This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft File: hWhAcEemLmSDAMUYKik1P_WOsF8.mft (raw, json) Hash identifier: W2cBgoriwIKbDvqasSQ9NHQtst11gRtJrk1zMgeOu8c= Subject key identifier: 26:3F:25:96:44:19:F4:AC:C4:D0:C3:AB:71:4B:E6:33:43:4E:EA:53 Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f Certificate serial: 019B10EF1939A2078887F367CD143D9B657E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft Manifest number: 04C2 Signing time: Fri 12 Dec 2025 05:01:03 +0000 Manifest this update: Fri 12 Dec 2025 05:01:03 +0000 Manifest next update: Sat 13 Dec 2025 05:01:03 +0000 Files and hashes: 1: 0nvhqw7aFiUkSIOiOEerDMnQ_ZQ.roa (hash: HMe62SGaPYEENwRxXbOtER7G/ZP8W5TpI/QjfFDw0sg=) 2: hWhAcEemLmSDAMUYKik1P_WOsF8.crl (hash: mGl7o04aJObMrfMYcxy1lWhU+AdgwUoeWk46NK4dm6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 05:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:ef:19:39:a2:07:88:87:f3:67:cd:14:3d:9b:65:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f Validity Not Before: Dec 12 05:01:03 2025 GMT Not After : Dec 13 05:01:03 2025 GMT Subject: CN=263f25964419f4acc4d0c3ab714be633434eea53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:56:17:3b:9b:df:a2:74:ea:f5:06:33:4b:54: 1c:8b:79:92:92:97:70:59:15:d1:9d:e3:4b:a0:59: f5:86:7e:a6:29:36:d9:e5:9d:fb:fa:0e:99:57:c1: 19:b9:53:ef:0e:89:8a:ed:3e:e7:d9:27:1a:8f:72: 89:2d:43:4c:8d:a9:76:f3:43:bc:6b:bd:1e:63:b1: d9:be:0d:a7:cc:c6:11:c3:b9:8c:db:65:85:ca:25: dc:5a:48:d7:50:37:2a:65:64:d9:3a:2d:34:45:cd: c6:4a:07:b9:d8:60:d5:d6:9e:bd:bb:46:d6:af:51: af:f8:e2:7d:25:0e:f0:4a:c0:2c:a4:ea:0b:20:94: a0:69:dd:dd:94:52:0a:35:e2:f0:9e:65:2b:44:7d: 10:5c:af:66:76:e9:e9:76:5c:71:03:4e:42:be:d2: 26:0c:4a:c0:c8:ea:28:51:39:b7:d4:6d:62:ed:d2: 28:2a:c0:da:89:d8:8b:f0:70:07:05:a6:cb:96:52: 9a:a7:5b:3f:1d:66:7f:00:ec:45:81:a7:04:ea:20: b2:da:11:87:74:01:32:dc:bd:17:46:38:07:02:4a: d7:07:ce:44:2b:f8:b5:9a:95:7b:f7:ad:b2:66:80: 3c:d3:94:dc:f6:2c:77:f8:8c:2b:8d:37:39:68:08: 52:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:3F:25:96:44:19:F4:AC:C4:D0:C3:AB:71:4B:E6:33:43:4E:EA:53 X509v3 Authority Key Identifier: keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:68:ac:55:de:42:34:83:8a:de:9d:05:5a:8f:79:19:27:fb: 66:3c:77:4b:8e:5d:75:80:56:12:7b:31:bf:28:13:56:af:53: 97:29:bc:17:e4:fe:58:75:e7:17:9d:34:99:b3:1a:59:a7:6d: 08:93:de:43:2f:af:23:ac:ec:80:7a:b8:05:dc:da:bd:b9:1d: 47:66:f6:dc:20:39:1f:09:3d:01:a1:0d:9e:71:50:ff:57:69: b5:f7:a5:4f:b8:b2:c9:21:bb:10:33:7a:90:0c:3d:73:33:c6: 35:97:62:ba:5c:42:d1:8a:33:44:8f:1e:a1:6a:14:1d:4c:03: fe:5c:08:ce:87:dc:83:05:2b:3f:12:84:f9:c3:f3:83:5b:f0: ce:8d:e8:ed:d7:e2:f2:76:e8:06:ec:16:1b:4d:0c:9b:24:a6: be:1b:e0:34:4c:39:91:ba:45:e6:34:f7:1f:fb:2a:c1:94:8e: d3:89:16:79:58:98:31:bd:a1:90:d8:dc:15:d8:e3:25:61:85: 94:32:2e:c4:86:64:5d:11:3c:1e:57:06:50:22:bd:a8:87:77: db:c1:2e:fd:9a:9c:83:79:a7:37:3e:a1:a9:97:61:f9:32:5b: a4:a8:f2:42:33:1b:de:a2:99:8e:00:38:8a:5a:36:75:d2:e0: a0:1e:ef:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQ7xk5ogeIh/NnzRQ9m2V+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4 ZWIwNWYwHhcNMjUxMjEyMDUwMTAzWhcNMjUxMjEzMDUwMTAzWjAzMTEwLwYDVQQD EygyNjNmMjU5NjQ0MTlmNGFjYzRkMGMzYWI3MTRiZTYzMzQzNGVlYTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1YXO5vfonTq9QYzS1Qci3mSkpdw WRXRneNLoFn1hn6mKTbZ5Z37+g6ZV8EZuVPvDomK7T7n2Scaj3KJLUNMjal280O8 a70eY7HZvg2nzMYRw7mM22WFyiXcWkjXUDcqZWTZOi00Rc3GSge52GDV1p69u0bW r1Gv+OJ9JQ7wSsAspOoLIJSgad3dlFIKNeLwnmUrRH0QXK9mdunpdlxxA05CvtIm DErAyOooUTm31G1i7dIoKsDaidiL8HAHBabLllKap1s/HWZ/AOxFgacE6iCy2hGH dAEy3L0XRjgHAkrXB85EK/i1mpV7962yZoA805Tc9ix3+IwrjTc5aAhSrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCY/JZZEGfSsxNDDq3FL5jNDTupTMB8GA1UdIwQY MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt ZWQzZTk4YzY1NmUxLzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABmisVd5C NIOK3p0FWo95GSf7Zjx3S45ddYBWEnsxvygTVq9Tlym8F+T+WHXnF500mbMaWadt CJPeQy+vI6zsgHq4BdzavbkdR2b23CA5Hwk9AaENnnFQ/1dptfelT7iyySG7EDN6 kAw9czPGNZdiulxC0YozRI8eoWoUHUwD/lwIzofcgwUrPxKE+cPzg1vwzo3o7dfi 8nboBuwWG00MmySmvhvgNEw5kbpF5jT3H/sqwZSO04kWeViYMb2hkNjcFdjjJWGF lDIuxIZkXRE8HlcGUCK9qId328Eu/Zqcg3mnNz6hqZdh+TJbpKjyQjMb3qKZjgA4 ilo2ddLgoB7vBQ== -----END CERTIFICATE-----Generated at Fri Dec 12 13:00:54 2025 by rpki-client