This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft File: HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft (raw, json) Hash identifier: Lg8w1gKObVpPzkVTXxLsuqXatUxH/kQsbspb0vwATLo= Subject key identifier: C3:E0:D6:8B:7F:A6:21:89:1A:13:96:E3:1B:C6:48:13:E8:05:A0:64 Authority key identifier: 1E:A0:C8:23:C3:60:B5:F8:61:48:92:D3:5B:10:3C:64:77:4F:D6:5D Certificate issuer: /CN=1ea0c823c360b5f8614892d35b103c64774fd65d Certificate serial: 019B2FD59B4C1A05B6686436483298E4725B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft Manifest number: 1783 Signing time: Thu 18 Dec 2025 05:01:26 +0000 Manifest this update: Thu 18 Dec 2025 05:01:26 +0000 Manifest next update: Fri 19 Dec 2025 05:01:26 +0000 Files and hashes: 1: HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl (hash: NRLyWvVjwis+wck7hokqpYQ3trG9RZycto3sgYT7QR8=) 2: UhsTPDlkEVTfjN0gtgklGlfn_mQ.roa (hash: gvwxeqU03k4MQD3WdF59OWVu6wgm7kgHM+ORIWuetR0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d5:9b:4c:1a:05:b6:68:64:36:48:32:98:e4:72:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ea0c823c360b5f8614892d35b103c64774fd65d Validity Not Before: Dec 18 05:01:26 2025 GMT Not After : Dec 19 05:01:26 2025 GMT Subject: CN=c3e0d68b7fa621891a1396e31bc64813e805a064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2a:fb:9c:7c:39:ac:63:19:f8:95:dc:72:c9: ef:a4:70:ae:3c:20:9d:19:fc:ae:36:6d:dd:4c:e6: 88:c5:75:10:bd:37:b2:0c:56:70:e7:44:b1:af:47: db:96:f0:4b:95:81:5e:56:7c:70:28:dd:70:6a:13: f1:bf:69:18:27:be:29:f5:89:2c:61:71:93:83:e8: 7a:41:9a:6f:36:a5:39:30:b9:14:f2:51:f0:cb:ad: 69:c9:3b:2f:8f:b5:d6:40:9b:d9:a4:60:c8:9a:43: 7f:66:cf:03:e2:a5:9f:a6:4d:d2:2b:2f:0c:dd:ad: 5e:4b:56:aa:63:88:28:d7:5d:05:32:a3:da:58:29: e8:95:f9:2a:4e:27:82:77:e5:d0:a8:b4:aa:84:cc: cb:4f:a9:3d:9a:f9:12:d3:2c:a2:d2:d7:ed:5a:10: fc:52:c2:ba:33:02:f7:21:5c:34:df:6c:0d:e7:b2: 5c:bd:5c:7b:9c:64:b6:aa:3a:f7:f3:21:d9:18:ae: fc:3b:4a:3d:d2:16:97:d6:ab:b4:5a:8f:89:aa:83: 3b:f8:43:3a:31:e3:db:6d:26:46:f2:f8:f0:30:ba: 5d:4d:04:4b:97:93:c9:fb:81:b3:18:83:e8:c8:2a: 07:79:23:5d:f6:cf:9b:72:4f:61:a0:71:fa:96:5a: 9c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:E0:D6:8B:7F:A6:21:89:1A:13:96:E3:1B:C6:48:13:E8:05:A0:64 X509v3 Authority Key Identifier: