This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.mft File: HVywmM9vf7aKGBrs2o6jjmTFrJ0.mft (raw, json) Hash identifier: lSZTNgCD/Fp4/MOEjM0c/Jpq2YKYxu2EyCyhTvqpX7Q= Subject key identifier: 5E:39:20:14:A1:1E:2F:03:77:1C:9B:33:17:0A:E6:8B:6C:38:96:5B Authority key identifier: 1D:5C:B0:98:CF:6F:7F:B6:8A:18:1A:EC:DA:8E:A3:8E:64:C5:AC:9D Certificate issuer: /CN=1d5cb098cf6f7fb68a181aecda8ea38e64c5ac9d Certificate serial: 019B33E8E2F9814AA40DAE3E72C8373194B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVywmM9vf7aKGBrs2o6jjmTFrJ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.mft Manifest number: 0305 Signing time: Fri 19 Dec 2025 00:00:58 +0000 Manifest this update: Fri 19 Dec 2025 00:00:58 +0000 Manifest next update: Sat 20 Dec 2025 00:00:58 +0000 Files and hashes: 1: GPBnMrccvHfLRUetSr0V2OhSV78.roa (hash: bMjAfl7v9vzL7TDoDm3Lu45G9wMjJfK+MiFqNCPT/Us=) 2: HVywmM9vf7aKGBrs2o6jjmTFrJ0.crl (hash: h5SrifM9UcxHkOfGZVwDi8ZpGpOn87cIPiXFhMppWGE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.mft rsync://rpki.ripe.net/repository/DEFAULT/HVywmM9vf7aKGBrs2o6jjmTFrJ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:e2:f9:81:4a:a4:0d:ae:3e:72:c8:37:31:94:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d5cb098cf6f7fb68a181aecda8ea38e64c5ac9d Validity Not Before: Dec 19 00:00:58 2025 GMT Not After : Dec 20 00:00:58 2025 GMT Subject: CN=5e392014a11e2f03771c9b33170ae68b6c38965b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:88:f9:a6:6b:7e:3b:49:1c:ac:b0:fc:e8:c3: ba:b2:3a:0e:94:a4:1a:cd:67:d5:96:51:7a:c9:3a: 48:39:96:bf:41:c3:1c:1f:cb:d1:f5:e7:40:a9:5f: c2:45:3d:3a:2e:97:36:3f:08:2c:6f:65:56:9b:d4: a0:4b:7e:50:e6:a1:6e:c5:fd:05:5f:4b:5c:80:2e: 7f:2e:12:02:04:65:69:ec:0e:87:a9:03:5f:23:78: 67:06:a1:51:21:86:14:3d:83:55:72:4f:b2:fe:45: 34:f3:7a:05:bc:51:c0:24:75:f6:7d:b2:58:37:ea: af:25:98:af:a4:27:9a:81:0a:06:25:b8:75:5e:65: 22:b4:97:28:b2:8e:65:e9:8b:7a:4e:92:04:e6:a8: 59:7a:40:d1:a0:51:a5:72:da:c2:93:63:3d:8e:11: 07:40:f3:dd:41:b0:df:26:17:07:67:c9:9f:ce:74: 54:f2:38:e2:2e:f7:f4:78:5e:34:70:ef:0c:2d:34: 93:a7:57:b6:6e:30:e0:31:55:1c:2a:0f:94:af:60: e2:4a:b3:b6:ea:5b:74:36:53:17:85:7d:0b:ef:cb: 13:ef:82:40:89:4f:e1:bc:1b:cd:64:81:c5:cc:18: 00:29:7f:7f:af:c2:72:3a:01:78:b5:cb:ba:b7:22: 56:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:39:20:14:A1:1E:2F:03:77:1C:9B:33:17:0A:E6:8B:6C:38:96:5B X509v3 Authority Key Identifier: