:5f:00:9e:1d:f3:b3:2a:ee:17:bf:e3: bf:8f:ee:c7:47:6c:69:c5:0c:fd:d1:30:e3:46:07: 28:05:c0:4d:24:29:96:f9:4e:d6:4e:e0:d1:ea:2e: e5:bb:86:b7:9d:dc:24:33:eb:bd:db:f3:34:a0:17: b4:c2:3d:a9:31:15:f9:2c:25:1a:60:e1:a1:21:fd: 5d:7d:66:fd:8a:9c:bf:9c:fe:a8:8c:b2:f7:c3:68: e1:c9:b1:7a:7d:6a:05:fb:79:3d:12:dd:5a:91:11: 69:5e:c9:56:a7:d2:97:82:50:8c:3d:26:30:37:b2: 85:92:d5:f6:43:81:9c:8a:9e:c4:09:73:5e:ce:54: 2e:71:7f:2e:58:8e:46:8d:91:ba:5b:9a:b8:ef:c8: a2:0d:dc:19:19:ed:f5:5f:63:12:ed:7a:1b:b1:d5: 70:c7:af:42:ad:e9:82:3a:26:5f:15:3a:03:eb:be: 94:58:65:28:3f:82:82:41:36:b5:ed:08:ff:a0:5b: 9b:01:a0:ed:17:75:f0:d8:c4:a5:92:a4:3d:47:b8: 5a:03:3d:89:e3:cd:18:75:81:9a:cf:23:11:8b:9e: ab:8b:cf:e8:e7:b5:c5:15:5e:43:41:d8:ed:9f:42: 01:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:41:A4:07:6B:D3:FD:DE:FD:8A:A9:DA:C9:C5:AE:96:F9:10:CA:08 X509v3 Authority Key Identifier: keyid:8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:e3:b4:dc:ce:08:6a:73:38:5e:71:d9:b8:a7:b7:a7:bb:73: 3f:e7:78:bc:5e:5c:c3:ad:3a:41:79:d0:95:ea:09:82:a0:0f: bd:b1:53:59:06:f7:5b:b6:23:b5:b9:02:4e:db:8c:18:d0:2a: c0:c2:1e:cd:f4:35:f4:2d:93:98:50:88:aa:58:70:9a:72:f5: 58:a8:f3:3e:af:50:62:3c:f9:36:55:25:12:d8:87:c4:90:39: 30:5b:1c:78:5f:a2:30:d2:63:f8:0c:67:27:e6:14:1d:90:da: 28:8f:37:c5:41:d1:e5:ec:94:c9:71:8f:ae:41:ca:b9:b6:bb: c2:13:6b:5c:4c:46:e1:34:0d:5e:05:9d:1e:30:2f:f9:30:e2: 65:8d:c0:88:50:07:1c:42:8e:1c:51:52:e5:63:dc:29:c8:cb: 33:5f:2c:15:20:56:65:9b:75:2f:78:0a:53:20:91:2a:61:36: 3f:fe:ba:d5:75:16:c1:f2:64:ce:a1:24:69:32:d8:c7:a1:03: 27:bd:cd:6c:a8:2a:96:ca:11:ed:29:8f:61:5c:ce:5d:b0:87: 5b:c5:71:8b:8f:ba:3e:a2:75:cb:3f:03:81:52:bf:7f:04:82: 09:5f:9b:52:9b:26:a3:01:2b:cc:1e:85:14:7e:60:63:ec:1f: 01:eb:67:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydqzt1Pxmo6ViYZnZSwCfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiZDk1MmJkNDBjZTA5NzNmOTEwNDExZjU5MmUzNmU5MDEz NmMyZWEwHhcNMjUxMjA2MDcwMDU0WhcNMjUxMjA3MDcwMDU0WjAzMTEwLwYDVQQD EyhkNTQxYTQwNzZiZDNmZGRlZmQ4YWE5ZGFjOWM1YWU5NmY5MTBjYTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCUOzJbsAqcVifqgANjP+G5vXwCe HfOzKu4Xv+O/j+7HR2xpxQz90TDjRgcoBcBNJCmW+U7WTuDR6i7lu4a3ndwkM+u9 2/M0oBe0wj2pMRX5LCUaYOGhIf1dfWb9ipy/nP6ojLL3w2jhybF6fWoF+3k9Et1a kRFpXslWp9KXglCMPSYwN7KFktX2Q4Gcip7ECXNezlQucX8uWI5GjZG6W5q478ii DdwZGe31X2MS7XobsdVwx69CremCOiZfFToD676UWGUoP4KCQTa17Qj/oFubAaDt F3Xw2MSlkqQ9R7haAz2J480YdYGazyMRi56ri8/o57XFFV5DQdjtn0IB3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVBpAdr0/3e/Yqp2snFrpb5EMoIMB8GA1UdIwQY MBaAFIvZUr1Azglz+RBBH1kuNukBNsLqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYt NWMyYWJlNTM5NGU2LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYtNWMyYWJlNTM5NGU2 LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAReO03M4I anM4XnHZuKe3p7tzP+d4vF5cw606QXnQleoJgqAPvbFTWQb3W7YjtbkCTtuMGNAq wMIezfQ19C2TmFCIqlhwmnL1WKjzPq9QYjz5NlUlEtiHxJA5MFsceF+iMNJj+Axn J+YUHZDaKI83xUHR5eyUyXGPrkHKuba7whNrXExG4TQNXgWdHjAv+TDiZY3AiFAH HEKOHFFS5WPcKcjLM18sFSBWZZt1L3gKUyCRKmE2P/661XUWwfJkzqEkaTLYx6ED J73NbKgqlsoR7SmPYVzOXbCHW8Vxi4+6PqJ1yz8DgVK/fwSCCV+bUpsmowErzB6F FH5gY+wfAetnaw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:03:27 2025 by rpki-client