This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft File: H8jtRm3i5spZZNHu0PJA3dJR3kg.mft (raw, json) Hash identifier: fVRt9YP/NVD7Uj1t3zusayL7+js3gpHiKnxtuGTiyBw= Subject key identifier: F8:AC:C9:C1:72:CD:61:F4:F3:F6:45:4D:49:16:74:F9:A1:FD:D1:13 Authority key identifier: 1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48 Certificate issuer: /CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48 Certificate serial: 019AF1D23F5AE4A4242365FDEE38A024836D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft Manifest number: 16B8 Signing time: Sat 06 Dec 2025 04:01:18 +0000 Manifest this update: Sat 06 Dec 2025 04:01:18 +0000 Manifest next update: Sun 07 Dec 2025 04:01:18 +0000 Files and hashes: 1: H8jtRm3i5spZZNHu0PJA3dJR3kg.crl (hash: AjzBMvf4V/NQAhoRRxo90Yx4yAHN8mjGua7BmEL359k=) 2: nevmretTwrxwqsKKQjHFsjVUEY0.roa (hash: fWFJu1Hs2S96Xtm1+v7RRTX9W7ZYHV7fdQSuyQbPzQU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:3f:5a:e4:a4:24:23:65:fd:ee:38:a0:24:83:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fc8ed466de2e6ca5964d1eed0f240ddd251de48 Validity Not Before: Dec 6 04:01:18 2025 GMT Not After : Dec 7 04:01:18 2025 GMT Subject: CN=f8acc9c172cd61f4f3f6454d491674f9a1fdd113 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:70:84:a7:ef:de:ab:84:f6:45:16:2b:09:d7: 04:91:5d:20:56:90:2d:8c:1a:02:3d:6a:8d:63:ba: b0:f9:60:83:58:fa:c6:27:3c:99:53:56:58:d6:a9: 6e:23:13:97:7f:d2:61:44:4b:df:6c:25:67:dd:64: 5d:56:46:5e:1a:5f:d0:4a:00:ef:55:0a:e7:69:51: b3:b8:f5:9c:a9:0c:c2:32:b7:0f:8e:f1:9f:bc:e9: 03:5f:cc:38:72:80:db:0c:63:53:70:31:b2:2d:99: 97:49:a3:1d:c4:04:6c:86:08:04:2e:f1:d6:aa:d5: a4:90:da:37:e3:37:e3:9d:58:10:39:28:f6:fe:2e: 83:76:fa:0b:e5:a3:3e:fe:eb:12:98:f0:80:79:7a: 6b:64:4a:64:5c:0a:b0:e5:1b:90:16:4b:dd:a5:54: cd:5f:87:21:ce:05:e1:67:2a:0e:68:3d:48:c4:de: 05:85:a8:e8:43:57:7c:fc:a9:20:9a:66:63:e9:e9: 33:10:c9:8f:7a:fe:2c:4d:78:70:2c:52:64:a4:81: 22:3d:93:34:20:d4:4a:6f:bb:d1:bc:da:7f:10:2c: 11:ec:bc:a3:90:49:d7:03:9f:94:ff:4f:1a:56:0e: 22:81:da:76:c6:69:08:5e:1b:cb:72:f9:a9:ef:15: 8a:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:AC:C9:C1:72:CD:61:F4:F3:F6:45:4D:49:16:74:F9:A1:FD:D1:13 X509v3 Authority Key Identifier: keyid:1F:C8:ED:46:6D:E2:E6:CA:59:64:D1:EE:D0:F2:40:DD:D2:51:DE:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8jtRm3i5spZZNHu0PJA3dJR3kg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ca2ace-94ad-44cb-9809-f48d4babd50f/1/H8jtRm3i5spZZNHu0PJA3dJR3kg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:b9:b7:92:e0:33:83:cb:fd:7b:12:4d:79:65:97:39:76:eb: 