This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft File: h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft (raw, json) Hash identifier: OJRtPC7HP+su+gjRhu63VqIHMOeqmKuPNvfopMl3hTM= Subject key identifier: B7:4B:5B:DA:74:FF:81:B3:D1:15:DC:8F:59:53:96:51:23:5D:91:A5 Authority key identifier: 87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21 Certificate issuer: /CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921 Certificate serial: 019B3946827E081793900526DF49471AB847 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft Manifest number: 1333 Signing time: Sat 20 Dec 2025 01:01:20 +0000 Manifest this update: Sat 20 Dec 2025 01:01:20 +0000 Manifest next update: Sun 21 Dec 2025 01:01:20 +0000 Files and hashes: 1: EqmxfEPR61JZ1PILd4aiLsGlGKg.roa (hash: o+GN8e0CITe+H1MxoXkf/yVp/P7VliN/bKmtLSSdiwk=) 2: h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl (hash: 1oRM6neZgxMreE26iNTQZi9hZjmVEUNIR0FUMCmFCyk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:46:82:7e:08:17:93:90:05:26:df:49:47:1a:b8:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921 Validity Not Before: Dec 20 01:01:20 2025 GMT Not After : Dec 21 01:01:20 2025 GMT Subject: CN=b74b5bda74ff81b3d115dc8f59539651235d91a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:9a:b6:94:da:0f:bc:fb:34:bb:6f:cc:7d:3d: d4:f8:8f:c7:96:cb:d0:d9:76:fb:d7:bb:02:25:fe: 31:82:5a:86:30:3c:55:fc:e0:56:f2:da:c1:e1:be: 48:cb:ab:9c:ca:2d:a1:17:ac:c1:6a:f2:79:e7:af: df:67:3e:1c:a1:1e:25:1b:41:bc:3e:1d:42:89:0a: fe:96:b6:ed:d1:b5:73:2d:10:52:dd:e2:91:46:72: 5f:5a:ed:d8:ff:48:08:dc:30:f6:c7:e0:41:00:66: f6:df:cd:16:a5:02:54:f2:a9:76:b3:70:16:f5:22: dd:cc:33:57:9e:fa:49:4c:d0:4f:16:4a:45:66:b0: a7:00:35:a7:25:b2:be:db:2b:1a:9a:cd:a5:fa:10: c1:06:f3:42:2b:65:aa:be:61:b5:de:5f:69:56:90: de:e5:28:59:24:5b:33:6e:73:de:79:00:d5:9f:a2: 0a:e3:66:8e:95:66:79:cb:a2:65:9f:c1:db:6a:b1: 4f:89:5e:5c:7d:b3:34:3a:00:0b:ee:0d:24:a5:3d: 34:3c:4b:5a:20:a3:d2:ec:0a:dc:26:74:4e:e1:5a: 6c:7f:82:8a:13:e7:f5:4f:0a:73:e2:b4:18:c0:71: c7:23:c4:77:6b:bd:eb:15:7f:75:85:ff:89:2f:c7: 4c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:4B:5B:DA:74:FF:81:B3:D1:15:DC:8F:59:53:96:51:23:5D:91:A5 X509v3 Authority Key Identifier: keyid:87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:02:b7:79:aa:69:b3:28:a3:87:2f:8e:27:21:ab:49:0c:92: 6b:80:16:ef:8a:f9:c8:1e:44:3a:3d:6e:24:e5:96:54:99:f3: 48:a4:bc:5f:22:af:5a:61:96:c1:17:09:de:21:fa:27:0e:04: 6c:4b:c5:55:a3:f7:15:24:f7:08:1a:c3:8b:53:15:35:01:1a: 82:e7:b0:cd:c3:2d:78:40:cb:4b:c6:85:6e:08:88:23:37:61: fb:06:4c:30:28:66:fe:e7:35:be:24:b5:30:52:d3:24:6a:08: a2:b3:5b:5c:24:92:d6:81:63:f7:64:f7:49:8a:a9:32:6a:90: 46:07:04:6c:8b:60:5b:f7:0a:62:e0:d7:98:1c:31:43:c9:27: 7f:1b:9c:f8:85:35:df:38:90:e7:9d:2b:39:23:33:c9:3e:fb: 69:6a:df:2e:bc:5b:26:b7:ce:d9:e8:54:f4:0f:31:1a:e1:fc: be:fe:5c:f9:07:db:48:c4:95:f1:87:4d:30:a2:ab:49:8e:ac: 0b:c8:f3:b3:c0:84:77:f3:08:1a:89:4a:53:7f:e7:12:f7:c7: 56:4a:0a:63:3f:44:c1:cd:f5:a8:33:54:d2:61:b0:66:85:63: 75:38:ca:29:fc:80:d7:9f:36:ad:1e:aa:ea:a8:f4:f7:1f:22: b6:f4:6a:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5RoJ+CBeTkAUm30lHGrhHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZjQ1ZTNhNDA2OWQ0ZjVlYmQ1ZjZlNjQyMWQ4ZDNjYWJl MzA5MjEwHhcNMjUxMjIwMDEwMTIwWhcNMjUxMjIxMDEwMTIwWjAzMTEwLwYDVQQD EyhiNzRiNWJkYTc0ZmY4MWIzZDExNWRjOGY1OTUzOTY1MTIzNWQ5MWE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Jq2lNoPvPs0u2/MfT3U+I/HlsvQ 2Xb717sCJf4xglqGMDxV/OBW8trB4b5Iy6ucyi2hF6zBavJ556/fZz4coR4lG0G8 Ph1CiQr+lrbt0bVzLRBS3eKRRnJfWu3Y/0gI3DD2x+BBAGb2380WpQJU8ql2s3AW 9SLdzDNXnvpJTNBPFkpFZrCnADWnJbK+2ysams2l+hDBBvNCK2WqvmG13l9pVpDe 5ShZJFszbnPeeQDVn6IK42aOlWZ5y6Jln8HbarFPiV5cfbM0OgAL7g0kpT00PEta IKPS7ArcJnRO4Vpsf4KKE+f1Twpz4rQYwHHHI8R3a73rFX91hf+JL8dM4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLdLW9p0/4Gz0RXcj1lTllEjXZGlMB8GA1UdIwQY MBaAFIf0XjpAadT169X25kIdjTyr4wkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYt NjMxOWJiMDc5YzQ0LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYtNjMxOWJiMDc5YzQ0 LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXwK3eapp syijhy+OJyGrSQySa4AW74r5yB5EOj1uJOWWVJnzSKS8XyKvWmGWwRcJ3iH6Jw4E bEvFVaP3FST3CBrDi1MVNQEaguewzcMteEDLS8aFbgiIIzdh+wZMMChm/uc1viS1 MFLTJGoIorNbXCSS1oFj92T3SYqpMmqQRgcEbItgW/cKYuDXmBwxQ8knfxuc+IU1 3ziQ550rOSMzyT77aWrfLrxbJrfO2ehU9A8xGuH8vv5c+QfbSMSV8YdNMKKrSY6s C8jzs8CEd/MIGolKU3/nEvfHVkoKYz9Ewc31qDNU0mGwZoVjdTjKKfyA1582rR6q 6qj09x8itvRqJA== -----END CERTIFICATE-----Generated at Sat Dec 20 07:16:16 2025 by rpki-client