This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.mft File: hRwoH1drQ6HKuVPJIEHOlZknDHg.mft (raw, json) Hash identifier: 62aTzBS4Vy7D/urCig0tFslqLHDw2/uDeMSwqwpQFMc= Subject key identifier: 7C:0D:40:6B:7E:81:DC:18:33:BC:11:7A:4A:B5:0B:7A:05:7A:5B:95 Authority key identifier: 85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78 Certificate issuer: /CN=851c281f576b43a1cab953c92041ce9599270c78 Certificate serial: 019B16F0E90F7BB15C78BB3B4B558BC93BD8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.mft Manifest number: 15FB Signing time: Sat 13 Dec 2025 09:00:45 +0000 Manifest this update: Sat 13 Dec 2025 09:00:45 +0000 Manifest next update: Sun 14 Dec 2025 09:00:45 +0000 Files and hashes: 1: XhZd4AXcprYaSWJWAkCvII9n7bo.roa (hash: +WoaFZAXvgLhbONkinxfr9JdPcFsQuGimoN13TlQ0XQ=) 2: hRwoH1drQ6HKuVPJIEHOlZknDHg.crl (hash: hTjecdNZsfyfEx501MN2TP1rHNixwnr+nfBv4fTEfA0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.crl rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.mft rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:16:f0:e9:0f:7b:b1:5c:78:bb:3b:4b:55:8b:c9:3b:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851c281f576b43a1cab953c92041ce9599270c78 Validity Not Before: Dec 13 09:00:45 2025 GMT Not After : Dec 14 09:00:45 2025 GMT Subject: CN=7c0d406b7e81dc1833bc117a4ab50b7a057a5b95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:81:d1:e9:c7:03:58:5a:62:fb:97:61:01:b8: 99:ad:e4:b2:f6:2e:74:fc:f3:1d:11:4c:58:9a:d3: 24:7f:29:71:46:3c:b8:83:6a:1a:ab:83:66:89:ce: 89:96:e7:26:1d:65:a8:b4:5a:cd:ec:1f:3f:42:e1: 11:d3:48:b4:a1:d5:d9:7f:54:49:1b:c2:d8:a9:1d: d3:28:50:31:37:21:23:9a:fa:6a:98:d5:ea:10:f1: a7:1a:3f:8c:ed:78:51:e7:8b:2b:27:2f:96:b8:ec: 28:1a:c7:9e:5c:f3:3d:88:4d:de:a9:64:cd:b9:f0: e1:04:36:e8:15:8a:a9:58:0c:b8:18:80:c0:62:8d: cc:22:2f:5d:02:85:ab:35:9b:d9:47:ba:96:67:75: 27:93:d4:b8:d7:35:47:a2:3c:be:e0:07:29:66:6c: 71:ce:30:82:e5:17:ce:59:9b:66:fd:21:1a:90:9d: 11:16:d2:26:38:3b:58:c8:cd:16:08:0a:00:4d:32: 84:de:92:bd:54:23:4b:46:89:6f:f2:9d:62:f2:85: c0:af:b5:7e:9f:21:89:8f:97:44:00:48:35:5b:4d: 2d:80:b3:f4:4f:4c:a0:23:4a:d5:bc:c6:d6:44:d1: 24:f6:eb:b2:bf:37:75:a0:a8:ac:fa:17:19:72:d9: cf:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:0D:40:6B:7E:81:DC:18:33:BC:11:7A:4A:B5:0B:7A:05:7A:5B:95 X509v3 Authority Key Identifier: