This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft File: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json) Hash identifier: 1GL8mkCfFNVaRCmH0dG3cd8cbhPm/wqMWhx95ouBncw= Subject key identifier: B2:9E:BE:41:8E:51:D5:DD:EA:7F:98:55:11:00:46:80:06:7A:10:3D Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80 Certificate issuer: /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080 Certificate serial: 019B3CEC7ABDAC6618AA00E422B2D3F9E215 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft Manifest number: 0C68 Signing time: Sat 20 Dec 2025 18:01:29 +0000 Manifest this update: Sat 20 Dec 2025 18:01:29 +0000 Manifest next update: Sun 21 Dec 2025 18:01:29 +0000 Files and hashes: 1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: 9QGuppeclIDn8BC49I80s0WdJPnR7amqurZ2GTcPEKM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:7a:bd:ac:66:18:aa:00:e4:22:b2:d3:f9:e2:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080 Validity Not Before: Dec 20 18:01:29 2025 GMT Not After : Dec 21 18:01:29 2025 GMT Subject: CN=b29ebe418e51d5ddea7f985511004680067a103d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:6c:f0:43:9d:6e:fc:6d:16:90:f0:e6:5d:ee: dd:24:dd:2d:b6:99:88:2f:6c:a2:a7:ce:ad:4d:ad: e2:16:43:c4:93:ad:10:ed:7c:aa:af:65:fc:61:48: 26:81:0a:89:6b:fb:a7:e4:4b:bf:07:32:11:9a:35: 64:61:fb:dc:80:55:31:2b:e9:93:e7:45:4d:d0:16: 19:54:16:7e:b4:63:8c:ac:16:6d:7b:88:4d:e9:8e: 85:a6:93:4a:b9:57:19:b5:55:3d:51:1a:92:23:d2: 6a:87:6c:c1:71:7b:0f:e7:35:eb:c6:57:97:d0:35: 16:13:2b:20:82:b1:b5:b4:de:83:49:b3:c3:dd:25: 59:4d:05:2d:e6:45:cf:94:a1:cb:36:c6:8b:ef:4a: 7e:4a:cf:45:97:f7:47:7b:22:ad:c8:f9:df:35:89: 7b:48:db:e8:ad:2d:49:ca:b7:76:a4:a0:39:d8:44: 4b:bd:34:aa:62:2d:67:2d:8c:c4:03:b8:ea:34:41: 71:eb:3f:3b:22:50:5c:f8:2a:9f:81:2b:4c:73:bc: 51:ea:66:93:86:90:6a:c2:c7:bc:bb:14:ae:6c:77: 85:fa:9d:f7:ac:22:89:7b:dd:58:cd:9b:6f:af:46: c7:99:24:bf:fe:35:f1:1e:0d:ce:60:32:a0:4f:2a: b0:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:9E:BE:41:8E:51:D5:DD:EA:7F:98:55:11:00:46:80:06:7A:10:3D X509v3 Authority Key Identifier: keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:ea:ac:8e:63:f5:fa:7b:33:06:8a:9d:03:31:72:d2:05:48: 32:bd:0e:78:64:ac:37:78:4f:a3:a3:9b:fd:b1:84:a8:2c:c3: 04:bf:ab:86:65:47:7a:69:45:6c:fa:60:a3:8b:e4:57:7a:90: fa:96:96:84:11:bd:01:da:19:f6:fe:1b:48:dd:10:d0:48:14: 1b:51:48:70:03:e5:0e:18:5c:cc:b3:49:cb:5c:33:45:9a:28: 10:38:51:c6:43:93:b4:dd:5c:6c:95:47:f1:ef:fa:01:92:8a: b3:18:53:17:eb:43:d9:5d:00:c7:ac:29:73:5f:01:95:1f:b9: 0d:d4:cd:73:8a:c7:98:4a:c8:75:3d:3e:b9:b6:37:0a:da:42: 54:6c:67:9a:2f:fe:0c:eb:b2:d4:3f:ff:06:27:9c:52:ad:ad: 71:99:9e:40:a6:d7:4f:28:79:e2:8f:04:63:d5:4f:e7:83:99: 09:70:ba:b7:89:89:72:5f:c4:58:22:42:9a:8d:7c:a8:e1:53: df:7b:c2:03:92:6f:b6:30:3a:b1:16:1e:f9:d0:d2:e3:9c:be: 05:97:7e:0b:77:6a:6d:a3:f9:6e:19:a7:92:bf:68:5a:9d:2a: e8:96:21:87:92:0d:b4:b2:0a:26:1f:e3:22:2f:70:ec:87:03: da:e5:d0:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87Hq9rGYYqgDkIrLT+eIVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy MmUwODAwHhcNMjUxMjIwMTgwMTI5WhcNMjUxMjIxMTgwMTI5WjAzMTEwLwYDVQQD EyhiMjllYmU0MThlNTFkNWRkZWE3Zjk4NTUxMTAwNDY4MDA2N2ExMDNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2zwQ51u/G0WkPDmXe7dJN0ttpmI L2yip86tTa3iFkPEk60Q7Xyqr2X8YUgmgQqJa/un5Eu/BzIRmjVkYfvcgFUxK+mT 50VN0BYZVBZ+tGOMrBZte4hN6Y6FppNKuVcZtVU9URqSI9Jqh2zBcXsP5zXrxleX 0DUWEysggrG1tN6DSbPD3SVZTQUt5kXPlKHLNsaL70p+Ss9Fl/dHeyKtyPnfNYl7 SNvorS1Jyrd2pKA52ERLvTSqYi1nLYzEA7jqNEFx6z87IlBc+CqfgStMc7xR6maT hpBqwse8uxSubHeF+p33rCKJe91YzZtvr0bHmSS//jXxHg3OYDKgTyqwSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKevkGOUdXd6n+YVREARoAGehA9MB8GA1UdIwQY MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjeqsjmP1 +nszBoqdAzFy0gVIMr0OeGSsN3hPo6Ob/bGEqCzDBL+rhmVHemlFbPpgo4vkV3qQ +paWhBG9AdoZ9v4bSN0Q0EgUG1FIcAPlDhhczLNJy1wzRZooEDhRxkOTtN1cbJVH 8e/6AZKKsxhTF+tD2V0Ax6wpc18BlR+5DdTNc4rHmErIdT0+ubY3CtpCVGxnmi/+ DOuy1D//BiecUq2tcZmeQKbXTyh54o8EY9VP54OZCXC6t4mJcl/EWCJCmo18qOFT 33vCA5JvtjA6sRYe+dDS45y+BZd+C3dqbaP5bhmnkr9oWp0q6JYhh5INtLIKJh/j Ii9w7IcD2uXQDg== -----END CERTIFICATE-----Generated at Sat Dec 20 22:25:35 2025 by rpki-client