This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json) Hash identifier: Wonr0U3ZOcBq/wnwaPM1JUDt/rK6LytHyv9xlSXoXHY= Subject key identifier: 55:72:09:EA:88:9C:C6:9A:8E:DB:C4:23:42:20:B6:05:05:3B:01:41 Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Certificate serial: 019B1DCF1DD370E23A3FF802A8B7BD5F2544 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft Manifest number: 1709 Signing time: Sun 14 Dec 2025 17:01:11 +0000 Manifest this update: Sun 14 Dec 2025 17:01:11 +0000 Manifest next update: Mon 15 Dec 2025 17:01:11 +0000 Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=) 2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: NkOkkrAeMUwZL67f9/oUQfirBqDdEKuKTlKopSPvKKk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:cf:1d:d3:70:e2:3a:3f:f8:02:a8:b7:bd:5f:25:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Validity Not Before: Dec 14 17:01:11 2025 GMT Not After : Dec 15 17:01:11 2025 GMT Subject: CN=557209ea889cc69a8edbc4234220b605053b0141 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:dd:15:00:95:25:4a:63:b3:dc:c1:61:cb:76: e7:84:eb:19:88:ff:e5:d2:9b:89:13:64:50:90:ef: 99:a1:0d:8b:d7:31:3d:e8:5c:71:85:1e:ae:0d:03: 6c:8a:bc:e4:0b:56:82:52:cb:8b:f7:d3:f2:23:a8: bb:51:71:0a:18:e7:67:82:5b:c3:54:7d:25:7b:6c: 24:58:8a:7c:9a:a0:a1:f0:f9:06:b2:ad:7d:db:53: d1:95:76:43:ba:9f:84:8f:82:73:ce:31:2c:aa:43: 7d:81:b3:1b:5e:2b:b4:45:3b:f9:4d:2a:da:f2:dc: 7e:fc:4c:b6:58:15:01:e7:b2:e7:5e:4f:b4:8a:5d: f5:fc:dc:37:2c:70:10:5c:ea:e4:4f:b5:2f:a1:26: d7:7b:4c:4f:8e:da:b2:9a:d0:32:23:40:d1:8b:4d: e2:01:3e:41:f9:fd:a9:32:a0:4a:10:eb:ab:28:a8: 0f:ab:f8:1c:dd:ad:60:2d:b3:b3:ec:d0:ce:c2:90: ba:0d:8a:5c:bf:5b:d6:41:16:cf:bc:36:11:58:1e: e6:1a:29:7d:85:13:92:4c:75:83:bc:f3:a4:4c:68: 15:db:ec:3a:0f:14:26:47:79:05:02:cb:cb:0a:30: 8f:de:8c:13:6e:d6:41:c8:da:5e:71:65:c4:8d:63: 45:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:72:09:EA:88:9C:C6:9A:8E:DB:C4:23:42:20:B6:05:05:3B:01:41 X509v3 Authority Key Identifier: keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:b4:09:ee:bf:c0:ae:fe:3e:93:ac:66:19:bb:51:b7:6f:3f: 82:37:4e:0b:dd:12:0a:59:d4:ad:c3:5e:8d:1d:85:a5:30:6c: c4:48:ad:74:1d:58:68:c8:25:79:bf:c7:e0:97:b7:ca:9a:1e: 6f:d2:e8:4d:5e:91:09:fb:4e:02:74:5d:63:e3:82:e4:b1:d6: 5b:15:be:f2:20:a2:28:cf:1f:b1:cb:c3:5b:45:97:f8:4a:ab: 97:7f:c0:f0:22:8c:f9:ba:38:a1:af:9f:62:1f:5a:9f:af:b5: 99:e0:27:b9:20:17:0c:5e:a5:e8:8c:95:44:4c:37:ab:00:3f: 38:dd:d7:c4:7a:29:66:70:2c:a8:c7:14:c4:4b:d4:fa:2c:81: f6:8b:40:3a:83:8b:f1:5f:5d:d4:1c:be:05:1c:12:84:23:9b: 90:f5:b9:bc:9b:49:8e:d5:e5:9c:0e:cb:33:3e:09:77:8e:55: 1b:05:f9:fc:89:32:3e:c6:7c:77:36:6f:cd:61:d8:50:80:7f: 21:59:e3:d4:df:e1:6e:1e:91:ad:68:05:38:b7:48:e8:d2:29: b3:c5:c0:d7:21:61:1c:f3:b1:6c:c4:75:9f:23:d3:69:7f:bc: fb:a8:e3:34:93:7c:b0:3a:ea:54:c0:4c:2d:32:4f:bc:71:47: 55:ea:b7:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsdzx3TcOI6P/gCqLe9XyVEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0 NWI2Y2QwHhcNMjUxMjE0MTcwMTExWhcNMjUxMjE1MTcwMTExWjAzMTEwLwYDVQQD Eyg1NTcyMDllYTg4OWNjNjlhOGVkYmM0MjM0MjIwYjYwNTA1M2IwMTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8t0VAJUlSmOz3MFhy3bnhOsZiP/l 0puJE2RQkO+ZoQ2L1zE96FxxhR6uDQNsirzkC1aCUsuL99PyI6i7UXEKGOdnglvD VH0le2wkWIp8mqCh8PkGsq1921PRlXZDup+Ej4JzzjEsqkN9gbMbXiu0RTv5TSra 8tx+/Ey2WBUB57LnXk+0il31/Nw3LHAQXOrkT7UvoSbXe0xPjtqymtAyI0DRi03i AT5B+f2pMqBKEOurKKgPq/gc3a1gLbOz7NDOwpC6DYpcv1vWQRbPvDYRWB7mGil9 hROSTHWDvPOkTGgV2+w6DxQmR3kFAsvLCjCP3owTbtZByNpecWXEjWNFFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFVyCeqInMaajtvEI0IgtgUFOwFBMB8GA1UdIwQY MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkLQJ7r/A rv4+k6xmGbtRt28/gjdOC90SClnUrcNejR2FpTBsxEitdB1YaMgleb/H4Je3ypoe b9LoTV6RCftOAnRdY+OC5LHWWxW+8iCiKM8fscvDW0WX+Eqrl3/A8CKM+bo4oa+f Yh9an6+1meAnuSAXDF6l6IyVREw3qwA/ON3XxHopZnAsqMcUxEvU+iyB9otAOoOL 8V9d1By+BRwShCObkPW5vJtJjtXlnA7LMz4Jd45VGwX5/IkyPsZ8dzZvzWHYUIB/ IVnj1N/hbh6RrWgFOLdI6NIps8XA1yFhHPOxbMR1nyPTaX+8+6jjNJN8sDrqVMBM LTJPvHFHVeq3HQ== -----END CERTIFICATE-----Generated at Sun Dec 14 23:17:09 2025 by rpki-client