This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft File: 8HHkN5gsw0b26BfKZIknI-21QZo.mft (raw, json) Hash identifier: 18ua//mFjYLKCsho0vSrwB+IYBk0RX8j2zl0ap33IIQ= Subject key identifier: 0C:89:67:E8:98:0B:64:E8:11:35:C4:0A:E7:44:8E:07:4A:DE:72:CC Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a Certificate serial: 019AF38924B94C5130EA75367869D2F46CD2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft Manifest number: 10C3 Signing time: Sat 06 Dec 2025 12:00:42 +0000 Manifest this update: Sat 06 Dec 2025 12:00:42 +0000 Manifest next update: Sun 07 Dec 2025 12:00:42 +0000 Files and hashes: 1: 8HHkN5gsw0b26BfKZIknI-21QZo.crl (hash: O3fRmJ7lnU+6yWrBcYUWjo1I2J0yRVG8+i8PHNRasE4=) 2: Wb0clcxCuCcUH9RDxENV44_1l9w.roa (hash: IOO34gWbQwbQwVQDhS544nKGrCLE+a+zuAW9waRkyRU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:24:b9:4c:51:30:ea:75:36:78:69:d2:f4:6c:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a Validity Not Before: Dec 6 12:00:42 2025 GMT Not After : Dec 7 12:00:42 2025 GMT Subject: CN=0c8967e8980b64e81135c40ae7448e074ade72cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:28:fc:af:ac:e2:60:4f:4e:bb:ff:84:c3:0e: 7d:de:f4:f1:23:03:ea:dc:b7:eb:8c:1e:20:c5:f7: a2:a1:5a:a8:8e:43:07:65:5c:e3:36:62:2c:4c:7c: 4e:96:89:dc:83:3c:2e:a9:8b:87:83:af:4b:f4:f6: 7b:a7:f8:cc:36:ce:50:96:32:23:a1:a7:0a:9e:bd: 50:73:29:f6:86:81:a7:96:3f:de:4e:ae:fd:3e:1c: 84:f6:ec:5a:b2:55:8a:b7:8b:fd:7e:14:cb:d6:08: f9:77:ed:4b:f6:7d:a3:f4:76:6d:7e:2b:c0:a6:5a: 68:1b:4e:7a:fc:f6:7a:43:68:30:45:6e:c6:e1:33: cb:e8:c0:99:a7:fd:a7:25:44:c9:6d:c8:a5:ad:cf: 49:1d:dd:f1:42:b7:03:0b:9a:81:88:de:d4:4c:c8: 74:f7:30:09:38:28:81:4d:bc:23:41:5d:9a:61:34: 3a:b5:00:39:30:3d:64:d7:fd:f4:5e:c2:e9:4a:6d: fd:ee:0d:df:42:b9:70:ee:f7:79:2a:26:fc:46:62: fc:ce:c6:0d:03:e6:82:0b:2e:f5:5f:23:ef:dc:8f: 67:62:5f:23:22:bc:f4:0b:58:89:f6:9a:b8:07:49: cf:b2:77:5b:5d:d9:4b:ec:e1:5c:d4:7b:cd:a8:be: 0c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:89:67:E8:98:0B:64:E8:11:35:C4:0A:E7:44:8E:07:4A:DE:72:CC X509v3 Authority Key Identifier: keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:8b:e5:b0:90:25:91:02:09:67:46:90:fe:53:69:02:4b:77: 2b:72:73:37:bc:8c:8e:b5:69:8c:fa:95:91:a6:93:08:11:86: 31:81:1d:1f:fe:4a:2f:03:68:81:bc:93:58:b5:79:17:5b:72: 45:ff:0f:a8:52:f1:92:21:ac:fc:dd:0b:c7:ed:b3:74:61:6c: f3:d6:cc:eb:d1:13:94:90:39:c0:d1:df:98:57:08:91:08:bf: 0d:48:97:00:7c:ec:0c:4e:95:c7:6f:c5:e1:b5:b8:37:94:5b: 12:0f:ed:0c:ae:87:e1:91:47:4e:3f:7b:9f:c8:05:15:d0:59: 81:34:54:db:33:bd:3a:bc:ab:8b:b5:18:11:6d:6e:7c:0a:4c: df:54:85:4e:46:c3:e8:53:e4:10:f4:5f:d9:7b:41:5c:4d:28: c2:ba:23:b5:42:83:eb:6c:07:2a:db:f6:b3:44:4f:78:01:11: 12:1d:2c:d2:95:53:62:f6:c6:36:43:7f:c7:99:86:fb:5d:b6: 06:12:b5:62:2f:85:db:e9:1d:95:8e:9a:90:c1:ff:3e:2d:81: 30:de:79:a1:54:e9:3e:ff:6a:c8:fe:93:7d:c0:13:a9:3e:47: 7d:9b:c7:1f:4d:8b:ab:2c:8d:21:e7:2f:2a:9a:ca:a7:99:1d: 1b:d9:24:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziSS5TFEw6nU2eGnS9GzSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi NTQxOWEwHhcNMjUxMjA2MTIwMDQyWhcNMjUxMjA3MTIwMDQyWjAzMTEwLwYDVQQD EygwYzg5NjdlODk4MGI2NGU4MTEzNWM0MGFlNzQ0OGUwNzRhZGU3MmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Sj8r6ziYE9Ou/+Eww593vTxIwPq 3LfrjB4gxfeioVqojkMHZVzjNmIsTHxOloncgzwuqYuHg69L9PZ7p/jMNs5QljIj oacKnr1Qcyn2hoGnlj/eTq79PhyE9uxaslWKt4v9fhTL1gj5d+1L9n2j9HZtfivA plpoG056/PZ6Q2gwRW7G4TPL6MCZp/2nJUTJbcilrc9JHd3xQrcDC5qBiN7UTMh0 9zAJOCiBTbwjQV2aYTQ6tQA5MD1k1/30XsLpSm397g3fQrlw7vd5Kib8RmL8zsYN A+aCCy71XyPv3I9nYl8jIrz0C1iJ9pq4B0nPsndbXdlL7OFc1HvNqL4MswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAyJZ+iYC2ToETXECudEjgdK3nLMMB8GA1UdIwQY MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct NzhjYjU5Yjc4YTRmLzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKIvlsJAl kQIJZ0aQ/lNpAkt3K3JzN7yMjrVpjPqVkaaTCBGGMYEdH/5KLwNogbyTWLV5F1ty Rf8PqFLxkiGs/N0Lx+2zdGFs89bM69ETlJA5wNHfmFcIkQi/DUiXAHzsDE6Vx2/F 4bW4N5RbEg/tDK6H4ZFHTj97n8gFFdBZgTRU2zO9Oryri7UYEW1ufApM31SFTkbD 6FPkEPRf2XtBXE0owrojtUKD62wHKtv2s0RPeAEREh0s0pVTYvbGNkN/x5mG+122 BhK1Yi+F2+kdlY6akMH/Pi2BMN55oVTpPv9qyP6TfcATqT5HfZvHH02LqyyNIecv KprKp5kdG9kkXw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:07:26 2025 by rpki-client