This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft File: rwmHHP1haABnerIynsumHed3V-Y.mft (raw, json) Hash identifier: 6WgY34is7BX51v2+ziR9v7+cG1PV/8o/FhhOYIOrSSU= Subject key identifier: 8C:C1:B0:29:79:99:3B:AF:4E:4A:44:CB:FB:D0:CC:06:7F:9D:56:79 Authority key identifier: AF:09:87:1C:FD:61:68:00:67:7A:B2:32:9E:CB:A6:1D:E7:77:57:E6 Certificate issuer: /CN=af09871cfd616800677ab2329ecba61de77757e6 Certificate serial: 019B5A1B14A05DF8F04CA030E95702B79512 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft Manifest number: 02FF Signing time: Fri 26 Dec 2025 10:01:22 +0000 Manifest this update: Fri 26 Dec 2025 10:01:22 +0000 Manifest next update: Sat 27 Dec 2025 10:01:22 +0000 Files and hashes: 1: _TdfyDspFjo8HcBVAH4tKaY1ryc.roa (hash: HRin1YqVyIdAgsGnpfqM25NMMm45zP4o3p+MrSb9sdE=) 2: rwmHHP1haABnerIynsumHed3V-Y.crl (hash: jVPnTcbbzGve/fnGaCLsNo77jKSB+KhK3oZjUsNrAU0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.crl rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1b:14:a0:5d:f8:f0:4c:a0:30:e9:57:02:b7:95:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af09871cfd616800677ab2329ecba61de77757e6 Validity Not Before: Dec 26 10:01:22 2025 GMT Not After : Dec 27 10:01:22 2025 GMT Subject: CN=8cc1b02979993baf4e4a44cbfbd0cc067f9d5679 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:6c:18:8c:4b:62:e4:14:1c:84:26:2e:e6:60: 96:bd:64:55:24:88:ad:2b:28:1a:f6:09:1e:69:20: ac:5e:e7:e3:f6:9e:14:62:d7:8e:e2:85:27:74:11: fc:d0:51:5f:40:b4:17:9c:77:19:f7:05:94:09:23: c9:78:ab:5b:aa:02:16:97:24:b2:dc:17:8b:90:53: f4:4a:48:31:25:b6:25:d7:e4:3c:df:0d:df:e4:39: 53:1c:ee:2e:bd:c5:a3:f7:ed:aa:9a:25:5b:58:e5: b0:76:1f:c7:8b:b6:d0:af:3d:38:1f:8a:4f:30:0f: 3a:66:d0:b2:d7:4c:97:8f:93:db:c3:12:63:bb:b1: 28:26:4c:41:dc:8a:e9:2b:53:45:ac:9e:58:52:59: 87:d3:78:e0:1b:ff:96:30:a4:52:df:2e:0c:8d:9a: b0:13:8d:04:c6:fe:e0:56:67:c5:97:a9:44:2b:c4: 7e:26:02:ee:b8:b1:91:27:99:a4:d2:6b:e3:0f:b3: 3e:05:d2:3b:9f:78:d3:f7:63:94:99:7b:f8:89:0e: a4:9b:6c:55:a4:f4:ed:24:35:d5:c2:12:4f:6c:9f: 9b:68:ac:b2:9c:68:51:e1:78:5d:dc:46:3f:74:6e: 77:43:14:48:d1:52:d8:d6:c7:fd:00:c3:08:bb:ad: 75:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:C1:B0:29:79:99:3B:AF:4E:4A:44:CB:FB:D0:CC:06:7F:9D:56:79 X509v3 Authority Key Identifier: keyid:AF:09:87:1C:FD:61:68:00:67:7A:B2:32:9E:CB:A6:1D:E7:77:57:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwmHHP1haABnerIynsumHed3V-Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/8ad9b3-0b9f-4224-909b-b43dbf895cfe/1/rwmHHP1haABnerIynsumHed3V-Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:63:1d:be:0a:c5:62:90:08:0c:88:78:01:f6:33:22:88:07: 