This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft File: 8zXtZqwB15F1zk149nKh_kcgN4A.mft (raw, json) Hash identifier: GzYwTUyqu7WFZKksZfmgwSe+nWUR1wBQZyPXV4yLM7w= Subject key identifier: B3:93:62:F3:21:1A:46:CC:72:E6:49:DA:31:28:5D:49:E5:E4:BC:CF Authority key identifier: F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80 Certificate issuer: /CN=f335ed66ac01d79175ce4d78f672a1fe47203780 Certificate serial: 019AF540EBC12E49FCC8421D6C375BADC76E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft Manifest number: 0128 Signing time: Sat 06 Dec 2025 20:01:03 +0000 Manifest this update: Sat 06 Dec 2025 20:01:03 +0000 Manifest next update: Sun 07 Dec 2025 20:01:03 +0000 Files and hashes: 1: 8zXtZqwB15F1zk149nKh_kcgN4A.crl (hash: sjJU76+Xs1ab3Jr1m6B2Iy0y5Ezxt/klsxOHqFf9gW4=) 2: Gc7bIWg_002hRPQXdkZu34Nt1hk.roa (hash: rYe2LH24NobxlRDRXW8nW9SeQn4FShUkG8Kt27Qhtsg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:eb:c1:2e:49:fc:c8:42:1d:6c:37:5b:ad:c7:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f335ed66ac01d79175ce4d78f672a1fe47203780 Validity Not Before: Dec 6 20:01:03 2025 GMT Not After : Dec 7 20:01:03 2025 GMT Subject: CN=b39362f3211a46cc72e649da31285d49e5e4bccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ac:a7:ef:a1:28:fa:35:9c:18:ad:af:93:81: 7b:db:39:09:02:4b:47:aa:40:67:ea:ec:49:35:6f: 53:13:95:13:43:a6:b7:1f:a7:80:c7:75:46:6c:1b: e2:3f:53:5b:5f:08:40:28:73:82:c4:e8:bd:99:5b: 49:79:25:1f:d3:5e:9e:04:bd:eb:52:75:aa:74:5b: 29:d7:e4:5d:9c:7c:a6:c3:60:3b:df:ed:16:76:5f: 45:3d:6f:90:d2:4e:4d:46:75:5d:ae:fc:c3:a9:39: bd:74:e8:55:44:bd:4d:29:3d:f0:ca:ac:50:2f:d1: 59:5c:5a:3d:04:3d:e8:3a:b4:f7:9c:54:e6:4e:07: d0:a3:e6:2c:ad:53:70:ef:b9:eb:70:7b:2e:5a:8c: 57:b1:25:e2:b3:73:66:c1:87:1a:04:4d:af:b5:9e: 36:c5:c9:86:46:02:d8:68:47:d4:18:70:9e:04:ab: 4b:e5:2e:26:dc:3f:e0:fa:0f:42:55:b1:04:fe:62: 3b:8b:c7:8f:44:06:4e:e0:e1:7d:72:09:43:85:ea: a7:2b:ff:4a:92:2c:45:19:52:1f:35:85:64:e9:16: 4f:6a:bd:3a:1d:08:71:dc:fa:a1:bb:40:3f:4a:83: 14:21:0d:b5:f1:68:e0:0c:6d:1e:a1:22:ec:79:a2: 73:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:93:62:F3:21:1A:46:CC:72:E6:49:DA:31:28:5D:49:E5:E4:BC:CF X509v3 Authority Key Identifier: keyid:F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:87:0d:d6:99:5b:37:20:8d:92:bf:f9:d0:18:5c:c0:f9:f0: d0:d9:7b:dc:2d:d9:07:02:a1:02:45:9b:b4:a8:c5:ed:bc:1b: 6a:8f:45:bf:c3:9e:73:b4:28:e8:66:8d:b8:c8:a9:07:eb:09: 61:73:0a:39:59:4a:9e:d2:da:41:38:36:d9:12:ce:c6:84:71: 17:88:e8:53:85:79:d0:c0:54:28:97:e5:1c:b5:e9:58:8d:79: 0e:ae:fb:92:56:73:a1:4c:e0:d7:eb:04:6b:9c:be:f5:0f:e8: e8:ef:f2:63:ff:68:af:61:66:54:c2:8e:77:b7:ec:8b:46:e0: 19:f5:f6:6f:9b:0a:e2:10:f2:7a:bc:60:ee:12:d7:72:58:48: 2c:49:b2:91:8e:57:db:e4:1f:dc:e0:56:0b:9f:09:ca:1e:cc: 76:b4:05:c7:5a:ff:e1:4d:0d:93:c3:6c:e7:3c:8c:ec:29:26: 4a:57:11:ed:72:88:a7:2a:f1:fd:5e:df:47:49:63:9c:7f:34: 3e:44:0c:7c:33:19:38:fb:a0:bb:87:41:47:ae:51:36:f1:c5: 53:fc:70:43:11:98:41:65:f5:7a:33:ef:f2:d5:0d:a5:d1:f9: 9d:00:7d:7f:12:41:fa:62:52:60:24:fc:b5:3e:9f:3a:24:d7: 74:d1:af:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QOvBLkn8yEIdbDdbrcduMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMzVlZDY2YWMwMWQ3OTE3NWNlNGQ3OGY2NzJhMWZlNDcy MDM3ODAwHhcNMjUxMjA2MjAwMTAzWhcNMjUxMjA3MjAwMTAzWjAzMTEwLwYDVQQD EyhiMzkzNjJmMzIxMWE0NmNjNzJlNjQ5ZGEzMTI4NWQ0OWU1ZTRiY2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKyn76Eo+jWcGK2vk4F72zkJAktH qkBn6uxJNW9TE5UTQ6a3H6eAx3VGbBviP1NbXwhAKHOCxOi9mVtJeSUf016eBL3r UnWqdFsp1+RdnHymw2A73+0Wdl9FPW+Q0k5NRnVdrvzDqTm9dOhVRL1NKT3wyqxQ L9FZXFo9BD3oOrT3nFTmTgfQo+YsrVNw77nrcHsuWoxXsSXis3NmwYcaBE2vtZ42 xcmGRgLYaEfUGHCeBKtL5S4m3D/g+g9CVbEE/mI7i8ePRAZO4OF9cglDheqnK/9K kixFGVIfNYVk6RZPar06HQhx3Pqhu0A/SoMUIQ218WjgDG0eoSLseaJzuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLOTYvMhGkbMcuZJ2jEoXUnl5LzPMB8GA1UdIwQY MBaAFPM17WasAdeRdc5NePZyof5HIDeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEt NTBhY2JhZWVjN2NhLzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEtNTBhY2JhZWVjN2Nh LzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsocN1plb NyCNkr/50BhcwPnw0Nl73C3ZBwKhAkWbtKjF7bwbao9Fv8Oec7Qo6GaNuMipB+sJ YXMKOVlKntLaQTg22RLOxoRxF4joU4V50MBUKJflHLXpWI15Dq77klZzoUzg1+sE a5y+9Q/o6O/yY/9or2FmVMKOd7fsi0bgGfX2b5sK4hDyerxg7hLXclhILEmykY5X 2+Qf3OBWC58Jyh7MdrQFx1r/4U0Nk8Ns5zyM7CkmSlcR7XKIpyrx/V7fR0ljnH80 PkQMfDMZOPugu4dBR65RNvHFU/xwQxGYQWX1ejPv8tUNpdH5nQB9fxJB+mJSYCT8 tT6fOiTXdNGv8A== -----END CERTIFICATE-----Generated at Sat Dec 6 23:01:14 2025 by rpki-client