This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json) Hash identifier: Cc9+TuQ0Iv812+VC5AkZw+VCfjVzcIT6gSSUhbKzTPI= Subject key identifier: 78:5B:97:9A:4B:0A:3B:B2:BE:0B:09:A8:75:10:56:65:DB:67:70:5E Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019B1012EC584E66AC94FB78CD3C04D9D1DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft Manifest number: 107F Signing time: Fri 12 Dec 2025 01:00:34 +0000 Manifest this update: Fri 12 Dec 2025 01:00:34 +0000 Manifest next update: Sat 13 Dec 2025 01:00:34 +0000 Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=) 2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: yeBnwr1+Vt14D9zofe8cVSaZ0ilkW0JKrCa0IYZ7Qxc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:12:ec:58:4e:66:ac:94:fb:78:cd:3c:04:d9:d1:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Dec 12 01:00:34 2025 GMT Not After : Dec 13 01:00:34 2025 GMT Subject: CN=785b979a4b0a3bb2be0b09a875105665db67705e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d1:18:bc:3d:39:94:43:7d:7c:fa:60:d6:64: e6:5b:71:dc:ed:a5:ac:5c:51:1f:9b:73:6d:32:6f: d6:94:01:0c:43:20:ad:81:5f:f1:4b:bd:51:3f:41: d2:03:75:e1:ed:f5:10:91:46:c4:1f:0f:a1:3d:22: 96:9f:16:d3:f6:77:15:68:43:52:39:de:e5:95:1b: f7:d5:d0:c8:5b:e5:3e:f0:2d:0c:8f:bf:20:89:ea: f7:82:91:7d:b8:97:3e:c0:38:c3:2d:61:5d:9e:79: 70:27:67:de:cb:12:65:0c:57:51:39:d4:a3:7b:e0: 02:fa:69:c9:c1:6b:6f:7e:d6:f3:d1:69:1b:74:ea: 32:56:9f:9c:f6:8f:b6:5a:a9:3f:f6:e1:5e:23:fd: 99:10:e9:77:a6:42:f7:28:28:f1:68:09:83:b3:d2: 6b:bf:7a:63:8c:ac:0c:19:da:75:8a:38:72:14:d4: 42:a9:d7:8d:d7:9f:66:5f:80:ff:43:fb:b5:c0:9e: 4c:78:3b:4f:d6:54:30:fe:c2:b1:a8:72:11:57:20: 5d:0f:49:22:eb:86:e7:b4:23:7d:fc:23:53:f6:af: c2:21:45:b5:90:a8:da:a3:17:16:61:9a:a1:28:6a: f0:e5:12:2e:1f:de:99:39:35:73:cf:9f:84:cd:53: bc:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:5B:97:9A:4B:0A:3B:B2:BE:0B:09:A8:75:10:56:65:DB:67:70:5E X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:b2:b0:cd:9a:a5:11:2b:43:a7:47:7c:64:60:6d:8a:8b:a0: e3:88:11:0d:b3:7a:fb:92:15:d2:40:3a:b1:6f:28:64:e6:84: 92:61:e7:ef:2b:41:55:f0:49:2e:80:85:7b:08:47:8d:3c:0d: 6e:82:0d:ec:73:1d:2f:ae:5e:fe:8a:0d:cd:b7:7c:e7:23:c4: fe:e2:1b:ea:20:f6:6b:e0:3f:b3:c3:17:42:96:cb:f0:e5:f9: 3a:10:5e:a1:37:35:08:55:5f:e0:9e:b0:b0:22:4f:4a:3e:ad: d2:99:ca:9e:1d:64:5d:2e:19:67:8e:ae:96:e8:1f:b3:16:a0: db:b1:ca:7c:10:ba:e4:64:2c:53:ba:13:6f:c8:31:19:ba:f8: 0e:50:39:cb:b1:8b:c0:50:2b:c7:7e:d2:33:42:cd:5f:20:43: 03:78:f4:b3:8f:cf:24:f2:4d:3a:49:45:9c:41:2f:2e:5c:1d: 67:48:7e:fe:46:d8:0a:4a:b7:d9:0b:90:63:ad:65:38:87:61: 56:95:7c:34:b1:12:bc:81:1c:f1:97:33:0d:c4:67:53:c0:e4: 85:de:20:02:22:8f:47:dd:26:c7:8d:e0:98:d8:b8:4f:e0:9d: 79:11:b7:e1:bf:cc:c2:32:a2:2e:59:76:5e:64:47:c3:23:5a: 68:57:de:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQEuxYTmaslPt4zTwE2dHeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjUxMjEyMDEwMDM0WhcNMjUxMjEzMDEwMDM0WjAzMTEwLwYDVQQD Eyg3ODViOTc5YTRiMGEzYmIyYmUwYjA5YTg3NTEwNTY2NWRiNjc3MDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtEYvD05lEN9fPpg1mTmW3Hc7aWs XFEfm3NtMm/WlAEMQyCtgV/xS71RP0HSA3Xh7fUQkUbEHw+hPSKWnxbT9ncVaENS Od7llRv31dDIW+U+8C0Mj78gier3gpF9uJc+wDjDLWFdnnlwJ2feyxJlDFdROdSj e+AC+mnJwWtvftbz0WkbdOoyVp+c9o+2Wqk/9uFeI/2ZEOl3pkL3KCjxaAmDs9Jr v3pjjKwMGdp1ijhyFNRCqdeN159mX4D/Q/u1wJ5MeDtP1lQw/sKxqHIRVyBdD0ki 64bntCN9/CNT9q/CIUW1kKjaoxcWYZqhKGrw5RIuH96ZOTVzz5+EzVO8hwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhbl5pLCjuyvgsJqHUQVmXbZ3BeMB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7KwzZql EStDp0d8ZGBtioug44gRDbN6+5IV0kA6sW8oZOaEkmHn7ytBVfBJLoCFewhHjTwN boIN7HMdL65e/ooNzbd85yPE/uIb6iD2a+A/s8MXQpbL8OX5OhBeoTc1CFVf4J6w sCJPSj6t0pnKnh1kXS4ZZ46ulugfsxag27HKfBC65GQsU7oTb8gxGbr4DlA5y7GL wFArx37SM0LNXyBDA3j0s4/PJPJNOklFnEEvLlwdZ0h+/kbYCkq32QuQY61lOIdh VpV8NLESvIEc8ZczDcRnU8Dkhd4gAiKPR90mx43gmNi4T+CdeRG34b/MwjKiLll2 XmRHwyNaaFfe+g== -----END CERTIFICATE-----Generated at Fri Dec 12 08:03:51 2025 by rpki-client