82:85:a0:e0:5f:09:27:a8:a9:31:b2:85:e6:93:33:cd:12:5c: 84:84:7d:77:13:3b:9a:43:71:2a:aa:a4:85:15:74:49:c7:67: bd:b6:09:bb:6c:04:39:f7:74:e0:d6:c5:69:58:f2:b4:c7:45: b7:63:b9:b2:5e:0d:8d:5a:66:cf:82:c5:ca:46:fc:06:b9:82: f5:1f:bd:da:bb:47:04:1a:f2:26:3b:d0:ec:8a:ea:f3:7d:85: 00:8f:b3:af:69:38:7c:e6:7d:f4:cd:0b:77:b2:5b:fb:e9:b5: 5f:6c:e2:68:f3:f4:1b:45:84:f7:ec:53:40:f9:ac:4e:5c:65: e1:44:7b:4d:2f:82:7d:a5:70:9f:a4:db:a0:82:10:b2:ee:14: 9f:9e:30:16:96:ae:6a:4d:1c:38:5f:5e:8a:b8:4f:11:38:d0: 70:89:c7:00:36:49:39:f4:78:74:e7:b9:70:2e:3d:e8:4f:de: f2:fb:41:a7:1e:e8:2a:41:a2:c3:8c:94:93:03:bf:1b:61:7c: 6d:32:dd:71:54:dc:fd:a6:e4:aa:de:8f:b8:81:26:7a:22:70: cf:42:c3:70:2b:fd:fa:22:3e:1b:55:cb:21:b7:d5:e9:68:38: b9:03:fa:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGxSgXfjwTKAw6VcCt5USMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMDk4NzFjZmQ2MTY4MDA2NzdhYjIzMjllY2JhNjFkZTc3 NzU3ZTYwHhcNMjUxMjI2MTAwMTIyWhcNMjUxMjI3MTAwMTIyWjAzMTEwLwYDVQQD Eyg4Y2MxYjAyOTc5OTkzYmFmNGU0YTQ0Y2JmYmQwY2MwNjdmOWQ1Njc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9GwYjEti5BQchCYu5mCWvWRVJIit Kyga9gkeaSCsXufj9p4UYteO4oUndBH80FFfQLQXnHcZ9wWUCSPJeKtbqgIWlySy 3BeLkFP0SkgxJbYl1+Q83w3f5DlTHO4uvcWj9+2qmiVbWOWwdh/Hi7bQrz04H4pP MA86ZtCy10yXj5PbwxJju7EoJkxB3IrpK1NFrJ5YUlmH03jgG/+WMKRS3y4MjZqw E40Exv7gVmfFl6lEK8R+JgLuuLGRJ5mk0mvjD7M+BdI7n3jT92OUmXv4iQ6km2xV pPTtJDXVwhJPbJ+baKyynGhR4Xhd3EY/dG53QxRI0VLY1sf9AMMIu611wQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIzBsCl5mTuvTkpEy/vQzAZ/nVZ5MB8GA1UdIwQY MBaAFK8Jhxz9YWgAZ3qyMp7Lph3nd1fmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny84YWQ5YjMtMGI5Zi00MjI0LTkwOWIt YjQzZGJmODk1Y2ZlLzEvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny84YWQ5YjMtMGI5Zi00MjI0LTkwOWItYjQzZGJmODk1Y2Zl LzEvcndtSEhQMWhhQUJuZXJJeW5zdW1IZWQzVi1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXGMdvgrF YpAIDIh4AfYzIogHgoWg4F8JJ6ipMbKF5pMzzRJchIR9dxM7mkNxKqqkhRV0Scdn vbYJu2wEOfd04NbFaVjytMdFt2O5sl4NjVpmz4LFykb8BrmC9R+92rtHBBryJjvQ 7Irq832FAI+zr2k4fOZ99M0Ld7Jb++m1X2ziaPP0G0WE9+xTQPmsTlxl4UR7TS+C faVwn6TboIIQsu4Un54wFpauak0cOF9eirhPETjQcInHADZJOfR4dOe5cC496E/e 8vtBpx7oKkGiw4yUkwO/G2F8bTLdcVTc/abkqt6PuIEmeiJwz0LDcCv9+iI+G1XL IbfV6Wg4uQP6ZA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:47 2025 by rpki-client