This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft File: Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft (raw, json) Hash identifier: 8BfyGsvQgDLeKwP9V/3jpsmma6nGKeq1e16GnUNZIx0= Subject key identifier: 94:DE:1C:D3:72:2D:A2:5A:92:FA:C2:96:F7:67:95:B7:A5:89:C8:19 Authority key identifier: 1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B Certificate issuer: /CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b Certificate serial: 019BDEB689BA2ECAFFE28246899715701D1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft Manifest number: 072B Signing time: Wed 21 Jan 2026 04:01:03 +0000 Manifest this update: Wed 21 Jan 2026 04:01:03 +0000 Manifest next update: Thu 22 Jan 2026 04:01:03 +0000 Files and hashes: 1: Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl (hash: oDDmwFPAOBVPbcmlSxzigBNCQHm6/gAcHHaq1b8cqYk=) 2: lx2J9WOsX2M54t8-J-Ipl4_XUM4.roa (hash: jlAohhibW/lQaiHQMqOapsCsgW9kpTO6lOTRSlTXr4k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 04:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:de:b6:89:ba:2e:ca:ff:e2:82:46:89:97:15:70:1d:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b Validity Not Before: Jan 21 04:01:03 2026 GMT Not After : Jan 22 04:01:03 2026 GMT Subject: CN=94de1cd3722da25a92fac296f76795b7a589c819 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:70:66:1a:5e:6e:80:13:4d:96:a5:72:34:cf: e7:03:33:3e:e4:90:43:31:53:1c:06:f8:6d:4c:64: ff:1c:3d:90:14:b3:ab:45:4b:1c:3c:01:66:f3:f0: d4:b3:9d:7e:be:7f:dd:20:2f:f0:5b:24:e1:a3:d9: ee:f5:4e:08:24:d3:54:d6:08:eb:a7:0a:f5:a1:38: 77:49:13:0a:c4:62:9e:fe:f1:83:5b:e1:01:ca:c9: 10:5f:84:65:66:94:0a:8f:62:40:08:5e:20:e2:a3: 89:e4:22:65:58:89:3b:a3:b1:9a:c9:02:c3:67:39: 02:8e:a4:f5:61:e2:a6:7a:88:43:c4:f6:af:32:41: d2:a2:28:af:54:d9:01:ab:83:d1:e8:29:50:0f:5a: 3c:11:c2:00:98:df:f8:57:e4:88:a4:3b:e1:e2:79: d9:17:9e:31:a5:cb:1a:c5:91:d5:2e:2c:59:a6:68: 70:91:67:d4:65:e1:cc:66:d8:9b:69:8a:21:11:30: fc:0f:50:01:bf:75:4e:e5:f2:63:32:11:96:4e:87: c2:a5:3c:4d:fa:c5:80:28:68:92:a5:fa:95:65:13: 52:19:50:55:02:b9:c2:c4:3f:f4:56:8e:c7:3f:4b: f6:2c:b3:8d:22:8e:f1:18:91:17:ed:05:49:f6:b5: ad:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:DE:1C:D3:72:2D:A2:5A:92:FA:C2:96:F7:67:95:B7:A5:89:C8:19 X509v3 Authority Key Identifier: keyid:1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:4e:72:53:04:1c:81:c7:02:33:8a:0b:6e:c1:b7:27:04:c8: dc:15:59:0e:15:91:1c:88:c0:1e:7c:e3:71:1f:14:2b:cb:8c: 19:2a:19:1e:4d:7b:4d:57:f6:25:23:a9:b0:98:4b:2f:97:3f: 92:1b:92:ef:8e:c7:ef:d1:eb:4d:e6:ab:1f:03:71:52:c7:3a: fa:65:d0:6e:54:26:e6:0d:d6:43:d6:3d:ed:7f:96:a7:b0:42: 46:0e:46:1f:fd:b2:aa:d1:a4:28:61:06:a4:a1:92:2f:ef:49: 76:35:eb:88:09:87:94:27:1e:71:e2:18:fc:26:31:5b:c9:38: 84:86:4b:49:62:90:6f:b2:e7:7b:49:e4:79:11:43:21:67:e9: fa:80:d6:e7:bc:87:2d:5b:67:60:9b:ac:09:f9:08:28:ee:1a: ed:4a:76:c3:c7:f5:96:6d:68:fa:ea:f3:db:bf:e4:85:0b:1c: 4a:c3:e1:c2:fc:da:83:e1:be:71:22:08:19:58:0f:1d:f4:f4: 02:bf:05:3d:5a:25:24:d4:21:3d:84:fd:d2:9e:8c:d1:bf:d2: da:cc:a1:58:ad:69:23:bf:92:b2:bd:75:3a:97:a4:3f:3f:b6: 88:78:39:7b:ff:41:26:11:57:79:c5:b1:e6:36:71:0e:28:64: d7:33:c5:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZvetom6Lsr/4oJGiZcVcB0dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZWIzZmFhODM4ODU0OWI1NWNiM2YzYWJkNGM2YzE1MTA2 Y2Y1M2IwHhcNMjYwMTIxMDQwMTAzWhcNMjYwMTIyMDQwMTAzWjAzMTEwLwYDVQQD Eyg5NGRlMWNkMzcyMmRhMjVhOTJmYWMyOTZmNzY3OTViN2E1ODljODE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXBmGl5ugBNNlqVyNM/nAzM+5JBD MVMcBvhtTGT/HD2QFLOrRUscPAFm8/DUs51+vn/dIC/wWyTho9nu9U4IJNNU1gjr pwr1oTh3SRMKxGKe/vGDW+EByskQX4RlZpQKj2JACF4g4qOJ5CJlWIk7o7GayQLD ZzkCjqT1YeKmeohDxPavMkHSoiivVNkBq4PR6ClQD1o8EcIAmN/4V+SIpDvh4nnZ F54xpcsaxZHVLixZpmhwkWfUZeHMZtibaYohETD8D1ABv3VO5fJjMhGWTofCpTxN +sWAKGiSpfqVZRNSGVBVArnCxD/0Vo7HP0v2LLONIo7xGJEX7QVJ9rWt4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJTeHNNyLaJakvrClvdnlbelicgZMB8GA1UdIwQY MBaAFB3rP6qDiFSbVcs/Or1MbBUQbPU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGIt NTAyYTk1N2ZkYWY4LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGItNTAyYTk1N2ZkYWY4 LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVk5yUwQc gccCM4oLbsG3JwTI3BVZDhWRHIjAHnzjcR8UK8uMGSoZHk17TVf2JSOpsJhLL5c/ khuS747H79HrTearHwNxUsc6+mXQblQm5g3WQ9Y97X+Wp7BCRg5GH/2yqtGkKGEG pKGSL+9JdjXriAmHlCceceIY/CYxW8k4hIZLSWKQb7Lne0nkeRFDIWfp+oDW57yH LVtnYJusCfkIKO4a7Up2w8f1lm1o+urz27/khQscSsPhwvzag+G+cSIIGVgPHfT0 Ar8FPVolJNQhPYT90p6M0b/S2syhWK1pI7+Ssr11OpekPz+2iHg5e/9BJhFXecWx 5jZxDihk1zPFhA== -----END CERTIFICATE-----Generated at Wed Jan 21 11:12:41 2026 by rpki-client