This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft File: IHeZAnMp8iaCdkVzryEV2pWp9r8.mft (raw, json) Hash identifier: BnLQzndTX3p4z1Wkfnf8LBxCCGYe+qxFSIopiHpG6jw= Subject key identifier: 4F:15:E2:00:00:B4:43:AC:1D:58:72:65:C2:4B:62:6E:91:E0:08:68 Authority key identifier: 20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF Certificate issuer: /CN=207799027329f22682764573af2115da95a9f6bf Certificate serial: 019B32D7EFFFB7063A43EEFA6847D1DD6722 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft Manifest number: 1082 Signing time: Thu 18 Dec 2025 19:02:50 +0000 Manifest this update: Thu 18 Dec 2025 19:02:50 +0000 Manifest next update: Fri 19 Dec 2025 19:02:50 +0000 Files and hashes: 1: 8EaewYTyFly5jEaj4gZEqMNcVMk.roa (hash: gqxj+841N8d9uy4L59oEcZudU4ge+IzVBr1jzF4wgjc=) 2: IHeZAnMp8iaCdkVzryEV2pWp9r8.crl (hash: BShWPqNIJZwGNRUkeL915IQK7uAqcFotqHVKjkMQWWk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:ef:ff:b7:06:3a:43:ee:fa:68:47:d1:dd:67:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=207799027329f22682764573af2115da95a9f6bf Validity Not Before: Dec 18 19:02:50 2025 GMT Not After : Dec 19 19:02:50 2025 GMT Subject: CN=4f15e20000b443ac1d587265c24b626e91e00868 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:34:bd:3f:a6:c2:1b:5c:41:a4:bc:f0:fb:fd: 5f:ad:b8:cb:53:00:6d:f1:1a:a1:82:1f:24:ed:04: e3:3d:1e:d0:7d:a7:2a:49:55:50:55:65:d4:95:37: 40:c5:21:bf:c0:86:cf:71:bc:74:ff:ff:ae:d8:9c: 16:33:86:10:ae:32:eb:c0:fa:a5:65:49:d2:54:ff: 74:d6:a6:2c:95:8e:63:3b:34:38:e4:f3:93:cd:05: 74:29:6a:20:76:fc:2d:5b:a8:ae:c1:2e:aa:90:25: 05:30:e5:f0:5c:03:ff:24:ab:d1:71:b3:b0:a8:44: 4f:88:6b:d9:1f:b0:02:82:9f:bd:fc:23:20:bb:d3: 46:3f:3e:86:c6:18:f9:41:54:14:d1:13:72:df:af: 57:e2:f8:82:2b:5d:a2:9c:0c:b3:a7:f5:ff:01:ba: ca:1a:6c:fb:29:a6:92:a1:32:f1:cf:84:6f:56:18: fc:03:54:be:c0:53:b2:e1:c3:a2:79:ee:b6:8d:25: 68:cf:45:9a:2e:4e:2f:67:4e:a3:bd:e7:ae:0c:31: 34:e3:2b:ad:cf:ca:ec:9e:80:82:c8:73:eb:30:56: f1:ae:fe:82:3d:fd:57:bc:88:1d:a9:34:95:01:72: c5:69:8e:71:bf:ff:06:7d:19:43:e2:8d:00:60:e1: 6d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:15:E2:00:00:B4:43:AC:1D:58:72:65:C2:4B:62:6E:91:E0:08:68 X509v3 Authority Key Identifier: keyid:20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:07:44:9e:39:6a:44:0c:b7:96:0c:db:1e:d5:d9:23:d2:31: 2f:6e:f4:1c:13:55:6b:90:8a:b8:73:23:8e:ee:f7:2b:63:9e: 42:54:e9:8a:56:5b:d3:a3:3b:c2:94:eb:5a:0e:88:2a:3f:91: 34:4d:82:4a:71:9a:b9:35:62:31:35:72:56:84:02:b2:3e:d0: 06:3e:ed:41:21:6c:90:b4:4f:4a:dd:1b:b7:ab:22:ca:68:49: f5:a9:0c:c6:1c:1d:20:ed:c9:4d:3a:82:6c:3d:e7:08:84:3a: 70:5f:eb:23:7e:4d:51:4d:38:d6:7a:3c:b9:51:ab:55:b1:ec: 86:01:b5:b8:0a:cc:c1:05:ec:a0:ef:8f:0a:6d:52:ca:fd:72: 4d:80:ae:bc:d4:00:cb:13:c2:cf:6d:31:13:5d:9c:7d:7d:8f: 61:0c:a8:91:ef:44:40:75:50:97:8d:c3:af:8d:47:24:ce:f1: 2b:f0:f9:ef:b8:f8:8b:a0:98:fa:5c:16:6d:2a:0f:5a:36:95: 66:15:6d:32:79:27:35:1a:b9:d7:9a:11:9f:b9:11:c3:57:7d: 92:97:68:e6:e1:89:48:a2:44:50:f8:1e:f9:63:39:a2:92:4d: e3:89:06:1b:31:c3:52:8e:8a:24:e3:4a:e2:ea:b9:98:1b:86: e6:43:a1:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1+//twY6Q+76aEfR3WciMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwNzc5OTAyNzMyOWYyMjY4Mjc2NDU3M2FmMjExNWRhOTVh OWY2YmYwHhcNMjUxMjE4MTkwMjUwWhcNMjUxMjE5MTkwMjUwWjAzMTEwLwYDVQQD Eyg0ZjE1ZTIwMDAwYjQ0M2FjMWQ1ODcyNjVjMjRiNjI2ZTkxZTAwODY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTS9P6bCG1xBpLzw+/1frbjLUwBt 8Rqhgh8k7QTjPR7QfacqSVVQVWXUlTdAxSG/wIbPcbx0//+u2JwWM4YQrjLrwPql ZUnSVP901qYslY5jOzQ45POTzQV0KWogdvwtW6iuwS6qkCUFMOXwXAP/JKvRcbOw qERPiGvZH7ACgp+9/CMgu9NGPz6Gxhj5QVQU0RNy369X4viCK12inAyzp/X/AbrK Gmz7KaaSoTLxz4RvVhj8A1S+wFOy4cOiee62jSVoz0WaLk4vZ06jveeuDDE04yut z8rsnoCCyHPrMFbxrv6CPf1XvIgdqTSVAXLFaY5xv/8GfRlD4o0AYOFtdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE8V4gAAtEOsHVhyZcJLYm6R4AhoMB8GA1UdIwQY MBaAFCB3mQJzKfImgnZFc68hFdqVqfa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTkt OThjYmE4ZmYyY2EzLzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTktOThjYmE4ZmYyY2Ez LzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcwdEnjlq RAy3lgzbHtXZI9IxL270HBNVa5CKuHMjju73K2OeQlTpilZb06M7wpTrWg6IKj+R NE2CSnGauTViMTVyVoQCsj7QBj7tQSFskLRPSt0bt6siymhJ9akMxhwdIO3JTTqC bD3nCIQ6cF/rI35NUU041no8uVGrVbHshgG1uArMwQXsoO+PCm1Syv1yTYCuvNQA yxPCz20xE12cfX2PYQyoke9EQHVQl43Dr41HJM7xK/D577j4i6CY+lwWbSoPWjaV ZhVtMnknNRq515oRn7kRw1d9kpdo5uGJSKJEUPge+WM5opJN44kGGzHDUo6KJONK 4uq5mBuG5kOhnQ== -----END CERTIFICATE-----Generated at Fri Dec 19 03:18:11 2025 by rpki-client