This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json) Hash identifier: 7Y9oSMCFt/pzUbRCV3/AO183hsqw4PT8ixBZ5rUfJvY= Subject key identifier: B8:5E:6A:61:F8:DC:84:C2:DE:C8:07:0F:10:54:BB:62:B0:31:57:9C Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4 Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4 Certificate serial: 019AF208AC8F3F99C0D764512C452E310523 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft Manifest number: 0B35 Signing time: Sat 06 Dec 2025 05:00:45 +0000 Manifest this update: Sat 06 Dec 2025 05:00:45 +0000 Manifest next update: Sun 07 Dec 2025 05:00:45 +0000 Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: d71csjqNI2syL1g69NIGELWDENEWz0/EU2HLPKPmimw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:ac:8f:3f:99:c0:d7:64:51:2c:45:2e:31:05:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4 Validity Not Before: Dec 6 05:00:45 2025 GMT Not After : Dec 7 05:00:45 2025 GMT Subject: CN=b85e6a61f8dc84c2dec8070f1054bb62b031579c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:86:40:45:22:aa:0d:af:30:6f:3f:ad:b8:26: 41:27:76:ca:1a:9e:95:ec:bd:8a:78:8a:d4:34:27: f5:61:d7:fa:b5:4b:20:f9:64:0d:50:e2:36:2f:14: 7b:bc:af:23:2d:a4:82:00:0d:b0:99:9e:41:77:87: 56:67:c2:2f:0c:3c:75:79:46:98:69:e8:c6:2f:5c: c1:46:7c:47:bd:97:61:21:e0:07:f2:c8:5d:96:d6: e2:ec:bd:ae:28:2b:d9:83:31:0f:44:1d:c8:aa:85: af:e1:65:ae:92:53:2c:8b:59:13:fe:34:af:6c:98: 08:6a:f3:b0:e4:47:37:2a:64:c6:1c:4c:57:7b:39: 05:b7:dc:0a:56:fe:aa:31:16:4a:1f:d7:8d:85:f2: 6d:e0:e2:2d:9e:5a:9a:44:a4:41:48:4e:83:fe:cd: 6d:c9:40:3e:68:be:e6:95:8a:0d:bb:19:7f:ea:34: a6:c3:09:71:aa:a5:b4:a3:96:b5:87:c1:54:78:e9: f8:97:6f:2d:34:bc:e7:f9:b2:2d:18:af:40:9b:4d: 0e:73:55:f2:cc:dc:e1:02:94:c2:a8:27:36:7f:af: 97:9c:f3:82:1d:27:26:b8:b0:a4:64:42:e2:2c:4b: 30:13:ad:22:19:80:2f:64:4b:c4:62:1e:b4:c0:fc: 11:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:5E:6A:61:F8:DC:84:C2:DE:C8:07:0F:10:54:BB:62:B0:31:57:9C X509v3 Authority Key Identifier: keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:aa:cc:b5:4e:00:db:39:01:f3:fd:6e:09:ab:a8:51:11:1e: ba:f4:36:05:13:fd:35:e7:7e:5c:71:16:db:4d:99:f1:ae:25: 46:1d:bd:87:b7:d5:83:af:65:16:17:70:e9:e5:05:a5:f3:2e: 04:b9:ac:9a:2d:45:ff:81:34:85:f4:c1:44:20:f2:54:93:7c: 50:7e:21:33:5c:79:f7:86:3b:8b:0d:63:34:91:25:18:4a:3f: eb:c3:64:7c:61:fd:9a:8c:7a:33:73:7f:d3:b4:3a:27:e2:c5: 6f:bd:46:63:a0:c4:34:06:5a:1d:f0:c8:68:c4:63:df:4a:21: 96:7c:44:85:d0:54:29:aa:39:ab:69:92:f8:58:6b:5f:08:9f: a5:f4:ab:c2:2e:f9:96:8a:1d:52:01:6b:3f:83:b7:a5:07:05: 48:ff:15:e3:cb:f3:a1:38:9d:89:39:dd:27:9b:2e:d8:39:77: 9c:d6:c6:42:ec:09:35:3c:b7:62:4a:03:55:39:fa:4b:46:6c: 98:1d:b4:fb:5a:6a:29:59:19:46:34:c1:33:8b:8d:79:fe:c4: cc:5d:b4:34:f7:c8:6f:6a:d6:70:70:24:fa:21:e7:e7:de:14: 5e:2f:c7:c6:d0:79:b9:02:8c:78:66:18:a8:c3:bd:16:0c:f3: a0:94:fd:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCKyPP5nA12RRLEUuMQUjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj OTJlZTQwHhcNMjUxMjA2MDUwMDQ1WhcNMjUxMjA3MDUwMDQ1WjAzMTEwLwYDVQQD EyhiODVlNmE2MWY4ZGM4NGMyZGVjODA3MGYxMDU0YmI2MmIwMzE1NzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooZARSKqDa8wbz+tuCZBJ3bKGp6V 7L2KeIrUNCf1Ydf6tUsg+WQNUOI2LxR7vK8jLaSCAA2wmZ5Bd4dWZ8IvDDx1eUaY aejGL1zBRnxHvZdhIeAH8shdltbi7L2uKCvZgzEPRB3IqoWv4WWuklMsi1kT/jSv bJgIavOw5Ec3KmTGHExXezkFt9wKVv6qMRZKH9eNhfJt4OItnlqaRKRBSE6D/s1t yUA+aL7mlYoNuxl/6jSmwwlxqqW0o5a1h8FUeOn4l28tNLzn+bItGK9Am00Oc1Xy zNzhApTCqCc2f6+XnPOCHScmuLCkZELiLEswE60iGYAvZEvEYh60wPwRUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLheamH43ITC3sgHDxBUu2KwMVecMB8GA1UdIwQY MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3 LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6rMtU4A 2zkB8/1uCauoUREeuvQ2BRP9Ned+XHEW202Z8a4lRh29h7fVg69lFhdw6eUFpfMu BLmsmi1F/4E0hfTBRCDyVJN8UH4hM1x594Y7iw1jNJElGEo/68NkfGH9mox6M3N/ 07Q6J+LFb71GY6DENAZaHfDIaMRj30ohlnxEhdBUKao5q2mS+FhrXwifpfSrwi75 loodUgFrP4O3pQcFSP8V48vzoTidiTndJ5su2Dl3nNbGQuwJNTy3YkoDVTn6S0Zs mB20+1pqKVkZRjTBM4uNef7EzF20NPfIb2rWcHAk+iHn594UXi/HxtB5uQKMeGYY qMO9FgzzoJT9Bw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:34:37 2025 by rpki-client