keyid:85:1C:28:1F:57:6B:43:A1:CA:B9:53:C9:20:41:CE:95:99:27:0C:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwoH1drQ6HKuVPJIEHOlZknDHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4a68a7-dc31-40fa-a110-91d56200baf4/1/hRwoH1drQ6HKuVPJIEHOlZknDHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:22:25:a2:f4:9e:67:3b:42:55:5b:f1:8b:2c:d6:ff:fb:22: 80:30:62:4a:05:f1:31:ae:46:5d:02:4a:d1:bb:79:cd:67:28: 42:72:85:ed:6e:a3:2c:b0:da:28:6f:7c:56:b0:31:31:6d:09: 10:ac:e8:16:24:cd:30:88:f9:a1:0d:f0:01:fe:eb:3a:a6:68: 2a:2f:ad:b5:0e:1d:9c:b4:39:e4:e8:46:78:21:c5:5d:74:ad: 24:21:b9:65:09:ff:9f:ff:fd:e4:66:f1:ba:c3:f6:8a:a9:fe: b5:a0:86:94:86:93:d7:42:5d:1b:e8:80:92:a1:ad:d7:56:74: fc:b8:d8:ef:1e:e7:6b:e3:a5:cf:fd:d0:f8:2f:86:3e:58:f3: 40:90:5a:c3:1c:31:02:86:be:27:f3:eb:03:70:7e:08:7f:ed: a1:5c:27:ec:24:ec:27:b6:a8:db:af:04:84:ed:5a:0b:28:d6: 25:bf:ee:46:08:78:5b:39:44:bc:40:ec:64:df:a4:d7:95:e2: b0:10:f9:66:93:8d:ef:ad:21:8f:dc:3a:4f:95:22:18:55:3d: c5:17:85:fd:e0:51:ec:b9:41:be:5b:56:6b:01:ad:f4:37:f7: fd:33:f5:b0:03:e1:5e:0d:72:40:33:8f:0d:2f:78:45:56:6c: ff:05:2a:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsW8OkPe7FceLs7S1WLyTvYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MWMyODFmNTc2YjQzYTFjYWI5NTNjOTIwNDFjZTk1OTky NzBjNzgwHhcNMjUxMjEzMDkwMDQ1WhcNMjUxMjE0MDkwMDQ1WjAzMTEwLwYDVQQD Eyg3YzBkNDA2YjdlODFkYzE4MzNiYzExN2E0YWI1MGI3YTA1N2E1Yjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYHR6ccDWFpi+5dhAbiZreSy9i50 /PMdEUxYmtMkfylxRjy4g2oaq4Nmic6JlucmHWWotFrN7B8/QuER00i0odXZf1RJ G8LYqR3TKFAxNyEjmvpqmNXqEPGnGj+M7XhR54srJy+WuOwoGseeXPM9iE3eqWTN ufDhBDboFYqpWAy4GIDAYo3MIi9dAoWrNZvZR7qWZ3Unk9S41zVHojy+4AcpZmxx zjCC5RfOWZtm/SEakJ0RFtImODtYyM0WCAoATTKE3pK9VCNLRolv8p1i8oXAr7V+ nyGJj5dEAEg1W00tgLP0T0ygI0rVvMbWRNEk9uuyvzd1oKis+hcZctnPywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHwNQGt+gdwYM7wRekq1C3oFeluVMB8GA1UdIwQY MBaAFIUcKB9Xa0OhyrlTySBBzpWZJwx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAt OTFkNTYyMDBiYWY0LzEvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC80YTY4YTctZGMzMS00MGZhLWExMTAtOTFkNTYyMDBiYWY0 LzEvaFJ3b0gxZHJRNkhLdVZQSklFSE9sWmtuREhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGiIlovSe ZztCVVvxiyzW//sigDBiSgXxMa5GXQJK0bt5zWcoQnKF7W6jLLDaKG98VrAxMW0J EKzoFiTNMIj5oQ3wAf7rOqZoKi+ttQ4dnLQ55OhGeCHFXXStJCG5ZQn/n//95Gbx usP2iqn+taCGlIaT10JdG+iAkqGt11Z0/LjY7x7na+Olz/3Q+C+GPljzQJBawxwx Aoa+J/PrA3B+CH/toVwn7CTsJ7ao268EhO1aCyjWJb/uRgh4WzlEvEDsZN+k15Xi sBD5ZpON760hj9w6T5UiGFU9xReF/eBR7LlBvltWawGt9Df3/TP1sAPhXg1yQDOP DS94RVZs/wUqXg== -----END CERTIFICATE-----Generated at Sat Dec 13 12:05:46 2025 by rpki-client