This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft File: 8KEScQQ06Frl_m-_Qedr3fk4GM8.mft (raw, json) Hash identifier: s3aAyUthoVGFB46797eiuYrEWUnBIN6FDpdvXVQza3E= Subject key identifier: 1E:91:CF:7D:EA:92:6B:0F:A8:8B:2C:59:D0:CC:36:53:FC:BB:FA:95 Authority key identifier: F0:A1:12:71:04:34:E8:5A:E5:FE:6F:BF:41:E7:6B:DD:F9:38:18:CF Certificate issuer: /CN=f0a112710434e85ae5fe6fbf41e76bddf93818cf Certificate serial: 019AF20960094975BBBA07BB8299C97810AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft Manifest number: 05DA Signing time: Sat 06 Dec 2025 05:01:31 +0000 Manifest this update: Sat 06 Dec 2025 05:01:31 +0000 Manifest next update: Sun 07 Dec 2025 05:01:31 +0000 Files and hashes: 1: 8KEScQQ06Frl_m-_Qedr3fk4GM8.crl (hash: rPa7Z/RE2rRZPWUJ5rNZcItEhsS9OmRTbZXI5V9Tjl0=) 2: QxzsJBZ0KnjdWggXNkiPE3mxTiE.roa (hash: wp71B9vMq7Np21xWaUokwt4Wn7Ga2Zz2FhWmCQz4Lj0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:60:09:49:75:bb:ba:07:bb:82:99:c9:78:10:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0a112710434e85ae5fe6fbf41e76bddf93818cf Validity Not Before: Dec 6 05:01:31 2025 GMT Not After : Dec 7 05:01:31 2025 GMT Subject: CN=1e91cf7dea926b0fa88b2c59d0cc3653fcbbfa95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:e8:15:6b:14:e8:a2:89:48:2b:13:3e:53:2e: 44:1b:0f:a8:4c:13:91:25:c0:1f:a4:1a:97:b2:30: 4c:37:3f:d0:8b:4c:62:3f:4c:76:57:bc:86:83:42: 2b:cb:a7:7f:87:05:7c:96:83:87:ed:b0:06:34:7e: 72:fd:4f:71:78:ff:62:54:32:4b:bc:9c:4c:df:1e: 41:4c:8c:13:f5:1c:f4:b2:8d:a3:26:b5:54:54:8d: 45:5b:56:64:fd:fe:af:a2:db:68:28:e6:57:2c:c2: 77:d7:71:fb:06:73:3f:3f:4d:09:a2:1f:80:c2:db: 09:36:cf:13:e9:24:8d:24:ac:37:c6:fe:bd:2f:d7: ac:39:2a:f9:af:f7:c5:1f:28:34:22:44:c2:b7:28: 65:66:3b:09:89:99:c7:ae:e2:af:ee:a5:7e:c1:e7: 69:3b:de:d0:83:7f:f7:69:8e:da:5f:60:9a:23:bc: 09:34:d8:b5:13:a2:c2:5d:67:64:31:f2:ad:70:ee: ce:9e:2b:51:5a:bc:b9:41:75:31:ae:38:27:d6:de: 8c:16:48:86:a9:72:d6:89:88:d8:ba:41:1d:44:0f: 99:ec:51:72:3a:94:ee:4a:5d:15:e3:29:b1:ca:e2: b0:9b:cf:1c:4d:85:33:bd:23:87:d2:ee:db:21:28: 87:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:91:CF:7D:EA:92:6B:0F:A8:8B:2C:59:D0:CC:36:53:FC:BB:FA:95 X509v3 Authority Key Identifier: keyid:F0:A1:12:71:04:34:E8:5A:E5:FE:6F:BF:41:E7:6B:DD:F9:38:18:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KEScQQ06Frl_m-_Qedr3fk4GM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/294a81-5237-4bf3-a05b-a88a4d094af0/1/8KEScQQ06Frl_m-_Qedr3fk4GM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:5b:47:7b:ae:16:43:09:6c:91:84:38:e9:25:01:fc:e4:41: 