keyid:1D:5C:B0:98:CF:6F:7F:B6:8A:18:1A:EC:DA:8E:A3:8E:64:C5:AC:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVywmM9vf7aKGBrs2o6jjmTFrJ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3d8127-44de-407b-9499-d6a43319aa21/1/HVywmM9vf7aKGBrs2o6jjmTFrJ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:20:c6:83:22:e6:93:af:02:e2:37:56:55:34:e7:0f:35:e1: e9:ad:0c:45:d1:f1:1e:b6:8c:5b:17:33:7c:df:59:87:7e:24: 75:6c:52:aa:c3:fd:b6:15:17:25:02:32:d2:ea:13:9b:18:1f: f3:f4:d2:fd:c4:b4:98:96:06:9b:25:61:cf:b6:03:8f:2c:04: 00:b1:18:da:35:34:1f:80:c1:6e:78:f7:07:e7:10:12:d0:53: 04:f9:94:a1:36:c1:72:13:ae:48:aa:d7:20:6b:67:c6:bb:3d: ac:ee:5c:d9:5c:6f:1c:27:e8:17:f2:fc:49:3e:18:5b:9c:28: d1:0c:ad:3a:ea:9c:17:14:20:24:26:a5:32:b8:7e:5a:bd:48: a1:91:d6:a1:07:ca:5b:71:a3:54:e7:72:89:7a:84:7f:f6:33: e2:aa:1b:9f:5c:c1:29:28:98:82:fc:d4:6d:9a:86:44:67:86: 7a:76:52:79:6c:c8:a3:a9:87:92:26:bf:48:f2:d2:fa:e7:6a: 7c:cc:56:88:c7:5c:3e:b2:b0:8d:b0:bf:4b:e9:75:1c:3f:79: f9:34:c9:20:bd:aa:ef:54:21:92:8d:d4:76:bd:45:dd:8a:06: be:f1:c2:3c:fc:e7:e7:e6:cf:52:95:3f:a4:fe:34:7c:fb:d8: 06:c8:2d:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6OL5gUqkDa4+csg3MZS2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNWNiMDk4Y2Y2ZjdmYjY4YTE4MWFlY2RhOGVhMzhlNjRj NWFjOWQwHhcNMjUxMjE5MDAwMDU4WhcNMjUxMjIwMDAwMDU4WjAzMTEwLwYDVQQD Eyg1ZTM5MjAxNGExMWUyZjAzNzcxYzliMzMxNzBhZTY4YjZjMzg5NjViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYj5pmt+O0kcrLD86MO6sjoOlKQa zWfVllF6yTpIOZa/QcMcH8vR9edAqV/CRT06Lpc2Pwgsb2VWm9SgS35Q5qFuxf0F X0tcgC5/LhICBGVp7A6HqQNfI3hnBqFRIYYUPYNVck+y/kU083oFvFHAJHX2fbJY N+qvJZivpCeagQoGJbh1XmUitJcoso5l6Yt6TpIE5qhZekDRoFGlctrCk2M9jhEH QPPdQbDfJhcHZ8mfznRU8jjiLvf0eF40cO8MLTSTp1e2bjDgMVUcKg+Ur2DiSrO2 6lt0NlMXhX0L78sT74JAiU/hvBvNZIHFzBgAKX9/r8JyOgF4tcu6tyJW2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF45IBShHi8DdxybMxcK5otsOJZbMB8GA1UdIwQY MBaAFB1csJjPb3+2ihga7NqOo45kxaydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFZ5d21NOXZmN2FLR0JyczJvNmpqbVRGckowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zZDgxMjctNDRkZS00MDdiLTk0OTkt ZDZhNDMzMTlhYTIxLzEvSFZ5d21NOXZmN2FLR0JyczJvNmpqbVRGckowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8zZDgxMjctNDRkZS00MDdiLTk0OTktZDZhNDMzMTlhYTIx LzEvSFZ5d21NOXZmN2FLR0JyczJvNmpqbVRGckowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoCDGgyLm k68C4jdWVTTnDzXh6a0MRdHxHraMWxczfN9Zh34kdWxSqsP9thUXJQIy0uoTmxgf 8/TS/cS0mJYGmyVhz7YDjywEALEY2jU0H4DBbnj3B+cQEtBTBPmUoTbBchOuSKrX IGtnxrs9rO5c2VxvHCfoF/L8ST4YW5wo0QytOuqcFxQgJCalMrh+Wr1IoZHWoQfK W3GjVOdyiXqEf/Yz4qobn1zBKSiYgvzUbZqGRGeGenZSeWzIo6mHkia/SPLS+udq fMxWiMdcPrKwjbC/S+l1HD95+TTJIL2q71Qhko3Udr1F3YoGvvHCPPzn5+bPUpU/ pP40fPvYBsgt2w== -----END CERTIFICATE-----Generated at Fri Dec 19 06:44:37 2025 by rpki-client