This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft File: 8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json) Hash identifier: Ngm1s72XsL5MIGf33VIBalDFq+4vs+/krpUfwc4nUX8= Subject key identifier: 25:85:5C:2A:D1:10:7A:EB:D4:8F:8C:09:F7:41:34:C0:ED:2F:D3:21 Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 Certificate issuer: /CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Certificate serial: 019AF389F287AF5EAA9E2AC4AF2652EE66C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft Manifest number: 1316 Signing time: Sat 06 Dec 2025 12:01:35 +0000 Manifest this update: Sat 06 Dec 2025 12:01:35 +0000 Manifest next update: Sun 07 Dec 2025 12:01:35 +0000 Files and hashes: 1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: BBeJmdZ9JT+NMYJ2X7ad1BIeCvoJ8ZPCS+j0i+eNK3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:f2:87:af:5e:aa:9e:2a:c4:af:26:52:ee:66:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259 Validity Not Before: Dec 6 12:01:35 2025 GMT Not After : Dec 7 12:01:35 2025 GMT Subject: CN=25855c2ad1107aebd48f8c09f74134c0ed2fd321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d5:43:4c:16:62:98:27:6d:af:75:88:da:9e: f2:2f:e2:47:93:04:e8:dd:e0:f4:cf:ca:4d:b2:08: 98:c1:94:94:b9:1c:68:e2:4f:84:46:cb:51:06:14: bb:2a:20:3e:3e:5a:22:d4:e0:c7:45:2e:3b:8e:ab: d6:46:2e:b1:aa:98:6e:0d:c7:7e:f7:f5:40:44:e4: cd:4c:c7:32:2a:86:3e:40:8f:cb:75:a9:ac:e2:d4: b1:47:e6:29:ef:16:23:2c:b0:c2:32:b7:cf:24:d7: 35:f9:14:a0:10:b0:b1:0c:c1:76:ab:e4:cc:09:2e: 2b:3d:27:3b:80:01:f0:8b:0f:6c:a4:01:a9:f4:e9: 3c:8c:31:8a:4b:81:d3:70:15:2b:0e:58:cd:e4:59: 84:ba:92:a2:dd:3b:d2:a4:2c:52:66:35:82:08:ef: 17:ca:fb:1f:f0:8f:2a:95:ea:16:6a:24:f2:49:0e: a3:2b:c9:fc:ac:e8:5b:7d:da:b2:9f:92:dc:97:1d: 57:a5:57:5b:59:b5:40:ac:73:cb:74:64:8b:4e:47: 40:ca:14:ba:c4:1f:6f:b7:88:8c:e1:b3:67:a1:f7: ee:01:03:45:a9:16:0a:01:7b:db:a6:69:dd:0e:9d: dd:23:64:f1:c5:4e:e3:44:d4:c6:9e:06:c3:0b:c3: e7:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:85:5C:2A:D1:10:7A:EB:D4:8F:8C:09:F7:41:34:C0:ED:2F:D3:21 X509v3 Authority Key Identifier: keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:a3:de:64:18:1a:e6:5d:b0:d3:09:7a:8c:4a:42:3a:c8:8c: 47:75:ad:db:63:d8:bc:70:21:47:d2:cd:1a:7a:71:5d:bb:28: bb:92:1c:bc:1d:4c:1a:bc:8b:91:49:94:1d:e3:ea:3e:90:43: 39:18:59:58:d4:cd:1d:89:d2:a6:09:b7:dd:74:3e:6f:f8:50: 5e:e9:98:c1:c4:7d:ad:a1:b8:5a:5a:0b:2f:a1:fd:9f:f1:12: 64:c7:ac:64:b1:38:89:a6:21:f6:c6:17:be:e3:2a:36:b8:b2: 4f:6f:a3:d5:22:02:00:cc:36:58:7c:29:27:98:c7:6a:27:0b: 57:89:a4:17:6f:e3:d2:f3:5c:28:3b:5f:74:3a:dc:fb:f1:c8: 0d:f9:b4:f8:93:ce:ae:7e:11:72:ed:b6:8b:13:04:d7:81:fd: 04:54:ff:b2:db:ce:0c:c8:68:6d:99:23:56:36:74:d8:62:79: dc:14:dc:6f:22:0b:0c:bf:95:2c:cd:0c:29:e1:05:5c:b5:2b: 6b:44:14:11:26:23:dc:8f:78:b9:4d:84:f5:26:84:88:b5:eb: 8b:0b:93:2e:11:93:8b:fe:5f:8f:7e:9f:7c:85:87:20:f1:0e: 98:89:f5:f0:a4:67:84:1e:15:02:95:23:56:39:1e:0d:2c:4c: 1e:66:07:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzifKHr16qnirEryZS7mbFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx YzkyNTkwHhcNMjUxMjA2MTIwMTM1WhcNMjUxMjA3MTIwMTM1WjAzMTEwLwYDVQQD EygyNTg1NWMyYWQxMTA3YWViZDQ4ZjhjMDlmNzQxMzRjMGVkMmZkMzIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNVDTBZimCdtr3WI2p7yL+JHkwTo 3eD0z8pNsgiYwZSUuRxo4k+ERstRBhS7KiA+Ploi1ODHRS47jqvWRi6xqphuDcd+ 9/VAROTNTMcyKoY+QI/Ldams4tSxR+Yp7xYjLLDCMrfPJNc1+RSgELCxDMF2q+TM CS4rPSc7gAHwiw9spAGp9Ok8jDGKS4HTcBUrDljN5FmEupKi3TvSpCxSZjWCCO8X yvsf8I8qleoWaiTySQ6jK8n8rOhbfdqyn5Lclx1XpVdbWbVArHPLdGSLTkdAyhS6 xB9vt4iM4bNnoffuAQNFqRYKAXvbpmndDp3dI2TxxU7jRNTGngbDC8PnnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCWFXCrREHrr1I+MCfdBNMDtL9MhMB8GA1UdIwQY MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6PeZBga 5l2w0wl6jEpCOsiMR3Wt22PYvHAhR9LNGnpxXbsou5IcvB1MGryLkUmUHePqPpBD ORhZWNTNHYnSpgm33XQ+b/hQXumYwcR9raG4WloLL6H9n/ESZMesZLE4iaYh9sYX vuMqNriyT2+j1SICAMw2WHwpJ5jHaicLV4mkF2/j0vNcKDtfdDrc+/HIDfm0+JPO rn4Rcu22ixME14H9BFT/stvODMhobZkjVjZ02GJ53BTcbyILDL+VLM0MKeEFXLUr a0QUESYj3I94uU2E9SaEiLXriwuTLhGTi/5fj36ffIWHIPEOmIn18KRnhB4VApUj VjkeDSxMHmYHsw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:22:19 2025 by rpki-client