This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft File: 8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json) Hash identifier: FsBs696dS0O9MQOCM2rOY2pCpYOBvaOKbYGTdmxR7L4= Subject key identifier: D5:0D:44:91:B0:1B:A4:D6:F0:1A:BE:02:2B:34:28:4A:AD:01:39:9E Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 Certificate issuer: /CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Certificate serial: 019B31561519B2C872234BE09516F0124646 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft Manifest number: 1336 Signing time: Thu 18 Dec 2025 12:01:23 +0000 Manifest this update: Thu 18 Dec 2025 12:01:23 +0000 Manifest next update: Fri 19 Dec 2025 12:01:23 +0000 Files and hashes: 1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: cPTqRa+rNMaw8ac/da8xxnyZiu6tFTycp+KULqj1U78=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 12:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:56:15:19:b2:c8:72:23:4b:e0:95:16:f0:12:46:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Validity Not Before: Dec 18 12:01:23 2025 GMT Not After : Dec 19 12:01:23 2025 GMT Subject: CN=d50d4491b01ba4d6f01abe022b34284aad01399e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:6d:e1:da:51:b1:cc:4c:ca:49:d0:f0:b4:a8: f9:ca:81:6c:db:51:d3:b4:64:ad:d3:da:d0:c7:f3: 35:fa:25:3c:ae:f7:d2:89:1d:a4:b3:34:14:2b:17: a4:d1:ac:64:82:fa:18:fd:20:bc:27:7a:55:18:a3: d3:38:5f:ff:86:2a:97:8d:54:78:b6:3c:f3:06:3e: bb:13:a8:7b:d2:49:21:69:0b:36:ef:dc:23:a8:47: 96:aa:0f:49:01:ba:70:a9:e9:54:17:89:86:43:bc: f2:cd:63:f3:20:11:0c:14:48:ee:ce:ab:22:29:85: 15:48:4c:0b:9c:4c:64:56:b9:e2:d8:4d:4e:fc:40: 5b:ed:92:37:6d:fd:60:1f:79:e5:38:06:69:e6:52: 3d:a7:bf:53:8a:f1:b7:b8:b1:89:e8:79:b5:54:65: 2a:8a:33:2d:db:cf:13:cc:21:a2:4f:f3:72:f3:a2: 36:12:07:50:25:48:b2:28:1b:b3:aa:9b:cb:a4:82: e5:b1:fe:fb:60:3b:b2:f0:e4:aa:5d:f1:84:14:59: 04:da:bc:3c:26:b3:30:4d:dc:6e:19:32:e2:4c:f2: ab:36:b2:95:6c:99:ba:6e:2a:7e:fd:87:83:75:1f: 5e:44:f7:7a:df:fa:1f:ae:36:ea:94:91:d2:e7:64: 2c:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:0D:44:91:B0:1B:A4:D6:F0:1A:BE:02:2B:34:28:4A:AD:01:39:9E X509v3 Authority Key Identifier: keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:70:96:3b:9e:15:5b:78:f1:05:b4:69:7d:28:08:91:7a:9a: 59:ee:02:54:6d:c0:41:94:a2:ae:08:d9:07:1c:96:1e:b4:2a: 92:4d:70:df:c3:91:ef:ee:34:27:d9:df:aa:44:c6:af:b9:ef: af:85:87:07:5c:ab:46:90:7b:15:c9:1b:85:e0:48:3a:90:17: 1f:59:2c:49:5e:85:ee:85:64:fe:60:03:f4:f7:39:c7:47:72: 96:c9:3f:da:df:a8:74:84:8b:89:5b:71:a4:84:34:5d:c2:46: 9f:ce:3a:80:8a:68:a3:96:a1:ea:c5:40:d2:49:48:41:bb:58: ca:c9:e3:c7:9c:01:14:b2:78:a1:be:e6:47:65:13:fe:40:36: 0c:75:60:c7:bd:fe:9a:9b:60:ce:c6:7c:d2:17:9d:99:e8:09: 71:61:ef:5f:89:08:03:96:ac:9e:27:37:db:b4:68:0f:64:04: e5:60:78:64:ff:45:b7:a3:9b:b7:7f:a7:9d:06:53:e4:aa:75: f6:5c:78:7b:21:52:5c:ab:9e:9a:b2:d7:b6:34:a3:9b:66:5b: 58:2b:d0:ed:26:17:9b:56:29:1d:bc:a2:02:8d:e1:8d:be:3e: f9:64:f3:8f:08:e1:09:a8:51:25:ac:d8:c0:65:85:75:4c:f8: 7c:de:e4:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxVhUZsshyI0vglRbwEkZGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx YzkyNTkwHhcNMjUxMjE4MTIwMTIzWhcNMjUxMjE5MTIwMTIzWjAzMTEwLwYDVQQD EyhkNTBkNDQ5MWIwMWJhNGQ2ZjAxYWJlMDIyYjM0Mjg0YWFkMDEzOTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG3h2lGxzEzKSdDwtKj5yoFs21HT tGSt09rQx/M1+iU8rvfSiR2kszQUKxek0axkgvoY/SC8J3pVGKPTOF//hiqXjVR4 tjzzBj67E6h70kkhaQs279wjqEeWqg9JAbpwqelUF4mGQ7zyzWPzIBEMFEjuzqsi KYUVSEwLnExkVrni2E1O/EBb7ZI3bf1gH3nlOAZp5lI9p79TivG3uLGJ6Hm1VGUq ijMt288TzCGiT/Ny86I2EgdQJUiyKBuzqpvLpILlsf77YDuy8OSqXfGEFFkE2rw8 JrMwTdxuGTLiTPKrNrKVbJm6bip+/YeDdR9eRPd63/ofrjbqlJHS52QsbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNUNRJGwG6TW8Bq+Ais0KEqtATmeMB8GA1UdIwQY MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJHCWO54V W3jxBbRpfSgIkXqaWe4CVG3AQZSirgjZBxyWHrQqkk1w38OR7+40J9nfqkTGr7nv r4WHB1yrRpB7FckbheBIOpAXH1ksSV6F7oVk/mAD9Pc5x0dylsk/2t+odISLiVtx pIQ0XcJGn846gIpoo5ah6sVA0klIQbtYysnjx5wBFLJ4ob7mR2UT/kA2DHVgx73+ mptgzsZ80hedmegJcWHvX4kIA5asnic327RoD2QE5WB4ZP9Ft6Obt3+nnQZT5Kp1 9lx4eyFSXKuemrLXtjSjm2ZbWCvQ7SYXm1YpHbyiAo3hjb4++WTzjwjhCahRJazY wGWFdUz4fN7kiQ== -----END CERTIFICATE-----Generated at Thu Dec 18 20:35:34 2025 by rpki-client