This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft File: d8Bx2YnlMJrDyzwLCNOsslIRErY.mft (raw, json) Hash identifier: NhsIgKc0aNGZkAAJOCa19Rs/mbzjFdPXup2+5d3os+0= Subject key identifier: D6:53:83:55:56:E7:0A:91:79:38:6F:92:9F:58:D3:06:4E:B9:9C:AE Authority key identifier: 77:C0:71:D9:89:E5:30:9A:C3:CB:3C:0B:08:D3:AC:B2:52:11:12:B6 Certificate issuer: /CN=77c071d989e5309ac3cb3c0b08d3acb2521112b6 Certificate serial: 019AF208FB65C1B42E1CE186391E7272C593 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft Manifest number: 1388 Signing time: Sat 06 Dec 2025 05:01:06 +0000 Manifest this update: Sat 06 Dec 2025 05:01:06 +0000 Manifest next update: Sun 07 Dec 2025 05:01:06 +0000 Files and hashes: 1: Le5vpyY48HdbIpkDIdpXFhjYz0Q.roa (hash: Myyoy3T8AQaNeHj3CEH6lMEU7kAImPu/7Rglv2KrnL4=) 2: d8Bx2YnlMJrDyzwLCNOsslIRErY.crl (hash: pPeItYOX16iHT4PZKiGG0IpHKNvZ6P4sbU4e1R+pIxw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:fb:65:c1:b4:2e:1c:e1:86:39:1e:72:72:c5:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77c071d989e5309ac3cb3c0b08d3acb2521112b6 Validity Not Before: Dec 6 05:01:06 2025 GMT Not After : Dec 7 05:01:06 2025 GMT Subject: CN=d653835556e70a9179386f929f58d3064eb99cae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6a:29:2b:65:c3:b0:cd:26:df:87:97:42:68: b9:46:c0:07:6d:39:85:27:ca:b8:88:9b:23:7a:94: 65:67:0b:34:b9:14:83:d4:01:a8:09:1a:15:90:18: cb:bb:87:30:1f:e7:82:18:15:06:97:b3:7c:fd:50: 52:76:b8:02:86:19:6e:67:7d:9b:4a:54:d9:25:4e: d4:41:ca:36:54:8f:3d:ec:2c:cb:77:6f:64:1a:d3: d4:68:56:7f:eb:1c:25:d4:85:97:57:17:04:eb:0e: d7:fc:31:88:13:0f:b3:bf:a9:59:c3:33:a8:93:f6: 00:4a:9c:49:fb:ab:b3:0c:05:e1:b3:79:45:62:12: bb:6d:53:49:4d:5d:b8:ee:a2:f9:38:69:b2:7b:ad: da:d8:29:d8:dd:bf:64:cc:15:af:67:64:a3:8a:7f: 9c:4d:a7:f6:44:40:ba:55:0e:1b:62:63:89:77:45: 1b:d5:f1:e8:7b:83:9d:91:e9:8d:ef:0b:e1:0a:48: d2:73:7d:1a:9a:f4:2f:c0:c2:c4:4d:4d:7a:be:e3: a8:ad:a3:8a:02:80:80:37:d3:00:46:df:6b:f9:1c: 27:87:f4:3a:e3:ba:d4:23:be:2c:34:f4:d1:9f:72: 7b:4b:fe:5a:9b:f0:7f:cc:c5:ef:fd:7f:47:73:78: 40:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:53:83:55:56:E7:0A:91:79:38:6F:92:9F:58:D3:06:4E:B9:9C:AE X509v3 Authority Key Identifier: keyid:77:C0:71:D9:89:E5:30:9A:C3:CB:3C:0B:08:D3:AC:B2:52:11:12:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8Bx2YnlMJrDyzwLCNOsslIRErY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/844bfe-ec18-417e-8f5a-5cc4ded9a7d2/1/d8Bx2YnlMJrDyzwLCNOsslIRErY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:fe:d5:b9:e7:95:eb:f9:0c:09:95:cf:6a:ee:29:6c:26:b3: