This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft File: 8cgdjkJn0tRetlJQoqSCULX7Uls.mft (raw, json) Hash identifier: HngGad3OXbmS3nc+p+ulPquOmb81joXR2OEXct1/Sv8= Subject key identifier: 5E:C3:B1:67:55:CA:D6:73:80:94:E6:6A:74:E6:36:39:17:E9:BE:5E Authority key identifier: F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B Certificate issuer: /CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b Certificate serial: 019AF12CEE9B208958D7D09C80A06666DCB2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft Manifest number: 0B85 Signing time: Sat 06 Dec 2025 01:00:44 +0000 Manifest this update: Sat 06 Dec 2025 01:00:44 +0000 Manifest next update: Sun 07 Dec 2025 01:00:44 +0000 Files and hashes: 1: 8cgdjkJn0tRetlJQoqSCULX7Uls.crl (hash: GGoyqfDIf1SXKP2ilEFPHOXASGU0ELZjPoz3up3JdnA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:ee:9b:20:89:58:d7:d0:9c:80:a0:66:66:dc:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b Validity Not Before: Dec 6 01:00:44 2025 GMT Not After : Dec 7 01:00:44 2025 GMT Subject: CN=5ec3b16755cad6738094e66a74e6363917e9be5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:8e:a5:eb:96:80:f8:6e:ab:59:7e:02:fa:6d: 78:05:af:43:d3:70:4b:d9:d8:22:57:0d:00:ea:f5: ce:41:e3:57:ed:bb:20:21:72:7e:f9:de:02:28:ca: 2e:81:bd:36:a0:80:be:fc:67:45:be:01:69:b1:cd: dc:77:bf:ae:58:b5:b1:29:43:6d:be:54:a5:99:52: db:32:5b:01:60:78:83:fa:60:df:fd:5c:b5:92:cd: d4:5a:0b:31:9e:ad:6d:18:32:9e:e6:e0:8f:48:b1: dc:f0:2c:dc:f8:47:17:3d:9e:ca:cb:58:a8:71:fc: 16:cb:7e:a0:e3:af:1f:2a:c7:ae:43:92:18:f0:1b: ad:cc:5e:97:97:7f:f4:09:23:5b:d9:bf:8b:fb:02: 33:29:3a:e6:66:e3:88:fb:83:26:76:26:73:5b:db: ca:c7:9c:4c:fc:f3:8e:8b:ee:2a:5c:a9:31:69:f0: 31:4d:75:14:44:5b:f7:34:2b:c9:80:77:76:f2:9d: 78:5d:2a:3e:1f:f6:f6:a9:09:c8:15:8c:6e:4b:4e: d6:4c:5f:cb:41:63:7b:12:53:14:ca:2b:b9:32:e7: eb:4a:9d:c1:64:9a:ed:fb:6e:f8:01:fa:da:8a:5f: 90:95:4e:48:13:ad:c0:7c:7c:da:a2:0d:39:80:ab: af:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:C3:B1:67:55:CA:D6:73:80:94:E6:6A:74:E6:36:39:17:E9:BE:5E X509v3 Authority Key Identifier: keyid:F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:e0:a9:da:da:68:6e:69:cb:03:86:bd:53:6e:28:79:e3:bc: f3:b9:4f:85:0b:cc:42:94:fe:9a:dc:59:dd:76:15:b6:2d:5f: 7e:5f:7c:80:3f:25:38:b1:c7:9c:c7:01:c8:b3:79:7c:72:12: a3:f6:45:5d:d3:cc:0d:59:d0:09:c4:8a:31:29:9a:ce:28:a6: 31:af:db:26:c1:b5:f1:7e:6b:28:5c:ee:fa:21:c1:0a:5c:22: 8b:c2:6c:9a:cc:74:e3:f5:df:a9:e0:79:17:6f:96:33:13:18: 10:34:74:48:c1:45:cb:cd:e2:8f:ab:8f:45:73:5e:b1:e4:f9: 17:c5:6f:2f:82:44:a1:20:0c:05:47:40:b5:de:da:ee:23:37: e8:ea:cd:0c:47:26:3e:44:4d:44:5c:71:c8:38:1f:f2:14:1a: e2:4c:a4:b9:e1:0b:90:28:3d:3f:41:e3:1d:a1:78:f5:45:46: 4b:7f:39:92:95:72:95:b9:6d:6e:56:b7:13:87:e4:44:9b:25: a9:92:f1:f9:d2:63:58:a6:43:77:ca:34:58:d9:c6:0b:d7:bd: 05:33:35:b8:b8:03:0e:fe:c9:2e:a5:e9:38:54:9f:8d:f5:c8: cf:fe:6c:ca:f5:46:66:50:5a:26:44:fc:76:68:9d:07:49:c0: c7:55:aa:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLO6bIIlY19CcgKBmZtyyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYxYzgxZDhlNDI2N2QyZDQ1ZWI2NTI1MGEyYTQ4MjUwYjVm YjUyNWIwHhcNMjUxMjA2MDEwMDQ0WhcNMjUxMjA3MDEwMDQ0WjAzMTEwLwYDVQQD Eyg1ZWMzYjE2NzU1Y2FkNjczODA5NGU2NmE3NGU2MzYzOTE3ZTliZTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo46l65aA+G6rWX4C+m14Ba9D03BL 2dgiVw0A6vXOQeNX7bsgIXJ++d4CKMougb02oIC+/GdFvgFpsc3cd7+uWLWxKUNt vlSlmVLbMlsBYHiD+mDf/Vy1ks3UWgsxnq1tGDKe5uCPSLHc8Czc+EcXPZ7Ky1io cfwWy36g468fKseuQ5IY8ButzF6Xl3/0CSNb2b+L+wIzKTrmZuOI+4MmdiZzW9vK x5xM/POOi+4qXKkxafAxTXUURFv3NCvJgHd28p14XSo+H/b2qQnIFYxuS07WTF/L QWN7ElMUyiu5MufrSp3BZJrt+274Afrail+QlU5IE63AfHzaog05gKuvcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF7DsWdVytZzgJTmanTmNjkX6b5eMB8GA1UdIwQY MBaAFPHIHY5CZ9LUXrZSUKKkglC1+1JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgt MzYyYmI1NDQ2MDg1LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgtMzYyYmI1NDQ2MDg1 LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+Cp2tpo bmnLA4a9U24oeeO887lPhQvMQpT+mtxZ3XYVti1ffl98gD8lOLHHnMcByLN5fHIS o/ZFXdPMDVnQCcSKMSmaziimMa/bJsG18X5rKFzu+iHBClwii8Jsmsx04/XfqeB5 F2+WMxMYEDR0SMFFy83ij6uPRXNeseT5F8VvL4JEoSAMBUdAtd7a7iM36OrNDEcm PkRNRFxxyDgf8hQa4kykueELkCg9P0HjHaF49UVGS385kpVylbltbla3E4fkRJsl qZLx+dJjWKZDd8o0WNnGC9e9BTM1uLgDDv7JLqXpOFSfjfXIz/5syvVGZlBaJkT8 dmidB0nAx1WqBw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:57 2025 by rpki-client