5a:ed:64:0c:51:dc:32:93:8f:aa:a6:78:b5:1e:45:9b:99:41: d4:d8:ef:b7:02:27:5e:28:06:77:cb:01:d7:17:86:f5:a7:dd: 65:e6:9c:14:78:7e:48:09:12:72:b9:5a:1e:77:cb:28:71:f0: 88:08:c8:82:ec:24:80:42:ed:d0:d8:bf:cb:b4:59:b6:ce:3a: 48:63:12:05:63:1c:58:21:f4:1c:a0:b0:1c:51:89:ba:ea:0b: 26:40:d7:3c:88:3b:56:1c:75:c8:b4:9f:11:a7:28:65:a2:37: 08:4d:90:3b:15:83:f8:77:f6:38:c2:42:28:6c:80:93:3f:43: fe:2c:f7:9f:ae:15:e6:58:e8:53:7e:f9:f8:04:15:55:5f:f0: 60:41:fa:e8:6c:cd:3f:1c:25:a0:42:e6:26:70:0f:aa:d4:24: 79:4c:46:c3:23:8e:4c:f7:09:03:3a:d2:0b:d4:25:20:ca:59: aa:7c:f2:ed:24:7a:e6:27:c2:f3:cb:5d:1a:72:05:82:5c:5c: d0:ba:07:d2:ea:0f:12:5e:49:12:a3:60:e9:9b:3b:e2:a3:38: 6b:32:d7:3c:2f:70:6c:e3:3a:1b:a3:2c:2b:d6:a7:5b:41:67: 60:c2:09:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCWAJSXW7uge7gpnJeBCvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwYTExMjcxMDQzNGU4NWFlNWZlNmZiZjQxZTc2YmRkZjkz ODE4Y2YwHhcNMjUxMjA2MDUwMTMxWhcNMjUxMjA3MDUwMTMxWjAzMTEwLwYDVQQD EygxZTkxY2Y3ZGVhOTI2YjBmYTg4YjJjNTlkMGNjMzY1M2ZjYmJmYTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOgVaxTooolIKxM+Uy5EGw+oTBOR JcAfpBqXsjBMNz/Qi0xiP0x2V7yGg0Iry6d/hwV8loOH7bAGNH5y/U9xeP9iVDJL vJxM3x5BTIwT9Rz0so2jJrVUVI1FW1Zk/f6vottoKOZXLMJ313H7BnM/P00Joh+A wtsJNs8T6SSNJKw3xv69L9esOSr5r/fFHyg0IkTCtyhlZjsJiZnHruKv7qV+wedp O97Qg3/3aY7aX2CaI7wJNNi1E6LCXWdkMfKtcO7OnitRWry5QXUxrjgn1t6MFkiG qXLWiYjYukEdRA+Z7FFyOpTuSl0V4ymxyuKwm88cTYUzvSOH0u7bISiHqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB6Rz33qkmsPqIssWdDMNlP8u/qVMB8GA1UdIwQY MBaAFPChEnEENOha5f5vv0Hna935OBjPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yOTRhODEtNTIzNy00YmYzLWEwNWIt YTg4YTRkMDk0YWYwLzEvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS8yOTRhODEtNTIzNy00YmYzLWEwNWItYTg4YTRkMDk0YWYw LzEvOEtFU2NRUTA2RnJsX20tX1FlZHIzZms0R004LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADltHe64W QwlskYQ46SUB/ORBWu1kDFHcMpOPqqZ4tR5Fm5lB1NjvtwInXigGd8sB1xeG9afd ZeacFHh+SAkScrlaHnfLKHHwiAjIguwkgELt0Ni/y7RZts46SGMSBWMcWCH0HKCw HFGJuuoLJkDXPIg7Vhx1yLSfEacoZaI3CE2QOxWD+Hf2OMJCKGyAkz9D/iz3n64V 5ljoU375+AQVVV/wYEH66GzNPxwloELmJnAPqtQkeUxGwyOOTPcJAzrSC9QlIMpZ qnzy7SR65ifC88tdGnIFglxc0LoH0uoPEl5JEqNg6Zs74qM4azLXPC9wbOM6G6Ms K9anW0FnYMIJcg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:49 2025 by rpki-client