This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft File: Hrq0DWCBM83fdsO1pvgV34H7x90.mft (raw, json) Hash identifier: 9AIlxD1FcefhqtgKP03SljB58Play0ZPpMhRu1cMo1w= Subject key identifier: EA:0D:5D:FB:1A:FA:B9:85:C2:A5:D8:9A:51:D1:0C:B6:6A:F8:76:A6 Authority key identifier: 1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD Certificate issuer: /CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd Certificate serial: 019B40FFDA5816B3C504EA55D8DE47E2D8D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft Manifest number: 02D5 Signing time: Sun 21 Dec 2025 13:01:07 +0000 Manifest this update: Sun 21 Dec 2025 13:01:07 +0000 Manifest next update: Mon 22 Dec 2025 13:01:07 +0000 Files and hashes: 1: Hrq0DWCBM83fdsO1pvgV34H7x90.crl (hash: juVrBm4A+XxD+m+U4BrWQsvZKHyS6kWqbObxMhSZ9Go=) 2: dOirMHERf2S7XaVhDBj8pRwQyLU.roa (hash: RUHnPEXdDgz2x6FeuZ8yiEPV6rqAxw/OAxkwBlLK73U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:ff:da:58:16:b3:c5:04:ea:55:d8:de:47:e2:d8:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ebab40d608133cddf76c3b5a6f815df81fbc7dd Validity Not Before: Dec 21 13:01:07 2025 GMT Not After : Dec 22 13:01:07 2025 GMT Subject: CN=ea0d5dfb1afab985c2a5d89a51d10cb66af876a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:0f:e9:ca:68:be:e2:1d:7c:1e:f7:14:03:fc: 29:12:5b:7b:1b:45:b1:78:c1:a5:8d:74:c6:5c:9c: 9e:b4:70:0d:75:eb:ca:bc:ca:c3:98:57:76:28:23: f6:63:80:bb:38:c3:c5:23:d4:e3:0f:1d:ec:5f:12: 44:67:68:c8:98:dc:fa:bb:9d:81:9e:2c:07:cd:0b: fc:ea:c7:30:8b:a0:36:e8:28:22:d3:0f:dd:f3:8a: b2:62:62:02:3f:88:d4:29:f7:6b:d3:4b:e7:b3:e4: b1:e8:c2:b7:06:f3:e6:eb:9a:9f:2f:d0:43:7a:1f: d2:f9:41:20:e0:d1:1e:71:c4:c9:a5:a6:6c:40:b4: 94:8f:71:74:c2:9e:70:db:dc:b1:b5:c5:9d:35:28: 50:b1:18:e6:d2:df:8a:3b:60:d2:d6:e0:d2:0b:01: 68:ed:c4:6f:44:78:2f:cb:30:fe:0d:c5:92:d0:c0: 53:a0:d6:14:86:49:65:79:6d:ce:5a:6e:dc:8e:e0: 3e:49:ce:ba:f1:74:7c:b9:42:b5:c4:fe:6e:88:d3: c8:8e:66:d4:08:ab:ab:be:ac:98:2d:c3:66:c8:97: 94:05:5f:70:6e:a8:60:ec:36:78:2b:6a:39:cf:62: ac:a4:f4:33:ce:fc:ac:89:5b:e2:56:09:9a:65:8b: 5a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:0D:5D:FB:1A:FA:B9:85:C2:A5:D8:9A:51:D1:0C:B6:6A:F8:76:A6 X509v3 Authority Key Identifier: keyid:1E:BA:B4:0D:60:81:33:CD:DF:76:C3:B5:A6:F8:15:DF:81:FB:C7:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hrq0DWCBM83fdsO1pvgV34H7x90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/2b26af-e754-4080-9ec9-59f0f10b1d29/1/Hrq0DWCBM83fdsO1pvgV34H7x90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:08:e6:bc:7d:c1:74:49:db:35:2f:2d:a5:24:8e:c4:ed:b0: 