keyid:1E:A0:C8:23:C3:60:B5:F8:61:48:92:D3:5B:10:3C:64:77:4F:D6:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:bb:9b:18:a8:ae:16:62:54:ea:84:a0:64:52:80:1f:c7:5d: 30:5d:e8:2e:58:19:de:aa:14:28:71:f1:27:de:d4:18:cf:97: b3:15:29:05:01:a1:a3:91:0f:89:0e:4f:ca:32:69:1b:3b:fb: 1b:d1:28:00:13:cc:d8:17:0a:ec:9c:de:8a:c4:52:49:24:42: 6c:d6:ae:28:04:8a:d4:b3:53:45:67:b0:0b:05:2c:5f:b1:16: 75:1e:0c:30:7a:bc:77:f0:b4:3c:4d:46:7f:20:63:e0:ad:27: c9:f9:f9:1d:6f:64:a6:d8:79:a3:08:61:38:b3:cf:ee:a7:89: d9:cd:91:9c:76:92:dc:3e:4c:16:82:44:28:7a:00:ee:63:ae: 6a:ef:5e:21:1c:dd:eb:92:49:87:90:9c:56:c5:ec:a1:4c:58: 9b:31:2f:06:48:fd:3e:12:27:89:95:12:dd:b2:47:88:85:49: 5d:aa:77:ac:86:ec:fc:d8:a9:fe:13:a3:6d:36:2a:4b:89:49: a5:55:91:12:ff:ac:54:72:91:47:7a:17:69:4f:82:ce:a7:47: 6d:6d:b3:d4:90:f0:19:d2:0c:a3:b5:43:6a:3a:16:e8:6c:0f: 7c:24:10:01:60:67:82:bb:12:18:e8:34:5f:33:c7:e4:1a:2b: 35:be:78:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1ZtMGgW2aGQ2SDKY5HJbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYTBjODIzYzM2MGI1Zjg2MTQ4OTJkMzViMTAzYzY0Nzc0 ZmQ2NWQwHhcNMjUxMjE4MDUwMTI2WhcNMjUxMjE5MDUwMTI2WjAzMTEwLwYDVQQD EyhjM2UwZDY4YjdmYTYyMTg5MWExMzk2ZTMxYmM2NDgxM2U4MDVhMDY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwir7nHw5rGMZ+JXccsnvpHCuPCCd GfyuNm3dTOaIxXUQvTeyDFZw50Sxr0fblvBLlYFeVnxwKN1wahPxv2kYJ74p9Yks YXGTg+h6QZpvNqU5MLkU8lHwy61pyTsvj7XWQJvZpGDImkN/Zs8D4qWfpk3SKy8M 3a1eS1aqY4go110FMqPaWCnolfkqTieCd+XQqLSqhMzLT6k9mvkS0yyi0tftWhD8 UsK6MwL3IVw032wN57JcvVx7nGS2qjr38yHZGK78O0o90haX1qu0Wo+JqoM7+EM6 MePbbSZG8vjwMLpdTQRLl5PJ+4GzGIPoyCoHeSNd9s+bck9hoHH6llqcKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPg1ot/piGJGhOW4xvGSBPoBaBkMB8GA1UdIwQY MBaAFB6gyCPDYLX4YUiS01sQPGR3T9ZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80OTI2MTUtODE2Mi00YjM3LWJjYmIt NWMwZDA1N2VmMmE2LzEvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80OTI2MTUtODE2Mi00YjM3LWJjYmItNWMwZDA1N2VmMmE2 LzEvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfbubGKiu FmJU6oSgZFKAH8ddMF3oLlgZ3qoUKHHxJ97UGM+XsxUpBQGho5EPiQ5PyjJpGzv7 G9EoABPM2BcK7JzeisRSSSRCbNauKASK1LNTRWewCwUsX7EWdR4MMHq8d/C0PE1G fyBj4K0nyfn5HW9kpth5owhhOLPP7qeJ2c2RnHaS3D5MFoJEKHoA7mOuau9eIRzd 65JJh5CcVsXsoUxYmzEvBkj9PhIniZUS3bJHiIVJXap3rIbs/Nip/hOjbTYqS4lJ pVWREv+sVHKRR3oXaU+CzqdHbW2z1JDwGdIMo7VDajoW6GwPfCQQAWBngrsSGOg0 XzPH5BorNb54hA== -----END CERTIFICATE-----Generated at Thu Dec 18 08:03:18 2025 by rpki-client