This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft File: Hrq0DWCBM83fdsO1pvgV34H7x90.mft (raw, json) Hash identifier: Gk+rkC13o63UX36nYAOy43gj3CjdY8sseRFhU7NDmgA= Subject key identifier: 03:4F:CD:B0:15:A9:04:79:8B:C4:DF:91:55:9B:D8:17:86:90:AB:17 Authority key identifier: 1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD Certificate issuer: /CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd Certificate serial: 019B1C4E8DC7092BF2446534E00F9F58AFA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft Manifest number: 02C2 Signing time: Sun 14 Dec 2025 10:01:08 +0000 Manifest this update: Sun 14 Dec 2025 10:01:08 +0000 Manifest next update: Mon 15 Dec 2025 10:01:08 +0000 Files and hashes: 1: Hrq0DWCBM83fdsO1pvgV34H7x90.crl (hash: lXLQMiAQ2eWpvBlerA5VYgcnLc+xL3fPfCBFHIH3cSk=) 2: dOirMHERf2S7XaVhDBj8pRwQyLU.roa (hash: RUHnPEXdDgz2x6FeuZ8yiEPV6rqAxw/OAxkwBlLK73U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 10:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1c:4e:8d:c7:09:2b:f2:44:65:34:e0:0f:9f:58:af:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd Validity Not Before: Dec 14 10:01:08 2025 GMT Not After : Dec 15 10:01:08 2025 GMT Subject: CN=034fcdb015a904798bc4df91559bd8178690ab17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:25:79:d5:d2:4f:90:ef:6b:55:6a:cd:66:f7: 91:f1:c4:01:e4:b1:92:a2:53:92:b5:12:ff:25:92: b5:66:eb:be:53:7c:c1:84:df:b6:17:4b:f4:19:fc: 1e:9e:44:bc:09:a3:cf:f8:fe:da:3b:ad:5b:64:4d: 66:d6:ee:be:d9:cb:ca:77:b8:be:d2:1e:91:1f:c2: af:68:52:8d:f1:a6:53:69:36:88:9a:cb:9e:6a:35: 23:69:b8:6b:61:61:b0:b9:7e:f6:92:ab:47:1f:94: 31:ef:db:4f:d9:12:1f:b2:ef:36:cd:b3:f3:d6:94: a5:4f:90:e0:bd:9d:ad:a4:7e:cd:82:01:d5:c7:a9: 2a:46:5a:7b:2a:ed:e3:99:75:a0:8e:b7:c4:26:e8: 01:96:e7:5e:3d:5d:90:3d:29:7b:b1:77:4d:8b:d0: 0b:d8:1a:56:66:8f:76:fe:3f:3f:64:ac:56:e7:fd: a9:61:cf:69:e3:41:94:37:e8:52:40:7f:6a:3b:a8: ad:b1:c8:ec:22:9a:e6:76:b4:20:bc:4f:64:03:6e: c4:1e:52:1e:ff:f1:b8:16:e0:32:9a:45:44:d5:c2: d9:6c:24:e4:00:81:d0:c7:d1:30:a4:5a:a5:a5:77: c9:a6:17:df:7f:c5:fa:8a:f0:30:09:c3:22:78:e6: c9:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:4F:CD:B0:15:A9:04:79:8B:C4:DF:91:55:9B:D8:17:86:90:AB:17 X509v3 Authority Key Identifier: keyid:1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:c4:13:c6:0c:06:18:f8:fa:0e:41:e8:94:95:74:5a:24:93: ce:8f:8a:ea:36:b0:78:e5:32:7e:f7:6a:87:1c:bb:f2:be:39: 37:f1:1c:9c:dc:6b:42:05:4d:da:23:6c:f4:48:bb:cd:91:2c: 9c:ed:04:01:06:23:29:86:65:fa:a0:99:97:63:7e:61:c8:a7: 78:a5:f9:15:3a:1a:c4:99:0f:aa:de:cd:38:0a:b3:85:d9:e1: 3e:1e:04:ce:09:b3:c3:b9:ab:b1:0b:ff:f4:bc:73:32:98:36: a4:e7:7b:64:ce:8c:9a:0e:34:8c:64:c9:c4:33:84:e9:1e:4e: 03:bd:bf:f5:64:01:0d:0f:94:37:82:7f:96:0a:bc:4f:9f:1e: a7:c7:74:ce:df:7b:0d:00:01:a4:23:3a:2d:bd:b1:6b:5c:00: 5a:a5:31:a1:82:87:52:fe:78:f8:53:ef:50:2e:df:91:ba:f9: fa:bc:b8:08:10:10:d4:a0:eb:af:10:bb:22:f1:ee:5b:93:e6: 8e:4e:59:85:86:53:83:ff:e7:44:59:16:0f:97:97:3b:39:06: 50:42:0c:12:31:fe:c0:e9:8f:58:fd:9c:44:b1:94:73:bb:5d: 31:5a:f1:82:74:5a:49:ea:3c:08:0e:fc:0c:cc:51:99:7c:6f: 2c:2e:40:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZscTo3HCSvyRGU04A+fWK+lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYmFiNDBkNjA4MTMzY2RkZjc2YzNiNWE2ZjgxNWRmODFm YmM3ZGQwHhcNMjUxMjE0MTAwMTA4WhcNMjUxMjE1MTAwMTA4WjAzMTEwLwYDVQQD EygwMzRmY2RiMDE1YTkwNDc5OGJjNGRmOTE1NTliZDgxNzg2OTBhYjE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCV51dJPkO9rVWrNZveR8cQB5LGS olOStRL/JZK1Zuu+U3zBhN+2F0v0GfwenkS8CaPP+P7aO61bZE1m1u6+2cvKd7i+ 0h6RH8KvaFKN8aZTaTaImsueajUjabhrYWGwuX72kqtHH5Qx79tP2RIfsu82zbPz 1pSlT5DgvZ2tpH7NggHVx6kqRlp7Ku3jmXWgjrfEJugBludePV2QPSl7sXdNi9AL 2BpWZo92/j8/ZKxW5/2pYc9p40GUN+hSQH9qO6itscjsIprmdrQgvE9kA27EHlIe //G4FuAymkVE1cLZbCTkAIHQx9EwpFqlpXfJphfff8X6ivAwCcMieObJtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFANPzbAVqQR5i8TfkVWb2BeGkKsXMB8GA1UdIwQY MBaAFB66tA1ggTPN33bDtab4Fd+B+8fdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzkt NTlmMGYxMGIxZDI5LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzktNTlmMGYxMGIxZDI5 LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqsQTxgwG GPj6DkHolJV0WiSTzo+K6jaweOUyfvdqhxy78r45N/EcnNxrQgVN2iNs9Ei7zZEs nO0EAQYjKYZl+qCZl2N+YcineKX5FToaxJkPqt7NOAqzhdnhPh4Ezgmzw7mrsQv/ 9LxzMpg2pOd7ZM6Mmg40jGTJxDOE6R5OA72/9WQBDQ+UN4J/lgq8T58ep8d0zt97 DQABpCM6Lb2xa1wAWqUxoYKHUv54+FPvUC7fkbr5+ry4CBAQ1KDrrxC7IvHuW5Pm jk5ZhYZTg//nRFkWD5eXOzkGUEIMEjH+wOmPWP2cRLGUc7tdMVrxgnRaSeo8CA78 DMxRmXxvLC5AMg== -----END CERTIFICATE-----Generated at Sun Dec 14 19:15:36 2025 by rpki-client