This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft File: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft (raw, json) Hash identifier: 2ipn8Slu7B1rdiGckavg8aA8WxyC0XkOhj+BvJdEv+Y= Subject key identifier: 7E:D3:5E:1A:A2:2F:FF:66:8D:B3:C3:3F:53:B1:2A:19:5E:9D:B3:EE Authority key identifier: F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7 Certificate issuer: /CN=f08a2cec7101f21773defc5916c08b01c18590e7 Certificate serial: 019AF2E441D4A694387FF5BFF3E8C92AB776 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft Manifest number: 7E Signing time: Sat 06 Dec 2025 09:00:36 +0000 Manifest this update: Sat 06 Dec 2025 09:00:36 +0000 Manifest next update: Sun 07 Dec 2025 09:00:36 +0000 Files and hashes: 1: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl (hash: cPIO1sUztVPXpvAUm8wbKvg39kJYvAqgJKIZZa+Ejj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:41:d4:a6:94:38:7f:f5:bf:f3:e8:c9:2a:b7:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f08a2cec7101f21773defc5916c08b01c18590e7 Validity Not Before: Dec 6 09:00:36 2025 GMT Not After : Dec 7 09:00:36 2025 GMT Subject: CN=7ed35e1aa22fff668db3c33f53b12a195e9db3ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c7:4b:21:cb:4e:9b:fe:2b:3b:a4:84:13:85: 9b:92:2c:f3:c5:b0:51:55:c0:b4:3a:fb:da:1d:72: 3d:72:a7:6a:fa:cb:05:66:31:0a:4d:f3:85:46:c4: 42:87:49:8a:4c:bf:fe:d5:d7:85:e1:20:f4:05:4a: 53:85:b4:1e:04:cc:34:32:10:3d:23:4b:b2:8b:25: c9:d7:0a:3c:3e:eb:7b:04:4a:6f:15:ff:b3:28:27: 7f:3a:6a:3a:3c:97:5a:0d:d3:24:7a:43:64:b1:7b: f7:65:45:55:52:56:1a:ec:b4:10:31:01:ca:df:70: 08:1c:af:38:e4:3b:1a:2c:46:d5:7a:99:94:f4:92: 0f:61:ee:94:3a:79:16:4b:50:96:1a:af:35:ca:e0: a4:4a:ef:9e:71:87:03:8d:c5:1b:85:17:4d:8d:a7: 0c:5d:ab:f1:92:bd:6e:ff:6c:b7:b3:69:a7:d3:6e: 50:67:f6:19:ea:c8:9b:01:79:25:6c:ec:ee:45:89: a2:67:b4:d9:3a:b9:b1:97:27:27:41:32:44:e2:3a: 3b:1a:e6:61:5f:55:90:06:7c:c5:0c:1d:a5:fb:6d: 29:ac:41:19:b0:1f:01:31:48:7d:c4:68:fe:bd:9c: c6:1c:b4:49:3f:d7:6f:f2:1c:d9:04:32:81:13:d1: ae:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:D3:5E:1A:A2:2F:FF:66:8D:B3:C3:3F:53:B1:2A:19:5E:9D:B3:EE X509v3 Authority Key Identifier: keyid:F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:07:9e:1d:ef:96:48:e6:b4:2e:ac:fd:71:6a:dc:6e:3c:95: d9:c7:aa:81:44:d8:42:c7:7c:ab:23:94:13:b0:63:2b:ef:8d: 5c:03:7c:82:aa:e3:52:e3:a9:41:2e:65:47:90:94:c8:ba:95: 85:31:d9:48:cb:4c:c3:d8:5a:85:e7:9c:0a:50:d6:28:9b:75: bf:36:d6:20:e9:3d:b0:56:db:c7:62:bf:f2:a1:ae:89:5e:00: c0:0f:e4:28:e5:6e:11:e9:19:db:cb:fc:03:41:5b:5d:ab:21: 62:fc:d8:31:6c:5c:b8:f3:76:46:1a:cd:a0:31:e7:9c:19:8a: 70:66:79:2a:2f:35:ae:83:0c:9c:56:d0:00:82:c5:f8:3f:5f: cb:6e:c8:46:d5:3b:63:1f:10:07:95:52:0b:65:df:56:45:9d: cd:12:56:db:ea:a2:25:f1:97:59:f1:6e:0c:95:0d:72:93:3b: 40:8a:a0:0b:3b:9b:fd:cf:e3:14:33:9d:4c:6a:65:ff:c9:f6: c0:e5:48:d4:b0:24:97:ef:13:2c:f3:16:d6:0a:1b:96:9d:a7: fe:4f:28:02:05:90:8c:dd:9c:2f:7b:f0:0b:67:ca:b3:9c:25: 3e:7e:69:26:de:ba:b6:fe:52:15:1a:b6:ff:a1:3d:b7:7d:1d: d9:76:43:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5EHUppQ4f/W/8+jJKrd2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwOGEyY2VjNzEwMWYyMTc3M2RlZmM1OTE2YzA4YjAxYzE4 NTkwZTcwHhcNMjUxMjA2MDkwMDM2WhcNMjUxMjA3MDkwMDM2WjAzMTEwLwYDVQQD Eyg3ZWQzNWUxYWEyMmZmZjY2OGRiM2MzM2Y1M2IxMmExOTVlOWRiM2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMdLIctOm/4rO6SEE4WbkizzxbBR VcC0OvvaHXI9cqdq+ssFZjEKTfOFRsRCh0mKTL/+1deF4SD0BUpThbQeBMw0MhA9 I0uyiyXJ1wo8Put7BEpvFf+zKCd/Omo6PJdaDdMkekNksXv3ZUVVUlYa7LQQMQHK 33AIHK845DsaLEbVepmU9JIPYe6UOnkWS1CWGq81yuCkSu+ecYcDjcUbhRdNjacM Xavxkr1u/2y3s2mn025QZ/YZ6sibAXklbOzuRYmiZ7TZOrmxlycnQTJE4jo7GuZh X1WQBnzFDB2l+20prEEZsB8BMUh9xGj+vZzGHLRJP9dv8hzZBDKBE9GuhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH7TXhqiL/9mjbPDP1OxKhlenbPuMB8GA1UdIwQY MBaAFPCKLOxxAfIXc978WRbAiwHBhZDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTct NjViNjQwOGJkZmZlLzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTctNjViNjQwOGJkZmZl LzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARweeHe+W SOa0Lqz9cWrcbjyV2ceqgUTYQsd8qyOUE7BjK++NXAN8gqrjUuOpQS5lR5CUyLqV hTHZSMtMw9haheecClDWKJt1vzbWIOk9sFbbx2K/8qGuiV4AwA/kKOVuEekZ28v8 A0FbXashYvzYMWxcuPN2RhrNoDHnnBmKcGZ5Ki81roMMnFbQAILF+D9fy27IRtU7 Yx8QB5VSC2XfVkWdzRJW2+qiJfGXWfFuDJUNcpM7QIqgCzub/c/jFDOdTGpl/8n2 wOVI1LAkl+8TLPMW1goblp2n/k8oAgWQjN2cL3vwC2fKs5wlPn5pJt66tv5SFRq2 /6E9t30d2XZD9A== -----END CERTIFICATE-----Generated at Sat Dec 6 16:16:23 2025 by rpki-client