This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.mft File: EHTblkAv9c8YdWRWDqjxPu61_-s.mft (raw, json) Hash identifier: uWWKYCwKmNJF34tyoieoVnx+AYHKGFeHTntOXCTPijc= Subject key identifier: A2:A2:56:C9:09:E8:3A:3A:5F:43:7B:65:16:07:C3:A6:87:BA:87:50 Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb Certificate serial: 019B22504D4D4FADEB994B3679C39951C8E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.mft Manifest number: 17BB Signing time: Mon 15 Dec 2025 14:00:46 +0000 Manifest this update: Mon 15 Dec 2025 14:00:46 +0000 Manifest next update: Tue 16 Dec 2025 14:00:46 +0000 Files and hashes: 1: 5Fh8wLq-vAfdSqECF1o7u7so-j4.roa (hash: ZlARtLuw+Q8e0b7Jolz8g+1kXlsunG6VLot0JEG5Rcc=) 2: EHTblkAv9c8YdWRWDqjxPu61_-s.crl (hash: fSUIAhG2hFC6QZs69ICNIn3v9n9b5FkVNZdTp7WgyVo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.mft rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:50:4d:4d:4f:ad:eb:99:4b:36:79:c3:99:51:c8:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb Validity Not Before: Dec 15 14:00:46 2025 GMT Not After : Dec 16 14:00:46 2025 GMT Subject: CN=a2a256c909e83a3a5f437b651607c3a687ba8750 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:12:01:d4:ce:56:f8:3d:ae:cb:67:76:c7:ae: 38:7b:ee:70:54:3d:ac:52:1e:8b:48:63:9f:24:78: 9f:48:b2:8a:2b:f4:e0:b5:77:9c:55:7c:38:3a:7a: a8:d6:40:dc:2c:e6:51:5f:ce:db:86:84:0f:64:47: 18:f6:7f:b7:94:08:8b:df:9e:00:26:74:d3:47:34: b8:77:cc:c6:35:6a:35:ac:31:89:88:cf:2a:d6:bd: d8:2c:c8:95:a0:43:a4:53:56:7f:3b:f9:9c:32:db: 51:e8:bf:6b:ee:12:d4:6d:87:ca:d0:01:c2:04:7c: fc:47:c9:67:44:33:57:09:56:a6:23:0c:d1:08:78: 9b:5e:1e:39:dd:44:b2:9c:46:3e:f7:65:c6:63:73: a2:46:73:70:c6:2c:6d:9d:7a:80:ec:1b:b5:46:f6: 1a:28:d8:31:53:67:d8:f0:ba:40:69:4a:ff:67:97: f9:a4:20:ff:ae:4d:90:22:2c:a8:2e:9b:e5:f9:bf: bf:a7:69:3e:6d:6f:85:9e:c7:21:ff:70:27:1f:23: c9:1b:1b:6f:87:36:71:80:59:5c:57:dd:59:a7:8a: 99:d8:c4:89:2b:13:6b:06:03:f3:f7:68:c9:be:a2: 6f:86:91:5a:bd:17:4b:94:5e:69:3f:82:30:61:ef: b3:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:A2:56:C9:09:E8:3A:3A:5F:43:7B:65:16:07:C3:A6:87:BA:87:50 X509v3 Authority Key Identifier: keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:c5:97:a2:51:ff:15:8a:c2:4f:71:49:d7:6e:a6:38:d0:a6: 69:d6:f5:fe:33:f9:f6:76:aa:41:b6:f3:02:93:d8:68:cd:9e: 97:ae:98:9d:91:b7:03:bc:b2:83:ec:b0:0b:79:55:dc:94:b3: 7d:9d:4e:b4:71:ed:f8:80:e6:a7:84:57:2f:d4:b9:91:db:16: f7:af:52:36:de:2e:58:c0:02:3e:12:c0:4a:ea:9d:a1:99:73: 29:41:6d:e7:39:25:3c:7f:e4:b8:18:36:2c:12:66:f1:4f:fe: 11:ef:86:9d:6e:7a:7d:b9:85:23:03:c8:9e:a6:77:71:75:04: 82:45:29:ae:9f:bb:c1:74:b1:eb:68:7d:ab:b0:c6:dd:fa:02: 2f:fe:6e:d8:86:b8:78:b0:8d:b7:f0:2d:d8:e2:60:4d:32:86: 76:da:4c:c9:aa:bd:75:e4:24:24:7f:5c:d2:c9:6f:df:07:3d: 87:b7:45:57:62:b6:a7:70:02:09:df:33:2a:5f:9e:c4:4a:6f: 20:88:b3:9e:ee:aa:aa:5f:d5:5c:cd:d6:d7:5d:b3:fe:3c:5d: 49:54:98:37:1f:c4:2a:c6:d6:6b:f2:59:a0:9c:b3:40:a9:82: 5e:48:97:87:2e:62:8f:14:30:d4:13:d9:98:67:a2:24:b1:72: 52:f0:6d:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsiUE1NT63rmUs2ecOZUcjoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi NWZmZWIwHhcNMjUxMjE1MTQwMDQ2WhcNMjUxMjE2MTQwMDQ2WjAzMTEwLwYDVQQD EyhhMmEyNTZjOTA5ZTgzYTNhNWY0MzdiNjUxNjA3YzNhNjg3YmE4NzUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBIB1M5W+D2uy2d2x644e+5wVD2s Uh6LSGOfJHifSLKKK/TgtXecVXw4Onqo1kDcLOZRX87bhoQPZEcY9n+3lAiL354A JnTTRzS4d8zGNWo1rDGJiM8q1r3YLMiVoEOkU1Z/O/mcMttR6L9r7hLUbYfK0AHC BHz8R8lnRDNXCVamIwzRCHibXh453USynEY+92XGY3OiRnNwxixtnXqA7Bu1RvYa KNgxU2fY8LpAaUr/Z5f5pCD/rk2QIiyoLpvl+b+/p2k+bW+Fnsch/3AnHyPJGxtv hzZxgFlcV91Zp4qZ2MSJKxNrBgPz92jJvqJvhpFavRdLlF5pP4IwYe+zZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKKiVskJ6Do6X0N7ZRYHw6aHuodQMB8GA1UdIwQY MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt YWI0MGI1OGEyODkyLzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEtYWI0MGI1OGEyODky LzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8WXolH/ FYrCT3FJ126mONCmadb1/jP59naqQbbzApPYaM2el66YnZG3A7yyg+ywC3lV3JSz fZ1OtHHt+IDmp4RXL9S5kdsW969SNt4uWMACPhLASuqdoZlzKUFt5zklPH/kuBg2 LBJm8U/+Ee+GnW56fbmFIwPInqZ3cXUEgkUprp+7wXSx62h9q7DG3foCL/5u2Ia4 eLCNt/At2OJgTTKGdtpMyaq9deQkJH9c0slv3wc9h7dFV2K2p3ACCd8zKl+exEpv IIiznu6qql/VXM3W112z/jxdSVSYNx/EKsbWa/JZoJyzQKmCXkiXhy5ijxQw1BPZ mGeiJLFyUvBtzA== -----END CERTIFICATE-----Generated at Mon Dec 15 18:31:52 2025 by rpki-client