This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft File: 8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json) Hash identifier: kMoW3V6/HBY36Q43sEKen31c+XY9PXtpENZ+nByI5UQ= Subject key identifier: E8:63:5F:19:8E:A0:3E:BF:0E:E1:D2:B5:C5:85:C1:54:C4:40:7A:CB Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8 Certificate issuer: /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8 Certificate serial: 019AF19B61248556BD478AF8DD05A7CD0436 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft Manifest number: 14AA Signing time: Sat 06 Dec 2025 03:01:23 +0000 Manifest this update: Sat 06 Dec 2025 03:01:23 +0000 Manifest next update: Sun 07 Dec 2025 03:01:23 +0000 Files and hashes: 1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: AiBwQQslujHWdM7VpNHQFXdIXvT/r2ku2APg98w8wr0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:61:24:85:56:bd:47:8a:f8:dd:05:a7:cd:04:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8 Validity Not Before: Dec 6 03:01:23 2025 GMT Not After : Dec 7 03:01:23 2025 GMT Subject: CN=e8635f198ea03ebf0ee1d2b5c585c154c4407acb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3d:32:2d:4a:ec:9f:a2:07:55:7e:f5:57:54: 7d:5b:d3:fb:50:db:16:e0:b7:14:41:7f:42:73:74: 26:da:8b:68:a7:04:04:5d:12:2a:bb:5a:21:6f:90: dd:a1:41:01:30:e1:4b:fe:31:a8:8e:0a:4e:fa:36: 0f:a2:b8:b5:8e:c2:40:c8:16:f5:e9:33:38:15:1c: 15:f1:be:cb:04:8b:38:7f:22:9d:63:12:58:89:86: 66:85:16:82:64:09:7a:25:8e:e0:25:4c:35:da:7b: 77:a5:6e:10:c9:1d:47:f5:31:cc:de:87:45:13:91: 3c:05:aa:a0:47:b9:95:2c:5c:3e:05:3f:f0:ad:5a: 5b:5d:cb:a7:62:b7:ab:d8:a1:37:ad:b9:2a:1f:a8: 97:e6:5d:dc:26:96:7f:92:9d:be:ec:7b:35:65:7a: 8b:04:26:f0:71:e7:59:1d:04:70:59:43:55:43:10: 24:fe:43:ca:60:bb:8f:6c:15:d6:37:8b:a8:ce:b5: 3f:cc:18:8d:c8:72:07:24:ba:9b:26:d9:31:bc:67: 87:cf:cf:e9:a9:03:db:6c:69:0f:57:50:90:ec:4d: 6a:66:89:41:b9:bb:24:87:a7:73:06:fd:8b:91:e7: 5e:58:5e:02:3a:fa:94:f5:16:e0:96:d4:6a:94:6d: 10:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:63:5F:19:8E:A0:3E:BF:0E:E1:D2:B5:C5:85:C1:54:C4:40:7A:CB X509v3 Authority Key Identifier: keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:24:0a:5f:3e:24:70:7f:97:95:26:63:58:a0:71:6c:12:ee: 56:93:7e:08:59:dd:7c:05:74:1b:8f:93:91:3a:6b:8b:c6:89: 82:32:c7:2a:e3:97:a8:26:89:06:92:bc:4f:06:d6:f4:5b:e0: 46:b9:72:cb:40:66:3a:2a:1d:8c:c3:c2:73:1c:8f:c8:b4:25: b6:47:91:0d:38:f9:fc:3a:9a:cd:c8:cd:00:dd:53:6b:63:1d: 0c:69:09:e4:25:71:92:59:2f:3e:c7:98:82:27:cf:68:75:67: b6:e7:f4:7f:05:8c:ce:26:8a:69:00:40:40:67:e5:09:e3:45: 0c:28:6b:88:61:97:35:a0:33:09:c7:5c:e1:86:54:60:95:58: f9:df:58:41:cd:79:e3:3d:b1:81:64:63:f0:34:e5:23:db:66: e1:91:6d:06:73:5d:e5:99:97:d3:e0:f3:34:93:9f:b9:46:76: 83:b4:4b:c1:0e:b3:90:48:4e:66:52:08:85:39:4f:45:2d:b6: 7a:ef:10:d9:16:8b:83:7e:96:9f:7b:05:56:bb:94:82:58:57: 0b:ac:26:8f:f0:af:4e:12:f7:d2:e8:d4:fd:81:e6:ff:48:ff: 11:78:59:91:90:50:f9:eb:0c:32:e6:d0:d5:b0:ac:83:0d:ed: 72:65:11:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2EkhVa9R4r43QWnzQQ2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy YmI5YzgwHhcNMjUxMjA2MDMwMTIzWhcNMjUxMjA3MDMwMTIzWjAzMTEwLwYDVQQD EyhlODYzNWYxOThlYTAzZWJmMGVlMWQyYjVjNTg1YzE1NGM0NDA3YWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj0yLUrsn6IHVX71V1R9W9P7UNsW 4LcUQX9Cc3Qm2otopwQEXRIqu1ohb5DdoUEBMOFL/jGojgpO+jYPori1jsJAyBb1 6TM4FRwV8b7LBIs4fyKdYxJYiYZmhRaCZAl6JY7gJUw12nt3pW4QyR1H9THM3odF E5E8BaqgR7mVLFw+BT/wrVpbXcunYrer2KE3rbkqH6iX5l3cJpZ/kp2+7Hs1ZXqL BCbwcedZHQRwWUNVQxAk/kPKYLuPbBXWN4uozrU/zBiNyHIHJLqbJtkxvGeHz8/p qQPbbGkPV1CQ7E1qZolBubskh6dzBv2LkedeWF4COvqU9RbgltRqlG0QDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOhjXxmOoD6/DuHStcWFwVTEQHrLMB8GA1UdIwQY MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyQKXz4k cH+XlSZjWKBxbBLuVpN+CFndfAV0G4+TkTpri8aJgjLHKuOXqCaJBpK8TwbW9Fvg Rrlyy0BmOiodjMPCcxyPyLQltkeRDTj5/DqazcjNAN1Ta2MdDGkJ5CVxklkvPseY gifPaHVntuf0fwWMziaKaQBAQGflCeNFDChriGGXNaAzCcdc4YZUYJVY+d9YQc15 4z2xgWRj8DTlI9tm4ZFtBnNd5ZmX0+DzNJOfuUZ2g7RLwQ6zkEhOZlIIhTlPRS22 eu8Q2RaLg36Wn3sFVruUglhXC6wmj/CvThL30ujU/YHm/0j/EXhZkZBQ+esMMubQ 1bCsgw3tcmUR6g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:18 2025 by rpki-client