6f:cb:3d:3f:20:6a:0c:75:af:57:56:cf:e6:01:ce:e8:7f:fa: af:cd:6e:d1:1e:e2:0a:45:2b:10:7d:9a:f3:44:f3:03:13:1b: b0:5e:fe:ad:a0:3a:cc:88:e5:f5:eb:4a:cb:c9:9d:26:60:ca: 9d:b9:84:db:79:4d:ed:28:6d:49:08:7c:e0:0b:4c:6b:86:c3: ad:1d:84:db:30:34:c7:aa:a7:8f:dc:59:03:a5:b8:25:28:8d: 8f:de:62:ad:ce:96:60:cc:40:0d:fd:f3:4e:e3:ac:c7:83:39: 67:b9:1d:50:7d:98:c2:e3:74:2f:10:97:c4:00:b5:34:c0:99: f2:ec:80:d4:b4:1b:8f:89:35:78:7a:b5:fa:c3:5c:cb:cb:d6: 59:e8:99:fc:78:70:e6:d6:29:45:6f:bd:b1:55:d5:77:8d:a4: 0e:c0:07:49:2a:d1:48:38:f6:2f:bf:8a:86:fe:45:5e:9d:f5: a6:89:8a:56:d2:86:e8:10:a0:f9:17:11:e9:e6:f9:3a:9f:f0: 95:4c:a7:61:fd:bc:36:fd:4c:bc:a5:1e:f7:d2:48:87:03:71: 77:e2:54:95:52:ab:b4:c5:34:03:4a:47:d1:ae:39:ed:5d:fe: aa:89:99:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtA/9pYFrPFBOpV2N5H4tjSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYmFiNDBkNjA4MTMzY2RkZjc2YzNiNWE2ZjgxNWRmODFm YmM3ZGQwHhcNMjUxMjIxMTMwMTA3WhcNMjUxMjIyMTMwMTA3WjAzMTEwLwYDVQQD EyhlYTBkNWRmYjFhZmFiOTg1YzJhNWQ4OWE1MWQxMGNiNjZhZjg3NmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Q/pymi+4h18HvcUA/wpElt7G0Wx eMGljXTGXJyetHANdevKvMrDmFd2KCP2Y4C7OMPFI9TjDx3sXxJEZ2jImNz6u52B niwHzQv86scwi6A26Cgi0w/d84qyYmICP4jUKfdr00vns+Sx6MK3BvPm65qfL9BD eh/S+UEg4NEeccTJpaZsQLSUj3F0wp5w29yxtcWdNShQsRjm0t+KO2DS1uDSCwFo 7cRvRHgvyzD+DcWS0MBToNYUhklleW3OWm7cjuA+Sc668XR8uUK1xP5uiNPIjmbU CKurvqyYLcNmyJeUBV9wbqhg7DZ4K2o5z2KspPQzzvysiVviVgmaZYta6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOoNXfsa+rmFwqXYmlHRDLZq+HamMB8GA1UdIwQY MBaAFB66tA1ggTPN33bDtab4Fd+B+8fdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzkt NTlmMGYxMGIxZDI5LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yYjI2YWYtZTc1NC00MDgwLTllYzktNTlmMGYxMGIxZDI5 LzEvSHJxMERXQ0JNODNmZHNPMXB2Z1YzNEg3eDkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANAjmvH3B dEnbNS8tpSSOxO2wb8s9PyBqDHWvV1bP5gHO6H/6r81u0R7iCkUrEH2a80TzAxMb sF7+raA6zIjl9etKy8mdJmDKnbmE23lN7ShtSQh84AtMa4bDrR2E2zA0x6qnj9xZ A6W4JSiNj95irc6WYMxADf3zTuOsx4M5Z7kdUH2YwuN0LxCXxAC1NMCZ8uyA1LQb j4k1eHq1+sNcy8vWWeiZ/Hhw5tYpRW+9sVXVd42kDsAHSSrRSDj2L7+Khv5FXp31 pomKVtKG6BCg+RcR6eb5Op/wlUynYf28Nv1MvKUe99JIhwNxd+JUlVKrtMU0A0pH 0a457V3+qomZ6w== -----END CERTIFICATE-----Generated at Sun Dec 21 19:23:38 2025 by rpki-client