This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json) Hash identifier: VbjYLuIG8Me7Q275SPR1BSn5UPr43Eo2pYWHkmOA83Y= Subject key identifier: 4C:C6:37:43:50:5D:8D:1C:E8:BD:5F:6D:18:7C:F5:40:0F:B8:34:E1 Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add Certificate serial: 019B3A91A03A104D0F5A70949A40A74D1FC3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft Manifest number: 130D Signing time: Sat 20 Dec 2025 07:03:00 +0000 Manifest this update: Sat 20 Dec 2025 07:03:00 +0000 Manifest next update: Sun 21 Dec 2025 07:03:00 +0000 Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=) 2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: ALl5skbpF98FvsNWe7BYfu1SOU/gM/MxcX21v1YFrHk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:03:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:91:a0:3a:10:4d:0f:5a:70:94:9a:40:a7:4d:1f:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=869035c317734f661bbf85c2184155a1f3616add Validity Not Before: Dec 20 07:03:00 2025 GMT Not After : Dec 21 07:03:00 2025 GMT Subject: CN=4cc63743505d8d1ce8bd5f6d187cf5400fb834e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a9:f8:01:42:85:d2:c3:7e:3d:d3:4f:8c:40: 99:ea:1d:f0:e5:40:34:d9:17:c3:01:01:cb:c8:85: 9d:9b:61:c6:b8:94:c4:4d:71:5c:21:0b:d9:5d:a6: 74:13:da:d2:fa:37:4e:3e:ec:18:a9:00:b7:d2:d7: 53:a7:2f:e4:f8:0f:63:aa:3a:f7:d9:e4:5e:f7:c3: 22:5c:d6:0a:be:cb:e1:6d:e3:21:14:f9:a1:13:40: 33:af:26:61:d5:bd:20:67:78:91:3e:59:4a:31:32: b8:b7:cc:66:73:a4:47:5e:30:11:b4:d7:ea:8d:6c: 68:8c:57:85:15:38:20:2f:66:f9:ec:d6:d6:e8:42: c8:68:af:33:19:ef:98:ae:4c:84:e5:ea:71:8b:2c: f6:5a:bb:8a:83:92:d2:d2:26:c6:31:6f:34:96:a0: d2:be:be:3b:63:f5:f0:d9:61:fa:08:83:8e:cd:47: e3:94:c8:e1:e6:16:2c:72:37:df:42:33:8d:73:cb: e0:19:13:b4:49:59:e5:d8:d4:e5:dd:d7:b3:5e:f5: 3f:27:98:7f:b3:d5:4e:ad:94:3b:96:20:f1:84:fc: 47:fa:70:22:1e:ff:0f:c2:58:db:b8:42:38:37:69: d4:ba:9c:b1:46:93:b2:6e:30:8c:5c:b3:e6:75:24: b9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:C6:37:43:50:5D:8D:1C:E8:BD:5F:6D:18:7C:F5:40:0F:B8:34:E1 X509v3 Authority Key Identifier: keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:14:84:ed:38:dc:c3:68:88:85:b2:c6:d4:98:bb:d5:1a:d5: e7:24:7f:b0:c4:dc:45:71:93:ed:58:ed:0a:5e:1b:f5:c2:5e: 02:d3:9a:d4:9f:2f:8d:9c:28:53:cf:d1:e8:fb:ac:0f:3a:2c: 59:21:65:82:25:da:d5:33:1b:55:c2:12:30:cc:70:98:7e:f4: 4b:26:e2:27:97:1b:5f:b7:12:b5:e3:44:3a:a1:86:41:24:0d: 2e:d0:68:62:2c:72:10:eb:6d:26:8d:9f:12:a7:1e:fc:39:49: 60:bd:29:9c:be:4c:b6:85:b8:4e:99:25:53:4f:7b:10:61:33: e9:46:72:40:76:64:de:0b:0c:55:88:81:a6:d1:32:a2:1b:09: b0:07:27:26:c9:60:91:1a:21:0f:0d:e7:6b:cf:90:d7:a0:ef: 1a:56:bd:13:20:6f:50:63:9f:16:d3:05:85:21:0f:c0:f9:3c: 8d:2a:60:5d:71:f0:92:d3:53:1d:60:52:6d:ac:54:68:08:3a: 8e:87:b1:0f:6c:54:2e:9a:82:09:cb:11:57:4e:a7:32:86:d8: cf:09:e7:ad:07:54:7d:45:16:5e:b6:a6:b1:44:6d:34:16:4e: 4c:18:41:77:9e:dd:1b:34:ec:e7:0b:ed:d2:c2:d2:95:fe:09: 2d:9e:29:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kaA6EE0PWnCUmkCnTR/DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2 MTZhZGQwHhcNMjUxMjIwMDcwMzAwWhcNMjUxMjIxMDcwMzAwWjAzMTEwLwYDVQQD Eyg0Y2M2Mzc0MzUwNWQ4ZDFjZThiZDVmNmQxODdjZjU0MDBmYjgzNGUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtan4AUKF0sN+PdNPjECZ6h3w5UA0 2RfDAQHLyIWdm2HGuJTETXFcIQvZXaZ0E9rS+jdOPuwYqQC30tdTpy/k+A9jqjr3 2eRe98MiXNYKvsvhbeMhFPmhE0AzryZh1b0gZ3iRPllKMTK4t8xmc6RHXjARtNfq jWxojFeFFTggL2b57NbW6ELIaK8zGe+YrkyE5epxiyz2WruKg5LS0ibGMW80lqDS vr47Y/Xw2WH6CIOOzUfjlMjh5hYscjffQjONc8vgGRO0SVnl2NTl3dezXvU/J5h/ s9VOrZQ7liDxhPxH+nAiHv8PwljbuEI4N2nUupyxRpOybjCMXLPmdSS5swIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEzGN0NQXY0c6L1fbRh89UAPuDThMB8GA1UdIwQY MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhSE7Tjc w2iIhbLG1Ji71RrV5yR/sMTcRXGT7VjtCl4b9cJeAtOa1J8vjZwoU8/R6PusDzos WSFlgiXa1TMbVcISMMxwmH70SybiJ5cbX7cSteNEOqGGQSQNLtBoYixyEOttJo2f Eqce/DlJYL0pnL5MtoW4TpklU097EGEz6UZyQHZk3gsMVYiBptEyohsJsAcnJslg kRohDw3na8+Q16DvGla9EyBvUGOfFtMFhSEPwPk8jSpgXXHwktNTHWBSbaxUaAg6 joexD2xULpqCCcsRV06nMobYzwnnrQdUfUUWXramsURtNBZOTBhBd57dGzTs5wvt 0sLSlf4JLZ4pwA== -----END CERTIFICATE-----Generated at Sat Dec 20 11:29:15 2025 by rpki-client