This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft File: 0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft (raw, json) Hash identifier: bLKCnfnEbsig9TotOAAYUmShSEF7JXTHEH+sdjHLzRE= Subject key identifier: 3D:33:15:8F:56:BA:FD:81:FD:03:92:21:1D:D3:7E:E0:BB:FA:0D:67 Authority key identifier: D2:1A:59:40:72:2B:20:7B:29:D9:5A:6C:81:BE:0D:2B:F4:D4:10:CC Certificate issuer: /CN=d21a5940722b207b29d95a6c81be0d2bf4d410cc Certificate serial: 019B390FB8F93D6895471084E90D6B5D7C40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft Manifest number: 0941 Signing time: Sat 20 Dec 2025 00:01:30 +0000 Manifest this update: Sat 20 Dec 2025 00:01:30 +0000 Manifest next update: Sun 21 Dec 2025 00:01:30 +0000 Files and hashes: 1: 0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl (hash: iCA37EsJmlA8Zre33wee7dMHJqn6HWG/Bw30Vr9ISOE=) 2: 50bo-j7HR95aUFz7is7MBLLkMsc.roa (hash: aYgErZR0B+wLx1tDGd7DRHlBnCECIPjEQvva1IOrhbs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0f:b8:f9:3d:68:95:47:10:84:e9:0d:6b:5d:7c:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d21a5940722b207b29d95a6c81be0d2bf4d410cc Validity Not Before: Dec 20 00:01:30 2025 GMT Not After : Dec 21 00:01:30 2025 GMT Subject: CN=3d33158f56bafd81fd0392211dd37ee0bbfa0d67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a3:84:05:18:2b:9f:b5:5f:b7:bd:28:fe:85: ef:4e:d1:47:6b:8b:88:81:b5:c7:ac:5d:af:fc:25: 5d:1d:e5:03:9b:c6:4b:7a:05:de:63:17:c2:e7:b6: 62:e5:d4:bc:99:c9:6e:36:2b:e3:c7:cb:81:c8:c4: ba:8b:0d:06:67:5b:29:ac:1e:16:28:3b:8f:93:71: 29:8a:08:55:31:a2:44:12:e1:4b:13:97:71:17:7a: bb:39:f4:fd:39:b4:ad:37:bc:13:de:00:7c:12:51: 68:1b:63:1c:49:e0:c0:7c:78:54:4c:ff:83:f2:25: eb:fa:1d:fa:fe:96:14:60:5d:c7:9a:1f:d0:a5:62: 81:08:65:90:b2:56:5c:0c:b3:eb:79:3b:72:db:44: cc:c3:23:fb:1e:34:cc:85:97:9a:6f:4b:99:61:6f: 6c:35:38:6d:57:84:7a:94:21:28:34:83:27:56:19: 50:6c:1b:c4:a4:d6:9c:c2:4b:5f:b4:fa:db:59:33: f1:a6:ad:55:e1:fa:3e:23:c4:2b:b5:f6:d7:03:8a: 67:2a:30:50:01:7b:b5:46:d2:21:b9:d1:ec:35:34: 94:58:dc:06:7d:95:9c:55:08:18:7d:e7:cf:54:d8: 21:70:13:9d:de:77:72:46:1a:37:8a:2c:82:d9:9f: af:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:33:15:8F:56:BA:FD:81:FD:03:92:21:1D:D3:7E:E0:BB:FA:0D:67 X509v3 Authority Key Identifier: keyid:D2:1A:59:40:72:2B:20:7B:29:D9:5A:6C:81:BE:0D:2B:F4:D4:10:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/56433a-0a70-4eae-9f9d-8cfbdb799284/1/0hpZQHIrIHsp2Vpsgb4NK_TUEMw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:4d:8d:fd:5f:af:d3:2a:0a:0b:18:a0:5f:9f:ed:b4:22:39: b9:15:4c:1d:09:96:63:bb:bc:93:00:5f:62:28:56:c2:d5:96: d9:3a:98:84:a9:f3:c3:d5:89:43:59:75:d2:df:3a:27:28:98: 8a:96:62:13:ed:d0:1a:95:b2:e5:ab:fc:91:66:3d:da:3d:8f: e3:31:0e:a4:a6:d9:c1:83:a2:e6:35:91:e7:0c:8b:ed:ab:c1: 90:e1:87:af:e0:0c:83:69:46:1d:f1:0d:62:26:c2:18:b8:44: 57:b9:79:44:2a:9c:5c:0d:2f:43:b2:1d:3b:26:9d:08:16:6a: 9a:de:28:ae:95:77:80:42:ad:69:5f:7f:b9:c1:8b:46:6a:3a: 57:98:db:13:ec:1f:28:26:37:c1:d3:5f:6c:68:c9:48:ad:59: c8:76:1d:65:4d:7c:0c:18:2f:1b:68:b9:e1:6a:44:a8:05:05: f5:11:cf:dd:c8:48:0b:ef:a5:4e:2c:19:bf:94:c3:d9:06:dc: 5d:67:20:8d:4d:6a:3b:7d:67:ec:90:25:c9:c3:c2:72:1f:08: d5:fe:dc:22:84:cb:bd:62:fc:7d:f5:31:58:19:84:49:25:f9: 5f:2f:3c:7d:52:c2:cc:57:9a:2b:0f:19:59:b5:21:66:32:a9: 3b:b9:f4:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5D7j5PWiVRxCE6Q1rXXxAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMWE1OTQwNzIyYjIwN2IyOWQ5NWE2YzgxYmUwZDJiZjRk NDEwY2MwHhcNMjUxMjIwMDAwMTMwWhcNMjUxMjIxMDAwMTMwWjAzMTEwLwYDVQQD EygzZDMzMTU4ZjU2YmFmZDgxZmQwMzkyMjExZGQzN2VlMGJiZmEwZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqOEBRgrn7Vft70o/oXvTtFHa4uI gbXHrF2v/CVdHeUDm8ZLegXeYxfC57Zi5dS8mcluNivjx8uByMS6iw0GZ1sprB4W KDuPk3EpighVMaJEEuFLE5dxF3q7OfT9ObStN7wT3gB8ElFoG2McSeDAfHhUTP+D 8iXr+h36/pYUYF3Hmh/QpWKBCGWQslZcDLPreTty20TMwyP7HjTMhZeab0uZYW9s NThtV4R6lCEoNIMnVhlQbBvEpNacwktftPrbWTPxpq1V4fo+I8QrtfbXA4pnKjBQ AXu1RtIhudHsNTSUWNwGfZWcVQgYfefPVNghcBOd3ndyRho3iiyC2Z+vCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD0zFY9Wuv2B/QOSIR3TfuC7+g1nMB8GA1UdIwQY MBaAFNIaWUByKyB7KdlabIG+DSv01BDMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81NjQzM2EtMGE3MC00ZWFlLTlmOWQt OGNmYmRiNzk5Mjg0LzEvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC81NjQzM2EtMGE3MC00ZWFlLTlmOWQtOGNmYmRiNzk5Mjg0 LzEvMGhwWlFISXJJSHNwMlZwc2diNE5LX1RVRU13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAik2N/V+v 0yoKCxigX5/ttCI5uRVMHQmWY7u8kwBfYihWwtWW2TqYhKnzw9WJQ1l10t86JyiY ipZiE+3QGpWy5av8kWY92j2P4zEOpKbZwYOi5jWR5wyL7avBkOGHr+AMg2lGHfEN YibCGLhEV7l5RCqcXA0vQ7IdOyadCBZqmt4orpV3gEKtaV9/ucGLRmo6V5jbE+wf KCY3wdNfbGjJSK1ZyHYdZU18DBgvG2i54WpEqAUF9RHP3chIC++lTiwZv5TD2Qbc XWcgjU1qO31n7JAlycPCch8I1f7cIoTLvWL8ffUxWBmESSX5Xy88fVLCzFeaKw8Z WbUhZjKpO7n0ig== -----END CERTIFICATE-----Generated at Sat Dec 20 07:35:41 2025 by rpki-client