This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft File: hlEiwOVi5AeXaCPZThnip5T4y2I.mft (raw, json) Hash identifier: 2E7z8pnsCTFLkWPWgtr7Iulz9oZd/yjmP55G6pwiY2s= Subject key identifier: 48:09:F2:72:C9:CC:EA:0E:91:10:A8:21:36:D2:11:E6:6B:A8:17:8B Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62 Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62 Certificate serial: 019B3C1065D7F3AF9BCFFEA8B78F2719564F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft Manifest number: 1717 Signing time: Sat 20 Dec 2025 14:01:06 +0000 Manifest this update: Sat 20 Dec 2025 14:01:06 +0000 Manifest next update: Sun 21 Dec 2025 14:01:06 +0000 Files and hashes: 1: hlEiwOVi5AeXaCPZThnip5T4y2I.crl (hash: LIrtYaEOYlu9WEZfqzoH7Q/vzuX5tvLCntxJ7XiMj+s=) 2: w-uN_1VCR8_SOj5bY-QHNqktijQ.roa (hash: 0MkMfXtYvuQQQ2rI12rE9KqS+DI9qKcacxegwXpKbvg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:65:d7:f3:af:9b:cf:fe:a8:b7:8f:27:19:56:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62 Validity Not Before: Dec 20 14:01:06 2025 GMT Not After : Dec 21 14:01:06 2025 GMT Subject: CN=4809f272c9ccea0e9110a82136d211e66ba8178b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:7a:56:92:19:fc:3b:3e:35:a6:b3:45:21:9f: 82:41:93:d0:93:4d:a4:cc:82:79:bf:fd:4c:6a:b2: 41:27:06:78:64:44:3a:55:31:bf:e8:62:b2:60:4b: 73:a8:e7:fa:21:9d:ce:e5:28:1f:b5:a8:25:eb:65: 66:16:8c:3b:3e:6a:ab:c1:55:e7:31:05:5f:b7:26: cd:0c:94:ba:b0:15:26:1d:17:c2:58:df:c1:09:4e: 51:03:ce:9b:41:f8:28:5c:ac:c2:af:22:08:b1:eb: bb:b9:13:47:25:32:97:6b:95:64:72:bc:97:a8:09: 5f:1c:7f:d8:95:2a:91:18:da:2f:13:bd:89:66:b6: 9a:ee:0b:c3:03:90:2d:d7:14:76:92:78:68:e2:0f: 0b:2e:32:75:a8:e4:2c:40:9d:10:2e:cb:87:4a:60: 83:ab:74:33:95:eb:75:4b:45:1b:6e:d8:de:aa:58: 0a:45:64:b4:58:fe:d8:a0:5b:37:e3:54:34:2b:6f: 39:3f:23:03:43:b6:81:69:52:fe:95:68:fa:00:b9: f9:6f:89:a1:66:7c:60:f4:d4:ca:f9:15:cf:e2:eb: 79:80:90:6b:28:dc:07:50:fa:2e:a0:09:9e:29:b8: 52:b0:4b:92:ba:3c:95:d8:84:0f:35:89:8c:8a:61: c9:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:09:F2:72:C9:CC:EA:0E:91:10:A8:21:36:D2:11:E6:6B:A8:17:8B X509v3 Authority Key Identifier: keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:9e:fe:12:ad:f6:b7:25:0a:11:5d:01:ac:2c:76:2e:b5:63: 6a:85:31:da:94:8f:ce:00:97:4a:a2:64:27:a9:92:15:ee:72: a8:ac:4f:c1:c5:a3:33:d9:74:06:3f:29:c1:91:d5:e8:15:8d: 80:38:60:fc:6c:2b:30:6e:75:cf:69:99:7c:b7:0c:33:66:0f: e7:ac:d8:7b:86:4b:f6:35:4e:81:41:3c:5e:c6:18:6c:3d:18: 23:9b:d9:16:bc:64:0d:9a:e3:a1:19:ec:00:81:8f:fe:2b:55: 9f:7a:32:cf:01:b6:7a:1f:f4:06:4c:d5:5e:ed:21:78:81:eb: d0:ab:c6:8e:10:fb:a5:32:f6:3d:8a:40:9a:d8:66:23:ee:b6: ce:a0:da:44:8d:e7:16:9e:b0:89:e3:c2:b2:13:96:ee:0d:dd: e7:4a:0f:47:7e:71:c6:bd:7b:68:a4:4f:5e:44:09:27:36:d2: a8:92:99:5c:dc:a8:8f:b5:11:3d:c2:d5:b1:7d:ee:29:6c:0d: d9:d2:f5:06:74:ad:f8:8e:b3:4a:a2:23:1f:18:fa:1e:5f:00: 18:b0:ee:17:7a:26:c7:0e:70:81:cb:5c:9d:b6:20:54:8f:b4: a3:3e:f3:22:c0:a5:49:18:bb:8c:b5:03:b0:67:07:fa:b2:e2: 16:86:77:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EGXX86+bz/6ot48nGVZPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NTEyMmMwZTU2MmU0MDc5NzY4MjNkOTRlMTllMmE3OTRm OGNiNjIwHhcNMjUxMjIwMTQwMTA2WhcNMjUxMjIxMTQwMTA2WjAzMTEwLwYDVQQD Eyg0ODA5ZjI3MmM5Y2NlYTBlOTExMGE4MjEzNmQyMTFlNjZiYTgxNzhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnpWkhn8Oz41prNFIZ+CQZPQk02k zIJ5v/1MarJBJwZ4ZEQ6VTG/6GKyYEtzqOf6IZ3O5Sgftagl62VmFow7PmqrwVXn MQVftybNDJS6sBUmHRfCWN/BCU5RA86bQfgoXKzCryIIseu7uRNHJTKXa5VkcryX qAlfHH/YlSqRGNovE72JZraa7gvDA5At1xR2knho4g8LLjJ1qOQsQJ0QLsuHSmCD q3Qzlet1S0UbbtjeqlgKRWS0WP7YoFs341Q0K285PyMDQ7aBaVL+lWj6ALn5b4mh Znxg9NTK+RXP4ut5gJBrKNwHUPouoAmeKbhSsEuSujyV2IQPNYmMimHJmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEgJ8nLJzOoOkRCoITbSEeZrqBeLMB8GA1UdIwQY MBaAFIZRIsDlYuQHl2gj2U4Z4qeU+MtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUt YjhkZDE4ZTQ4ZTg2LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUtYjhkZDE4ZTQ4ZTg2 LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZ7+Eq32 tyUKEV0BrCx2LrVjaoUx2pSPzgCXSqJkJ6mSFe5yqKxPwcWjM9l0Bj8pwZHV6BWN gDhg/GwrMG51z2mZfLcMM2YP56zYe4ZL9jVOgUE8XsYYbD0YI5vZFrxkDZrjoRns AIGP/itVn3oyzwG2eh/0BkzVXu0heIHr0KvGjhD7pTL2PYpAmthmI+62zqDaRI3n Fp6wiePCshOW7g3d50oPR35xxr17aKRPXkQJJzbSqJKZXNyoj7URPcLVsX3uKWwN 2dL1BnSt+I6zSqIjHxj6Hl8AGLDuF3omxw5wgctcnbYgVI+0oz7zIsClSRi7jLUD sGcH+rLiFoZ3/A== -----END CERTIFICATE-----Generated at Sat Dec 20 19:53:04 2025 by rpki-client