This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json) Hash identifier: /U+UA7kq+vwLF7+lJYIyuVSsXNFYL19aOJS/6n/UkhU= Subject key identifier: 03:8D:0E:25:CF:9F:9C:29:2E:02:EF:39:B2:77:7F:E6:D6:66:9C:74 Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Certificate serial: 019B405A8A4F0539A2E8142131782480B16D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft Manifest number: 036B Signing time: Sun 21 Dec 2025 10:00:34 +0000 Manifest this update: Sun 21 Dec 2025 10:00:34 +0000 Manifest next update: Mon 22 Dec 2025 10:00:34 +0000 Files and hashes: 1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: kpP4itdxNkI2NAiNUgtYmaIcXtmhWmZtXi/14A56Wyg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:8a:4f:05:39:a2:e8:14:21:31:78:24:80:b1:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Validity Not Before: Dec 21 10:00:34 2025 GMT Not After : Dec 22 10:00:34 2025 GMT Subject: CN=038d0e25cf9f9c292e02ef39b2777fe6d6669c74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:19:37:11:70:6b:bb:ab:2a:a9:99:05:a0:58: 7b:5c:31:1b:9d:c4:62:32:5f:22:a3:0f:df:9d:fc: d4:69:55:e5:80:5c:22:58:9f:1f:e3:34:4f:4c:8c: 24:55:6a:6a:1e:d8:78:63:29:3c:9b:37:9d:32:c7: 1b:20:70:64:1a:bf:62:5a:87:e8:02:63:92:4b:65: 64:db:21:0c:70:4c:8f:49:04:ca:03:93:3e:4e:ad: eb:74:15:23:a9:69:23:ec:dc:29:a7:73:61:f5:f7: 85:14:92:7e:c3:7f:02:b4:80:97:74:54:21:4f:37: 60:a1:c3:9c:ee:d3:4b:c1:cf:76:a0:c7:14:06:10: e1:01:1f:12:66:53:70:ad:8d:c9:68:62:42:88:3b: d4:f7:b4:c8:61:a4:4e:d1:38:e2:f2:94:99:0f:3f: d1:45:7c:c2:06:ec:1f:20:93:34:a6:22:f5:d8:82: 33:6a:c2:a3:37:92:b3:9e:81:27:64:30:51:e6:32: 99:40:43:22:91:f4:4d:bb:e2:2c:b6:96:65:d1:e6: b5:35:41:91:bc:8c:b2:f2:c5:6a:d5:b7:3a:b9:c5: 5c:b7:5a:40:a7:3f:ad:ef:47:b3:dc:1a:94:21:67: 91:c2:f3:a0:57:9a:c1:bc:72:89:5d:42:5d:4f:aa: d2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:8D:0E:25:CF:9F:9C:29:2E:02:EF:39:B2:77:7F:E6:D6:66:9C:74 X509v3 Authority Key Identifier: keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:d2:2c:a3:d0:d6:13:da:ed:f5:cb:3a:bb:17:e8:29:f0:c9: 8f:60:71:eb:f9:ab:4d:b6:f3:32:45:eb:c1:08:60:65:52:8a: 88:52:8e:4a:30:26:bf:1c:c7:06:32:70:b5:e9:c6:20:59:cb: 6e:b8:8f:d1:da:3b:02:96:26:2c:8e:3e:67:cd:7c:58:d1:c6: 88:d6:68:88:d1:16:84:26:e0:c8:b4:09:bb:05:fa:05:a5:11: a8:09:e6:18:32:70:3d:45:88:53:92:e7:be:25:cc:44:ec:5a: 32:50:2d:3b:1b:87:0b:05:00:3e:05:88:03:d7:71:f1:23:ac: 9d:6d:05:7a:b4:81:e1:56:44:a4:82:20:06:ec:16:d6:f0:15: f6:50:7b:88:84:20:83:36:3b:50:be:92:17:24:c1:90:49:28: d2:d3:3c:eb:25:32:8b:88:06:72:49:fb:ee:bb:8e:d0:34:41: e7:06:ff:d7:1e:da:ef:d3:dd:1f:a3:65:56:3e:b2:37:93:c1: 2e:cd:ba:11:44:57:8c:df:01:ed:fe:e6:2c:15:1e:c3:bb:8e: fc:25:90:e5:69:f9:c0:e7:1b:b0:3b:8e:0d:70:3b:7f:ec:0c: 3a:df:d2:35:15:07:c2:27:c1:d5:63:bc:e5:6b:e7:e7:13:d5: fb:b1:5b:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWopPBTmi6BQhMXgkgLFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1 M2JlMzYwHhcNMjUxMjIxMTAwMDM0WhcNMjUxMjIyMTAwMDM0WjAzMTEwLwYDVQQD EygwMzhkMGUyNWNmOWY5YzI5MmUwMmVmMzliMjc3N2ZlNmQ2NjY5Yzc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hk3EXBru6sqqZkFoFh7XDEbncRi Ml8iow/fnfzUaVXlgFwiWJ8f4zRPTIwkVWpqHth4Yyk8mzedMscbIHBkGr9iWofo AmOSS2Vk2yEMcEyPSQTKA5M+Tq3rdBUjqWkj7Nwpp3Nh9feFFJJ+w38CtICXdFQh TzdgocOc7tNLwc92oMcUBhDhAR8SZlNwrY3JaGJCiDvU97TIYaRO0Tji8pSZDz/R RXzCBuwfIJM0piL12IIzasKjN5KznoEnZDBR5jKZQEMikfRNu+IstpZl0ea1NUGR vIyy8sVq1bc6ucVct1pApz+t70ez3BqUIWeRwvOgV5rBvHKJXUJdT6rSnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAONDiXPn5wpLgLvObJ3f+bWZpx0MB8GA1UdIwQY MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUtIso9DW E9rt9cs6uxfoKfDJj2Bx6/mrTbbzMkXrwQhgZVKKiFKOSjAmvxzHBjJwtenGIFnL briP0do7ApYmLI4+Z818WNHGiNZoiNEWhCbgyLQJuwX6BaURqAnmGDJwPUWIU5Ln viXMROxaMlAtOxuHCwUAPgWIA9dx8SOsnW0FerSB4VZEpIIgBuwW1vAV9lB7iIQg gzY7UL6SFyTBkEko0tM86yUyi4gGckn77ruO0DRB5wb/1x7a79PdH6NlVj6yN5PB Ls26EURXjN8B7f7mLBUew7uO/CWQ5Wn5wOcbsDuODXA7f+wMOt/SNRUHwifB1WO8 5Wvn5xPV+7Fb0g== -----END CERTIFICATE-----Generated at Sun Dec 21 18:07:29 2025 by rpki-client