This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json) Hash identifier: ZQk8Hje9xb7Td2tcfaKmVOdSy/jQOt18PzUwmp4ZQ+E= Subject key identifier: 37:CF:20:36:A9:0D:BB:CF:AE:E7:45:33:0D:46:3F:59:CF:5A:4D:34 Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Certificate serial: 019AF1D24D64149918A06781F655EF22F43D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft Manifest number: 0846 Signing time: Sat 06 Dec 2025 04:01:22 +0000 Manifest this update: Sat 06 Dec 2025 04:01:22 +0000 Manifest next update: Sun 07 Dec 2025 04:01:22 +0000 Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: +t+gJmdmm8inuSCy5qVcn4Trch3iOT+aHj0rCe9twqo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:4d:64:14:99:18:a0:67:81:f6:55:ef:22:f4:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178 Validity Not Before: Dec 6 04:01:22 2025 GMT Not After : Dec 7 04:01:22 2025 GMT Subject: CN=37cf2036a90dbbcfaee745330d463f59cf5a4d34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f9:71:7b:15:40:0d:d4:ad:c8:5c:53:11:a3: 65:19:eb:ac:ac:2b:de:d4:22:15:0c:36:f3:99:38: 1a:b9:c8:ef:b7:69:67:45:4e:4d:e0:25:17:32:c1: 2a:78:b5:6d:a5:51:1b:5f:7b:f2:97:7c:09:1b:24: 6e:16:ad:78:62:d1:65:f9:b8:39:d3:4a:d0:85:56: 16:da:7d:f4:5c:fe:37:30:94:42:d3:c2:2b:76:4e: d6:b3:b6:a5:96:96:9c:64:24:26:4c:33:bc:c0:f2: 08:87:5e:b7:7b:0e:a1:46:02:15:fc:29:aa:4d:35: 83:5c:37:50:d5:25:e5:a7:86:cb:24:34:69:5f:84: 0e:b8:9e:9f:b6:f0:0d:ec:f1:9e:62:f0:0d:ea:59: 79:f9:fa:96:a1:3c:e5:61:44:cc:2f:77:db:b7:29: 0a:b7:fd:2d:dc:c9:d7:74:31:94:76:b8:30:3c:52: e9:93:50:2b:8a:2c:8e:6a:fe:54:a8:6f:ec:6e:7b: aa:9c:9b:08:19:57:7e:4e:d3:c9:f3:e9:b0:f2:56: 2b:83:11:a4:3b:20:20:ad:22:4b:29:b1:25:fd:48: 7a:2e:ab:e1:30:d6:fb:9e:a8:44:f8:a7:ad:ed:7d: b8:ca:da:13:49:01:82:85:21:7a:f3:14:53:6d:87: 33:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:CF:20:36:A9:0D:BB:CF:AE:E7:45:33:0D:46:3F:59:CF:5A:4D:34 X509v3 Authority Key Identifier: keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:c5:aa:af:e5:a2:96:3d:d9:57:8d:1d:06:cd:e7:44:57:e5: 32:72:ce:f0:55:46:af:c5:27:36:b4:82:a5:4d:40:cc:15:85: fa:03:fe:d6:0f:a4:05:f2:d6:d2:16:51:f1:c8:47:2c:80:ed: 50:b5:3e:d5:59:7a:bf:18:59:a8:63:56:73:7e:ab:0c:cb:4c: 3c:8f:33:32:14:74:22:9b:95:cc:9d:24:59:4b:0e:6b:ae:18: 75:6d:07:5f:89:10:cd:f3:e4:0b:77:ad:a2:c0:9e:e9:f8:f1: bb:45:44:cb:7c:b3:b0:c0:7e:53:77:2f:63:31:29:8f:0a:67: f6:8a:f8:ed:22:8e:fe:2f:1c:4b:5f:12:ee:20:a7:f4:b5:33: 38:e3:43:6c:be:ab:b3:57:82:72:52:68:e3:d8:f0:b8:a9:f0: 88:6c:a2:04:36:9f:45:b2:50:4d:13:12:09:e6:af:36:d2:9b: a9:79:92:ed:ec:41:bb:72:07:7d:a5:6c:79:12:85:99:06:5a: dc:c0:f7:6b:cc:b9:93:07:a3:18:56:81:b1:b4:ce:81:1b:f2: 9c:5a:b6:ec:84:f3:5d:37:c3:1c:e2:4e:b7:81:f0:0e:17:30: 4a:08:ee:78:c5:58:24:a0:64:93:07:c1:27:00:be:87:6e:c0: b6:af:a0:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0k1kFJkYoGeB9lXvIvQ9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl MmExNzgwHhcNMjUxMjA2MDQwMTIyWhcNMjUxMjA3MDQwMTIyWjAzMTEwLwYDVQQD EygzN2NmMjAzNmE5MGRiYmNmYWVlNzQ1MzMwZDQ2M2Y1OWNmNWE0ZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArflxexVADdStyFxTEaNlGeusrCve 1CIVDDbzmTgaucjvt2lnRU5N4CUXMsEqeLVtpVEbX3vyl3wJGyRuFq14YtFl+bg5 00rQhVYW2n30XP43MJRC08Irdk7Ws7allpacZCQmTDO8wPIIh163ew6hRgIV/Cmq TTWDXDdQ1SXlp4bLJDRpX4QOuJ6ftvAN7PGeYvAN6ll5+fqWoTzlYUTML3fbtykK t/0t3MnXdDGUdrgwPFLpk1AriiyOav5UqG/sbnuqnJsIGVd+TtPJ8+mw8lYrgxGk OyAgrSJLKbEl/Uh6LqvhMNb7nqhE+Ket7X24ytoTSQGChSF68xRTbYczpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDfPIDapDbvPrudFMw1GP1nPWk00MB8GA1UdIwQY MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsWqr+Wi lj3ZV40dBs3nRFflMnLO8FVGr8UnNrSCpU1AzBWF+gP+1g+kBfLW0hZR8chHLIDt ULU+1Vl6vxhZqGNWc36rDMtMPI8zMhR0IpuVzJ0kWUsOa64YdW0HX4kQzfPkC3et osCe6fjxu0VEy3yzsMB+U3cvYzEpjwpn9or47SKO/i8cS18S7iCn9LUzOONDbL6r s1eCclJo49jwuKnwiGyiBDafRbJQTRMSCeavNtKbqXmS7exBu3IHfaVseRKFmQZa 3MD3a8y5kwejGFaBsbTOgRvynFq27ITzXTfDHOJOt4HwDhcwSgjueMVYJKBkkwfB JwC+h27Atq+gXg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:38:40 2025 by rpki-client