This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json) Hash identifier: Z+fV2CdtJPlDMsebP6c82CNxkEHS3icPCjpH8tJOB2I= Subject key identifier: 43:45:38:66:1E:96:F8:B4:6D:EC:AE:20:03:0A:24:5E:00:44:86:CC Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Certificate serial: 019B2F9E496756B1B1572AEBD0E211F5A2A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft Manifest number: 0866 Signing time: Thu 18 Dec 2025 04:01:01 +0000 Manifest this update: Thu 18 Dec 2025 04:01:01 +0000 Manifest next update: Fri 19 Dec 2025 04:01:01 +0000 Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: rT605em6Ay6V/a9VpqIC0fxI23icEq5vqtwYMg0AE4A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:49:67:56:b1:b1:57:2a:eb:d0:e2:11:f5:a2:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Validity Not Before: Dec 18 04:01:01 2025 GMT Not After : Dec 19 04:01:01 2025 GMT Subject: CN=434538661e96f8b46decae20030a245e004486cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:7e:75:f9:a8:78:65:b1:d2:51:16:c9:89:f2: ac:a8:35:f8:fe:62:85:eb:43:6d:11:96:47:18:60: 2d:b0:c5:06:ef:bf:fb:1d:a5:49:2c:33:10:a7:09: 90:1f:ad:9e:7b:a0:2e:e3:33:a2:4f:b3:28:64:0e: bf:f7:88:d9:79:ca:6c:fc:53:ac:5c:f3:5b:07:60: 73:8e:b9:c7:e0:f1:14:54:5e:a2:a4:1c:a6:bb:62: d6:9e:07:c0:68:3c:80:91:a0:1a:c6:bf:88:b6:12: df:dc:8b:61:f7:ea:5b:84:64:4c:1d:be:72:56:b5: ed:15:c6:c4:e2:95:00:ba:c0:ee:f5:06:9c:bb:07: 46:88:48:9c:00:ef:7d:4d:c1:1e:22:fd:b9:b1:82: 0a:64:cc:a3:19:36:af:00:b0:48:59:40:18:75:1e: 99:2a:a1:03:d9:79:e9:bd:e0:80:7d:73:ba:e4:d4: ed:4a:37:9c:91:b5:55:d9:f7:44:db:57:ca:bb:c2: 2d:cc:e5:10:99:13:6c:d5:25:a1:a8:ab:06:4b:02: 7b:04:6a:38:29:a4:88:e8:8e:7e:59:a5:bc:64:aa: 67:76:71:d8:c4:6b:fd:4a:9f:e0:37:89:eb:8f:8a: 28:c0:ea:46:5c:03:45:fc:96:4e:57:8b:99:d7:f4: 9f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:45:38:66:1E:96:F8:B4:6D:EC:AE:20:03:0A:24:5E:00:44:86:CC X509v3 Authority Key Identifier: keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:4d:17:df:97:fd:87:2c:47:73:fa:75:a4:d6:a1:72:45:95: 26:c3:a9:ff:50:43:84:85:e4:e4:0e:67:95:99:7b:d2:6a:bc: 34:15:ed:77:ee:fd:fc:9a:59:b8:91:5e:47:ce:0f:87:ae:46: 32:85:18:b1:50:62:3a:18:eb:0d:52:82:38:64:92:4b:ea:9c: 85:51:3f:8a:05:6a:c7:13:a4:ff:d6:04:4b:ba:12:d6:2b:66: 51:78:73:05:6a:cd:18:a6:f2:6e:08:d4:60:42:72:60:37:c8: 63:97:b0:b1:8c:dd:4e:cc:46:a4:86:43:4d:0b:60:1c:11:5b: ae:e9:23:c0:63:2e:8e:0a:cf:16:79:72:8c:22:f0:2c:12:f3: 92:e0:08:a1:ee:78:cd:e0:7d:4d:12:b6:e9:bf:6a:2f:19:5f: 70:a3:29:ed:27:0e:5f:76:2a:49:db:b6:ae:b7:7b:a9:c3:ac: ab:df:ea:f1:82:5d:eb:55:bf:0c:f7:e4:91:af:5a:97:a0:55: a6:08:7e:db:9c:79:71:3f:7b:17:f3:77:31:88:12:af:f8:f6: 0f:f5:1c:73:72:09:0f:b5:d4:03:ee:a4:59:38:b8:ad:14:7f: 2e:fa:59:de:cc:d4:c9:68:21:9e:42:b5:d5:ba:dd:5c:72:40: dc:3c:29:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnklnVrGxVyrr0OIR9aKiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl MmExNzgwHhcNMjUxMjE4MDQwMTAxWhcNMjUxMjE5MDQwMTAxWjAzMTEwLwYDVQQD Eyg0MzQ1Mzg2NjFlOTZmOGI0NmRlY2FlMjAwMzBhMjQ1ZTAwNDQ4NmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq351+ah4ZbHSURbJifKsqDX4/mKF 60NtEZZHGGAtsMUG77/7HaVJLDMQpwmQH62ee6Au4zOiT7MoZA6/94jZecps/FOs XPNbB2BzjrnH4PEUVF6ipBymu2LWngfAaDyAkaAaxr+IthLf3Ith9+pbhGRMHb5y VrXtFcbE4pUAusDu9QacuwdGiEicAO99TcEeIv25sYIKZMyjGTavALBIWUAYdR6Z KqED2XnpveCAfXO65NTtSjeckbVV2fdE21fKu8ItzOUQmRNs1SWhqKsGSwJ7BGo4 KaSI6I5+WaW8ZKpndnHYxGv9Sp/gN4nrj4oowOpGXANF/JZOV4uZ1/SfOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFENFOGYelvi0beyuIAMKJF4ARIbMMB8GA1UdIwQY MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgk0X35f9 hyxHc/p1pNahckWVJsOp/1BDhIXk5A5nlZl70mq8NBXtd+79/JpZuJFeR84Ph65G MoUYsVBiOhjrDVKCOGSSS+qchVE/igVqxxOk/9YES7oS1itmUXhzBWrNGKbybgjU YEJyYDfIY5ewsYzdTsxGpIZDTQtgHBFbrukjwGMujgrPFnlyjCLwLBLzkuAIoe54 zeB9TRK26b9qLxlfcKMp7ScOX3YqSdu2rrd7qcOsq9/q8YJd61W/DPfkka9al6BV pgh+25x5cT97F/N3MYgSr/j2D/Ucc3IJD7XUA+6kWTi4rRR/LvpZ3szUyWghnkK1 1brdXHJA3Dwp/g== -----END CERTIFICATE-----Generated at Thu Dec 18 07:12:02 2025 by rpki-client