This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json) Hash identifier: kDJtngUA596G0SCcUjsgaAkREYA3/eSj+1c4B2dWReU= Subject key identifier: 7B:4F:14:19:77:B0:E8:36:C7:68:6F:DB:6C:EA:1F:51:76:C5:A5:36 Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde Certificate serial: 019B416D246FA08503B73CFBC9A28640387B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft Manifest number: 178E Signing time: Sun 21 Dec 2025 15:00:30 +0000 Manifest this update: Sun 21 Dec 2025 15:00:30 +0000 Manifest next update: Mon 22 Dec 2025 15:00:30 +0000 Files and hashes: 1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=) 2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: MgzZUBC+HFDLCXRuwlxyIFrsZAe4l+0BDqLbE170JbU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:24:6f:a0:85:03:b7:3c:fb:c9:a2:86:40:38:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde Validity Not Before: Dec 21 15:00:30 2025 GMT Not After : Dec 22 15:00:30 2025 GMT Subject: CN=7b4f141977b0e836c7686fdb6cea1f5176c5a536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f9:53:a7:fe:73:b8:6f:e4:6d:e1:55:00:03: 6d:16:72:32:1a:ef:9d:bc:d4:85:51:ab:d2:5d:e5: 94:6e:ca:68:fe:f8:83:4c:d0:63:74:04:66:4d:6c: b9:cf:d0:a2:d3:07:a7:5b:28:44:bc:f1:2f:33:29: 9b:91:71:8f:1c:08:b6:7a:04:ab:5f:e4:88:07:de: c8:b1:ea:2a:d1:dd:22:e3:49:64:42:c7:7c:13:b8: 7c:a2:b6:73:f3:8b:94:4d:56:b1:a9:0e:17:b7:4a: 6b:fb:3f:c4:8e:1b:69:90:4e:06:cb:5a:b0:7f:0f: de:67:28:1f:3a:e7:7d:1f:5a:18:9e:01:6c:d6:b8: 04:f0:6b:53:28:38:e3:d3:d9:73:36:df:c3:fb:db: 6f:30:80:65:28:12:3b:c3:42:1e:6d:f5:7c:92:bf: 09:6c:1b:b9:a9:62:02:84:d9:8a:fa:cb:9b:85:d4: 1d:72:6a:32:2e:8f:16:fe:48:7e:bf:62:97:8a:9e: 7d:d4:fd:82:95:17:c2:d8:91:e6:c8:47:a8:ad:1e: 5b:e8:47:19:e4:ca:93:2d:83:52:57:e4:b8:58:2c: 86:50:11:6a:91:43:4d:4a:23:33:07:15:35:41:06: 66:82:26:9b:d1:62:04:b9:9e:3d:2e:7d:3d:fe:35: ea:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:4F:14:19:77:B0:E8:36:C7:68:6F:DB:6C:EA:1F:51:76:C5:A5:36 X509v3 Authority Key Identifier: keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:5e:09:92:e4:64:44:77:e6:37:1c:05:27:a5:b0:54:22:b1: 4d:14:43:f2:73:fa:fe:15:02:4a:1f:e0:92:a3:54:99:43:9f: 2c:a6:84:b2:9b:16:f7:f3:49:27:ce:92:3a:af:fc:55:df:aa: e5:2b:6a:65:f4:43:3a:1a:93:ee:d8:53:71:bb:f0:02:2d:8a: db:70:db:ff:06:89:19:48:7e:67:0d:d1:af:a3:18:ce:7d:6c: 2b:cd:60:00:5d:ae:55:9f:fd:b7:5e:d0:e6:fd:32:5a:56:33: 25:d3:de:60:c5:fb:b7:1c:7d:a8:60:58:05:b6:c6:24:e7:e1: 65:2b:7a:14:64:10:49:8d:78:ab:5e:8b:ef:3b:95:f3:4b:59: 5b:c1:fd:54:4b:9d:8f:2e:58:97:ca:d3:b5:dd:71:de:3f:8d: d1:6d:85:99:84:09:1a:1f:24:0f:eb:98:75:71:ff:be:e2:90: b9:3e:3d:b9:79:3e:19:c8:70:b3:cc:16:9e:d8:4f:13:f9:ed: 79:88:94:3b:0f:21:12:64:f7:12:eb:a9:cc:83:d2:17:d5:36: 76:d1:71:67:b7:95:d4:b5:b9:f6:68:35:87:46:9d:eb:e2:6e: 84:bb:a8:83:03:ab:92:f3:f4:aa:bd:cf:e7:3c:f8:54:7c:ba: f9:fc:d0:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbSRvoIUDtzz7yaKGQDh7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw ZDFmZGUwHhcNMjUxMjIxMTUwMDMwWhcNMjUxMjIyMTUwMDMwWjAzMTEwLwYDVQQD Eyg3YjRmMTQxOTc3YjBlODM2Yzc2ODZmZGI2Y2VhMWY1MTc2YzVhNTM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqflTp/5zuG/kbeFVAANtFnIyGu+d vNSFUavSXeWUbspo/viDTNBjdARmTWy5z9Ci0wenWyhEvPEvMymbkXGPHAi2egSr X+SIB97Iseoq0d0i40lkQsd8E7h8orZz84uUTVaxqQ4Xt0pr+z/EjhtpkE4Gy1qw fw/eZygfOud9H1oYngFs1rgE8GtTKDjj09lzNt/D+9tvMIBlKBI7w0IebfV8kr8J bBu5qWIChNmK+subhdQdcmoyLo8W/kh+v2KXip591P2ClRfC2JHmyEeorR5b6EcZ 5MqTLYNSV+S4WCyGUBFqkUNNSiMzBxU1QQZmgiab0WIEuZ49Ln09/jXqJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHtPFBl3sOg2x2hv22zqH1F2xaU2MB8GA1UdIwQY MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl14JkuRk RHfmNxwFJ6WwVCKxTRRD8nP6/hUCSh/gkqNUmUOfLKaEspsW9/NJJ86SOq/8Vd+q 5StqZfRDOhqT7thTcbvwAi2K23Db/waJGUh+Zw3Rr6MYzn1sK81gAF2uVZ/9t17Q 5v0yWlYzJdPeYMX7txx9qGBYBbbGJOfhZSt6FGQQSY14q16L7zuV80tZW8H9VEud jy5Yl8rTtd1x3j+N0W2FmYQJGh8kD+uYdXH/vuKQuT49uXk+Gchws8wWnthPE/nt eYiUOw8hEmT3EuupzIPSF9U2dtFxZ7eV1LW59mg1h0ad6+JuhLuogwOrkvP0qr3P 5zz4VHy6+fzQzA== -----END CERTIFICATE-----Generated at Sun Dec 21 21:15:21 2025 by rpki-client