This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json) Hash identifier: 9cVHHhzPZQXE7QbAg71K4ZEpTWwlq84nZ62RMdLgHnE= Subject key identifier: 2A:32:AF:83:C6:2C:CC:54:38:59:3D:4F:2C:77:90:0E:B9:39:55:9B Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Certificate serial: 019B2362EA98A9E0E37263A08D0B191CC66B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft Manifest number: 0A71 Signing time: Mon 15 Dec 2025 19:00:43 +0000 Manifest this update: Mon 15 Dec 2025 19:00:43 +0000 Manifest next update: Tue 16 Dec 2025 19:00:43 +0000 Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=) 2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: NZBQAzfOf0/fofir8ZbDaPk59KmP260eVGPj5cH9Wps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 19:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:62:ea:98:a9:e0:e3:72:63:a0:8d:0b:19:1c:c6:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Validity Not Before: Dec 15 19:00:43 2025 GMT Not After : Dec 16 19:00:43 2025 GMT Subject: CN=2a32af83c62ccc5438593d4f2c77900eb939559b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:3d:94:dc:db:53:8f:42:15:d1:12:15:e6:c4: 0a:e3:39:9c:cc:42:21:36:db:c6:1a:5e:10:37:76: 70:47:03:62:d4:5a:67:33:65:b7:fa:01:bf:ca:fa: 57:4a:c4:d6:12:e3:d8:90:5c:21:6a:6b:8c:a2:05: c1:75:57:40:75:19:c2:8d:77:c3:8f:b1:f9:4c:32: 10:d1:ee:52:23:62:d5:04:e8:0c:42:4e:1f:74:8f: cc:31:7b:81:74:a2:06:39:df:e0:99:04:4d:cf:8f: fb:36:a8:2d:13:78:16:59:20:89:c6:fd:62:2f:3a: 0e:f6:c2:25:f8:79:1f:8e:d6:25:c4:7f:87:b2:86: b4:a5:c0:b3:3f:b8:36:66:05:08:f8:84:53:3c:43: c5:79:e3:4f:a5:60:9a:45:26:dc:bd:6c:69:19:ae: 04:e5:03:3d:f7:ad:da:5f:d2:47:c4:39:e9:1c:31: 59:7c:57:f8:1d:be:7d:4a:df:99:39:66:2e:f8:dd: d2:03:9b:6c:11:c7:90:fc:70:ef:67:df:4c:a7:74: ef:26:72:26:60:b3:76:55:b2:52:e2:c8:03:a9:4c: 1e:3f:a7:27:07:d6:fa:1e:6d:4a:79:91:24:b7:b2: 90:22:3e:6a:fa:da:6c:2d:61:fd:c9:3f:0d:15:0b: f6:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:32:AF:83:C6:2C:CC:54:38:59:3D:4F:2C:77:90:0E:B9:39:55:9B X509v3 Authority Key Identifier: keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:41:43:ea:13:00:65:af:2e:4e:fa:f6:41:60:96:93:78:d2: 85:74:7d:61:e4:0e:3f:e6:64:5d:8b:e8:92:37:3d:3f:17:98: c8:a1:e3:c1:a9:b2:96:bf:2d:45:e3:35:c8:f0:4e:db:00:6a: c6:69:ab:b2:36:a3:70:c2:77:f8:16:ae:a3:16:68:2b:93:1c: 25:84:38:8d:19:2c:5a:6f:1b:74:11:7b:78:30:ea:9a:5b:f1: e6:8a:e2:80:e1:e1:00:9b:1c:c5:25:f6:64:13:36:b9:6d:08: 13:66:87:6d:43:85:5a:4d:a4:b5:da:24:bd:70:5b:79:46:04: 67:68:99:f1:78:61:f4:0d:82:44:f5:7e:ec:c9:2a:72:b7:63: 77:82:98:58:69:96:bb:55:d3:e7:cf:81:5d:fc:38:22:8d:ce: e9:1e:05:49:5b:51:b4:35:49:d7:15:dd:81:75:27:1d:34:d2: 73:9e:14:0d:85:17:18:23:fd:5d:fb:6a:0a:e4:b5:49:39:c6: ee:8b:e1:aa:ab:51:27:3e:f9:ce:e4:7d:90:85:9e:03:55:b4: 61:95:98:ef:17:00:66:c9:2b:d0:9c:f0:18:8b:96:8b:e5:66: cc:50:89:65:06:e6:3b:a9:31:ae:a7:6e:0d:ec:e0:48:a4:17: 0c:00:38:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsjYuqYqeDjcmOgjQsZHMZrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5 MWMxMzgwHhcNMjUxMjE1MTkwMDQzWhcNMjUxMjE2MTkwMDQzWjAzMTEwLwYDVQQD EygyYTMyYWY4M2M2MmNjYzU0Mzg1OTNkNGYyYzc3OTAwZWI5Mzk1NTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj2U3NtTj0IV0RIV5sQK4zmczEIh NtvGGl4QN3ZwRwNi1FpnM2W3+gG/yvpXSsTWEuPYkFwhamuMogXBdVdAdRnCjXfD j7H5TDIQ0e5SI2LVBOgMQk4fdI/MMXuBdKIGOd/gmQRNz4/7NqgtE3gWWSCJxv1i LzoO9sIl+HkfjtYlxH+Hsoa0pcCzP7g2ZgUI+IRTPEPFeeNPpWCaRSbcvWxpGa4E 5QM9963aX9JHxDnpHDFZfFf4Hb59St+ZOWYu+N3SA5tsEceQ/HDvZ99Mp3TvJnIm YLN2VbJS4sgDqUweP6cnB9b6Hm1KeZEkt7KQIj5q+tpsLWH9yT8NFQv2YwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCoyr4PGLMxUOFk9Tyx3kA65OVWbMB8GA1UdIwQY MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4 LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqEFD6hMA Za8uTvr2QWCWk3jShXR9YeQOP+ZkXYvokjc9PxeYyKHjwamylr8tReM1yPBO2wBq xmmrsjajcMJ3+BauoxZoK5McJYQ4jRksWm8bdBF7eDDqmlvx5origOHhAJscxSX2 ZBM2uW0IE2aHbUOFWk2ktdokvXBbeUYEZ2iZ8Xhh9A2CRPV+7Mkqcrdjd4KYWGmW u1XT58+BXfw4Io3O6R4FSVtRtDVJ1xXdgXUnHTTSc54UDYUXGCP9XftqCuS1STnG 7ovhqqtRJz75zuR9kIWeA1W0YZWY7xcAZskr0JzwGIuWi+VmzFCJZQbmO6kxrqdu DezgSKQXDAA4HA== -----END CERTIFICATE-----Generated at Tue Dec 16 04:04:54 2025 by rpki-client