b9:c5:64:a2:3e:94:e6:6c:91:08:fe:b0:5c:c5:40:99:a7:b8: a3:82:7e:b1:0f:67:ba:62:58:93:28:cb:c1:0f:91:84:41:7d: 90:92:cb:3d:ba:e8:58:d8:6b:5b:69:16:fd:12:24:bb:17:5c: b8:a6:2a:e2:9c:06:e5:80:e3:2b:45:fc:d3:a9:78:46:df:b2: 9d:84:16:53:05:71:0f:1d:af:7c:50:2b:62:02:66:21:0c:f7: 70:d4:ed:5b:71:a5:45:20:6e:49:61:c0:1f:a8:89:27:2e:0f: 95:ba:75:47:76:c2:31:7f:34:45:e3:e2:24:31:b1:f8:fe:61: fc:c3:04:dd:01:b9:e7:3a:2b:73:7f:85:80:7e:46:46:8a:5d: 41:8f:ef:50:c1:67:83:a0:67:90:b1:a2:46:1d:79:e9:ac:db: c1:9d:b7:e1:ff:4a:53:bf:85:b2:8e:48:52:b2:0a:75:d7:ad: 72:b6:a0:0b:af:aa:69:f7:3b:c8:27:55:32:a0:d4:c3:b1:21: 2e:35:4f:15:56:e1:92:ba:6b:2c:fe:1f:0f:b5:0d:30:7c:e8: 07:e7:9a:b8:7a:b2:b5:3c:31:83:b3:4d:3b:bf:4b:8f:0c:81: 54:90:f4:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCPtlwbQuHOGGOR5ycsWTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3YzA3MWQ5ODllNTMwOWFjM2NiM2MwYjA4ZDNhY2IyNTIx MTEyYjYwHhcNMjUxMjA2MDUwMTA2WhcNMjUxMjA3MDUwMTA2WjAzMTEwLwYDVQQD EyhkNjUzODM1NTU2ZTcwYTkxNzkzODZmOTI5ZjU4ZDMwNjRlYjk5Y2FlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWopK2XDsM0m34eXQmi5RsAHbTmF J8q4iJsjepRlZws0uRSD1AGoCRoVkBjLu4cwH+eCGBUGl7N8/VBSdrgChhluZ32b SlTZJU7UQco2VI897CzLd29kGtPUaFZ/6xwl1IWXVxcE6w7X/DGIEw+zv6lZwzOo k/YASpxJ+6uzDAXhs3lFYhK7bVNJTV247qL5OGmye63a2CnY3b9kzBWvZ2Sjin+c Taf2REC6VQ4bYmOJd0Ub1fHoe4OdkemN7wvhCkjSc30amvQvwMLETU16vuOoraOK AoCAN9MARt9r+Rwnh/Q647rUI74sNPTRn3J7S/5am/B/zMXv/X9Hc3hAYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNZTg1VW5wqReThvkp9Y0wZOuZyuMB8GA1UdIwQY MBaAFHfAcdmJ5TCaw8s8CwjTrLJSERK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84NDRiZmUtZWMxOC00MTdlLThmNWEt NWNjNGRlZDlhN2QyLzEvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi84NDRiZmUtZWMxOC00MTdlLThmNWEtNWNjNGRlZDlhN2Qy LzEvZDhCeDJZbmxNSnJEeXp3TENOT3NzbElSRXJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAif7VueeV 6/kMCZXPau4pbCazucVkoj6U5myRCP6wXMVAmae4o4J+sQ9numJYkyjLwQ+RhEF9 kJLLPbroWNhrW2kW/RIkuxdcuKYq4pwG5YDjK0X806l4Rt+ynYQWUwVxDx2vfFAr YgJmIQz3cNTtW3GlRSBuSWHAH6iJJy4Plbp1R3bCMX80RePiJDGx+P5h/MME3QG5 5zorc3+FgH5GRopdQY/vUMFng6BnkLGiRh156azbwZ234f9KU7+Fso5IUrIKddet cragC6+qafc7yCdVMqDUw7EhLjVPFVbhkrprLP4fD7UNMHzoB+eauHqytTwxg7NN O79LjwyBVJD0Ng== -----END CERTIFICATE-----Generated at Sat Dec 6 08:34:33 2025 by rpki-client