This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft File: HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json) Hash identifier: 4Q6UL1vaCtwmnpB6qfBhRT8DMvtik1L5kalZ0yJNhrY= Subject key identifier: 93:1E:72:41:89:3E:60:EB:37:EC:60:0C:10:71:FD:1C:A1:BB:8F:D1 Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A Certificate issuer: /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a Certificate serial: 019B495DB2C09753828C442619002F59AA81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft Manifest number: 094E Signing time: Tue 23 Dec 2025 04:00:35 +0000 Manifest this update: Tue 23 Dec 2025 04:00:35 +0000 Manifest next update: Wed 24 Dec 2025 04:00:35 +0000 Files and hashes: 1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: oSynPv/NE7FDJNjorYJbr5ZY34iBqopxzvU7hNEK4jM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 04:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:5d:b2:c0:97:53:82:8c:44:26:19:00:2f:59:aa:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a Validity Not Before: Dec 23 04:00:35 2025 GMT Not After : Dec 24 04:00:35 2025 GMT Subject: CN=931e7241893e60eb37ec600c1071fd1ca1bb8fd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ba:81:b6:e4:c7:02:76:96:ea:d1:4e:15:8f: 7f:34:db:bc:24:3f:57:f3:d2:4a:0d:3c:3e:72:f0: d0:5e:62:f2:d0:4a:ba:1c:a0:5d:bd:27:a2:c2:22: 2a:84:83:31:70:2c:fd:b5:f4:11:b2:27:8e:8d:18: f2:9d:91:6c:e7:e3:98:a4:a7:dd:b8:a8:a1:60:75: ca:04:73:3d:0e:4f:3f:df:29:3a:b1:85:54:1e:c9: b1:2b:8f:1a:57:eb:63:2e:75:a4:0f:a3:f6:4f:58: 98:50:0f:69:d0:e1:51:3d:1f:a1:08:03:2b:1e:03: d1:05:54:93:15:05:35:34:2b:39:55:1e:35:b9:d8: 3d:78:35:ed:51:64:eb:32:e9:52:65:ce:90:0d:2d: ff:51:88:6d:a4:93:cc:d5:b4:12:34:89:2e:5c:36: 74:50:2b:b2:1b:42:c6:2d:70:53:d2:dc:88:30:f4: 90:a8:a4:e8:3f:bc:6f:ea:2d:93:31:01:fa:82:b8: 8b:9e:96:ef:aa:8f:d3:4b:28:08:b4:a3:cc:ec:cd: 90:43:67:9b:72:9e:b4:9e:ae:f9:4d:41:be:d8:44: cc:e5:90:cf:7b:e2:12:47:8f:1f:de:83:f7:be:0f: 04:88:b8:ac:90:7d:84:d6:ce:4d:3d:10:11:d6:a8: 21:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:1E:72:41:89:3E:60:EB:37:EC:60:0C:10:71:FD:1C:A1:BB:8F:D1 X509v3 Authority Key Identifier: keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:d9:91:e5:f7:e9:d9:9b:86:d9:a7:7c:44:ca:6b:fa:88:03: 04:52:8f:a6:64:10:3c:db:3a:74:cc:23:72:f7:da:9c:b0:05: a9:71:ab:a7:35:10:9b:35:43:45:a0:55:24:7f:37:06:5a:39: 15:b0:3a:79:63:72:ff:5d:30:de:e6:21:2a:38:91:cf:6f:f2: 9e:54:a3:6f:4b:17:df:cd:08:fa:e5:64:85:7f:eb:6e:fa:44: fd:3c:c5:fe:96:dc:eb:27:e6:8f:38:82:ba:17:8d:35:73:1a: c0:71:a1:4d:46:97:da:73:2f:77:9f:54:2b:52:b6:c7:ca:e9: ff:ec:0c:33:b5:97:0a:0d:19:f7:09:c6:c3:b9:e8:7c:cf:ef: a4:2c:bf:c3:08:a2:76:52:f4:5b:46:ae:58:7e:cb:a2:c4:55: 66:48:b5:7d:e9:f8:86:93:ca:e0:cf:62:82:f9:77:34:28:1c: 26:26:d1:6e:fb:6d:b7:95:e5:86:8b:3d:34:b8:79:4f:2c:3c: 31:40:3f:36:d1:ee:2e:1c:fc:bf:08:56:f2:0c:71:10:74:38: ce:7f:3e:9f:a8:e2:58:de:fa:d4:6a:4d:ed:b1:d2:d4:3b:52: 4a:59:8a:9d:df:1b:9b:84:71:c7:7e:47:c8:7b:96:76:3f:b6: aa:2e:7c:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJXbLAl1OCjEQmGQAvWaqBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk N2QyMWEwHhcNMjUxMjIzMDQwMDM1WhcNMjUxMjI0MDQwMDM1WjAzMTEwLwYDVQQD Eyg5MzFlNzI0MTg5M2U2MGViMzdlYzYwMGMxMDcxZmQxY2ExYmI4ZmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrqBtuTHAnaW6tFOFY9/NNu8JD9X 89JKDTw+cvDQXmLy0Eq6HKBdvSeiwiIqhIMxcCz9tfQRsieOjRjynZFs5+OYpKfd uKihYHXKBHM9Dk8/3yk6sYVUHsmxK48aV+tjLnWkD6P2T1iYUA9p0OFRPR+hCAMr HgPRBVSTFQU1NCs5VR41udg9eDXtUWTrMulSZc6QDS3/UYhtpJPM1bQSNIkuXDZ0 UCuyG0LGLXBT0tyIMPSQqKToP7xv6i2TMQH6griLnpbvqo/TSygItKPM7M2QQ2eb cp60nq75TUG+2ETM5ZDPe+ISR48f3oP3vg8EiLiskH2E1s5NPRAR1qgh4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJMeckGJPmDrN+xgDBBx/Ryhu4/RMB8GA1UdIwQY MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAldmR5ffp 2ZuG2ad8RMpr+ogDBFKPpmQQPNs6dMwjcvfanLAFqXGrpzUQmzVDRaBVJH83Blo5 FbA6eWNy/10w3uYhKjiRz2/ynlSjb0sX380I+uVkhX/rbvpE/TzF/pbc6yfmjziC uheNNXMawHGhTUaX2nMvd59UK1K2x8rp/+wMM7WXCg0Z9wnGw7nofM/vpCy/wwii dlL0W0auWH7LosRVZki1fen4hpPK4M9igvl3NCgcJibRbvttt5Xlhos9NLh5Tyw8 MUA/NtHuLhz8vwhW8gxxEHQ4zn8+n6jiWN761GpN7bHS1DtSSlmKnd8bm4Rxx35H yHuWdj+2qi58kQ== -----END CERTIFICATE-----Generated at Tue Dec 23 13:02:33 2025 by rpki-client