This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft File: ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json) Hash identifier: XWOarehPQxOGs/2Ii2cocXofwU5huZ7qlBgIInZsauw= Subject key identifier: B5:F1:42:5B:28:E1:2D:AB:EF:15:49:53:92:5D:DF:E4:9F:0A:96:C8 Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44 Certificate issuer: /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644 Certificate serial: 019B48144E6FA8AD931F88B7166C32B4F339 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft Manifest number: 0B4C Signing time: Mon 22 Dec 2025 22:00:48 +0000 Manifest this update: Mon 22 Dec 2025 22:00:48 +0000 Manifest next update: Tue 23 Dec 2025 22:00:48 +0000 Files and hashes: 1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: SrMelH9p6qUBWHoBLffpel01pQbUiWC5UAh/Wv+gOtE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:4e:6f:a8:ad:93:1f:88:b7:16:6c:32:b4:f3:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644 Validity Not Before: Dec 22 22:00:48 2025 GMT Not After : Dec 23 22:00:48 2025 GMT Subject: CN=b5f1425b28e12dabef154953925ddfe49f0a96c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c1:e7:33:b6:7f:1d:e7:d0:9b:56:b7:a2:8f: 0a:2b:e7:36:5c:be:82:a5:98:dc:62:24:a7:d4:82: a4:d5:6f:d7:d4:c2:b7:61:0a:2e:5a:2c:e2:06:19: 08:c0:0d:37:2d:03:32:f5:a0:b8:fd:ef:4b:0e:e0: 07:57:4d:1b:88:6e:13:89:b4:12:4f:48:25:f6:76: 6d:08:81:d6:3a:48:d2:0f:04:2a:55:ba:b1:48:a4: a0:fa:35:36:8f:e1:f4:0f:fc:95:e9:88:51:70:12: b5:a4:da:fc:78:10:34:54:92:14:e6:4f:bb:07:45: c1:cf:45:87:ac:9c:cc:4e:d9:7c:12:a9:20:f9:70: b8:7e:42:9d:7a:7a:a2:99:66:9e:89:01:80:be:62: 2b:84:3c:c6:a4:16:e8:b6:30:ff:3f:f0:43:c1:ba: 0c:22:3d:cc:56:81:85:c8:dc:1b:d1:bc:d0:b1:68: 62:fd:9a:4c:fb:55:50:9f:45:b8:2c:ad:34:a5:02: fd:fb:38:90:1a:db:1c:be:ab:27:c8:9d:0d:c2:e0: 85:96:4d:b5:c0:70:4d:71:c4:4a:07:40:e1:ee:5f: 3e:fc:00:9e:4a:3a:9f:5d:49:c8:9f:1a:e7:02:f9: 43:e4:f4:7c:05:31:dd:e8:f2:64:79:08:45:ef:ca: 6c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:F1:42:5B:28:E1:2D:AB:EF:15:49:53:92:5D:DF:E4:9F:0A:96:C8 X509v3 Authority Key Identifier: keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:30:c8:87:cf:e0:9f:89:de:b0:14:8f:f0:7b:36:89:32:5a: 0c:93:75:90:71:45:65:1f:33:81:44:32:8d:ad:58:07:66:b1: 89:76:26:35:00:e8:2e:fe:54:f3:2c:1a:e1:47:4b:8e:43:47: e1:fd:5c:2d:11:36:b8:0a:a2:0c:37:6f:25:11:37:78:1f:62: 9f:56:08:75:75:9d:78:33:8a:9d:1a:c2:c1:b7:6b:2d:62:9d: a9:4b:39:19:a0:9d:da:8a:8a:78:96:27:88:27:83:b7:12:6a: 1b:09:3b:72:53:f7:f6:7d:f3:8d:5c:6a:35:ca:3e:d6:12:e5: 6b:b7:8e:74:d9:16:bb:0c:73:d0:78:e5:80:dd:85:f6:24:9c: 10:44:30:5b:82:47:1a:52:e6:60:2f:19:af:da:26:c0:3a:fc: 43:d6:9e:38:c8:21:a0:39:04:a5:dc:6f:86:fc:3b:7f:7f:d9: 09:8c:0e:46:aa:a4:53:39:f5:a4:cf:18:5d:be:6f:86:0f:d5: c9:bf:42:6f:58:80:ec:cf:5a:d5:03:27:28:26:d6:4e:a6:a7: 0a:29:77:89:bf:71:38:76:cc:be:6f:75:4b:cd:98:97:e4:07: fb:89:61:ca:b9:f0:ef:8a:48:cb:5b:e6:75:6b:4f:ac:57:ff: 03:6e:4c:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFE5vqK2TH4i3FmwytPM5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm YWU2NDQwHhcNMjUxMjIyMjIwMDQ4WhcNMjUxMjIzMjIwMDQ4WjAzMTEwLwYDVQQD EyhiNWYxNDI1YjI4ZTEyZGFiZWYxNTQ5NTM5MjVkZGZlNDlmMGE5NmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8HnM7Z/HefQm1a3oo8KK+c2XL6C pZjcYiSn1IKk1W/X1MK3YQouWiziBhkIwA03LQMy9aC4/e9LDuAHV00biG4TibQS T0gl9nZtCIHWOkjSDwQqVbqxSKSg+jU2j+H0D/yV6YhRcBK1pNr8eBA0VJIU5k+7 B0XBz0WHrJzMTtl8Eqkg+XC4fkKdenqimWaeiQGAvmIrhDzGpBbotjD/P/BDwboM Ij3MVoGFyNwb0bzQsWhi/ZpM+1VQn0W4LK00pQL9+ziQGtscvqsnyJ0NwuCFlk21 wHBNccRKB0Dh7l8+/ACeSjqfXUnInxrnAvlD5PR8BTHd6PJkeQhF78ps9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLXxQlso4S2r7xVJU5Jd3+SfCpbIMB8GA1UdIwQY MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2 LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATjDIh8/g n4nesBSP8Hs2iTJaDJN1kHFFZR8zgUQyja1YB2axiXYmNQDoLv5U8ywa4UdLjkNH 4f1cLRE2uAqiDDdvJRE3eB9in1YIdXWdeDOKnRrCwbdrLWKdqUs5GaCd2oqKeJYn iCeDtxJqGwk7clP39n3zjVxqNco+1hLla7eOdNkWuwxz0HjlgN2F9iScEEQwW4JH GlLmYC8Zr9omwDr8Q9aeOMghoDkEpdxvhvw7f3/ZCYwORqqkUzn1pM8YXb5vhg/V yb9Cb1iA7M9a1QMnKCbWTqanCil3ib9xOHbMvm91S82Yl+QH+4lhyrnw74pIy1vm dWtPrFf/A25M2Q== -----END CERTIFICATE-----Generated at Tue Dec 23 03:19:30 2025 by rpki-client