90:8c:d9:60:fb:06:c7:7b:17:0f:b1:69:80:96:26:c3:49:a5: 3e:e4:5b:33:70:e4:b0:60:c5:15:06:fd:25:67:67:34:77:b5: 69:ed:5b:00:70:f3:2b:68:8e:a7:ee:0b:8d:c7:fa:3b:17:41: 64:76:96:ec:e5:fe:44:32:4d:3b:91:6d:17:ba:cb:79:33:23: 18:29:fa:3a:b8:fc:d1:95:19:f9:89:f4:5a:4f:07:a2:14:de: fd:ea:31:70:eb:26:ac:79:16:38:9d:68:38:a4:3e:b6:36:26: 6b:5f:c2:0a:27:17:58:65:75:1a:80:8c:2e:1b:22:8f:52:3d: 09:ad:3e:5b:ef:93:44:58:11:11:cb:32:21:3d:3f:1f:b0:f2: 34:41:38:ed:a2:4c:e0:a8:27:1e:fa:de:2f:f1:80:71:ff:33: 0e:5b:c8:9a:b1:5a:fb:85:e2:ce:59:ef:c2:40:fd:d1:46:bc: bd:b7:c6:7b:65:1f:8d:60:56:64:1a:67:0f:f0:b1:84:5a:fb: 45:0d:48:7f:e4:7f:16:e9:67:51:34:4b:70:a8:e7:4c:f1:81: f2:e5:2f:08:9d:f3:a0:ef:8d:3f:29:86:94:bf:52:be:8d:4f: f7:8b:e2:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0j9a5KQkI2X97jigJINtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmYzhlZDQ2NmRlMmU2Y2E1OTY0ZDFlZWQwZjI0MGRkZDI1 MWRlNDgwHhcNMjUxMjA2MDQwMTE4WhcNMjUxMjA3MDQwMTE4WjAzMTEwLwYDVQQD EyhmOGFjYzljMTcyY2Q2MWY0ZjNmNjQ1NGQ0OTE2NzRmOWExZmRkMTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XCEp+/eq4T2RRYrCdcEkV0gVpAt jBoCPWqNY7qw+WCDWPrGJzyZU1ZY1qluIxOXf9JhREvfbCVn3WRdVkZeGl/QSgDv VQrnaVGzuPWcqQzCMrcPjvGfvOkDX8w4coDbDGNTcDGyLZmXSaMdxARshggELvHW qtWkkNo34zfjnVgQOSj2/i6DdvoL5aM+/usSmPCAeXprZEpkXAqw5RuQFkvdpVTN X4chzgXhZyoOaD1IxN4FhajoQ1d8/KkgmmZj6ekzEMmPev4sTXhwLFJkpIEiPZM0 INRKb7vRvNp/ECwR7LyjkEnXA5+U/08aVg4igdp2xmkIXhvLcvmp7xWKBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPisycFyzWH08/ZFTUkWdPmh/dETMB8GA1UdIwQY MBaAFB/I7UZt4ubKWWTR7tDyQN3SUd5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDkt ZjQ4ZDRiYWJkNTBmLzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9jYTJhY2UtOTRhZC00NGNiLTk4MDktZjQ4ZDRiYWJkNTBm LzEvSDhqdFJtM2k1c3BaWk5IdTBQSkEzZEpSM2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7m3kuAz g8v9exJNeWWXOXbrkIzZYPsGx3sXD7FpgJYmw0mlPuRbM3DksGDFFQb9JWdnNHe1 ae1bAHDzK2iOp+4Ljcf6OxdBZHaW7OX+RDJNO5FtF7rLeTMjGCn6Orj80ZUZ+Yn0 Wk8HohTe/eoxcOsmrHkWOJ1oOKQ+tjYma1/CCicXWGV1GoCMLhsij1I9Ca0+W++T RFgREcsyIT0/H7DyNEE47aJM4KgnHvreL/GAcf8zDlvImrFa+4XizlnvwkD90Ua8 vbfGe2UfjWBWZBpnD/CxhFr7RQ1If+R/FulnUTRLcKjnTPGB8uUvCJ3zoO+NPymG lL9Svo1P94vi8g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:10:40 2025 by rpki-client