This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft File: HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft (raw, json) Hash identifier: UWrY3rDbOSVjM3taDnLAx1mDljSq7PY39eRusdGeTuI= Subject key identifier: AC:34:57:FD:0B:3F:40:90:5D:1F:5B:AC:4F:BD:FC:21:72:40:EF:F3 Authority key identifier: 1E:A0:C8:23:C3:60:B5:F8:61:48:92:D3:5B:10:3C:64:77:4F:D6:5D Certificate issuer: /CN=1ea0c823c360b5f8614892d35b103c64774fd65d Certificate serial: 019B33B2747FF86ADA3AE85F3728018BC0FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft Manifest number: 1785 Signing time: Thu 18 Dec 2025 23:01:31 +0000 Manifest this update: Thu 18 Dec 2025 23:01:31 +0000 Manifest next update: Fri 19 Dec 2025 23:01:31 +0000 Files and hashes: 1: HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl (hash: FxJDWYOsrFMOKb8LYKE0IgpcUTKK+yZn9aceofQqur8=) 2: UhsTPDlkEVTfjN0gtgklGlfn_mQ.roa (hash: gvwxeqU03k4MQD3WdF59OWVu6wgm7kgHM+ORIWuetR0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b2:74:7f:f8:6a:da:3a:e8:5f:37:28:01:8b:c0:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ea0c823c360b5f8614892d35b103c64774fd65d Validity Not Before: Dec 18 23:01:31 2025 GMT Not After : Dec 19 23:01:31 2025 GMT Subject: CN=ac3457fd0b3f40905d1f5bac4fbdfc217240eff3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:81:bd:6f:9a:ac:c0:b8:b8:6a:b7:02:eb:66: 59:30:8c:96:2f:d0:a7:bf:b7:ca:ef:7d:d5:10:e2: 25:80:76:27:4d:b7:a4:b0:23:68:0e:aa:64:58:18: 49:ba:f3:55:14:07:40:09:05:81:a2:28:cf:a9:07: 41:a9:10:93:c6:aa:9e:a2:43:74:2b:37:1b:bb:8c: 49:50:1c:47:5e:1f:4c:9d:b2:67:32:39:cd:27:09: c9:19:b2:32:3d:f3:a7:d3:c0:66:a0:8e:62:a8:0f: 19:3d:6c:40:c0:29:12:97:ce:49:20:dc:04:ae:b5: de:ca:40:8f:6e:a5:68:26:97:7c:59:d5:5d:08:5a: 84:19:81:da:2c:c1:f6:84:69:3f:0c:1b:32:98:59: 1b:7d:4c:1f:67:53:91:77:f9:e1:95:ba:89:b0:5f: 54:25:d4:95:1b:db:65:0f:aa:2b:f1:77:00:21:c2: 07:71:fd:c9:41:aa:83:ae:91:cf:2d:3f:6e:36:42: 5d:b2:6b:bc:9e:ea:ee:f9:0b:91:a4:7a:9a:e7:10: 44:0b:13:ab:8a:82:dd:63:70:4c:af:3c:d2:75:39: e1:7d:b3:26:4d:85:21:a6:57:a0:29:82:d9:6d:9e: 2c:b0:f8:4a:e6:2a:22:92:da:a3:f5:22:bf:62:f4: 14:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:34:57:FD:0B:3F:40:90:5D:1F:5B:AC:4F:BD:FC:21:72:40:EF:F3 X509v3 Authority Key Identifier: keyid:1E:A0:C8:23:C3:60:B5:F8:61:48:92:D3:5B:10:3C:64:77:4F:D6:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqDII8NgtfhhSJLTWxA8ZHdP1l0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/492615-8162-4b37-bcbb-5c0d057ef2a6/1/HqDII8NgtfhhSJLTWxA8ZHdP1l0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:41:ed:10:41:22:f4:3d:54:9d:35:6d:b4:c6:5b:3e:43:62: 58:1a:84:29:50:9c:77:4e:dc:1a:55:e1:21:95:d7:b1:b5:17: 97:5b:d3:bd:56:f9:45:3e:dd:2b:07:32:43:3e:3e:46:2f:d0: db:bc:d3:d8:71:00:19:32:0e:8c:a3:5b:f9:75:72:bf:69:3e: 7e:de:cd:94:e5:ed:9f:ca:48:e9:b5:40:ef:f2:38:1e:62:1a: 76:80:25:39:62:20:3f:26:09:a1:0b:b4:d7:98:5c:f3:43:1b: a2:07:f7:d6:36:83:db:26:dd:e2:ff:f4:16:72:a5:91:c1:3c: ed:fd:73:aa:90:a6:3b:cf:86:e1:f3:02:0c:bd:a5:d4:5c:f0: 3a:f8:e1:57:26:90:8f:67:8d:09:0d:45:85:8c:f8:02:56:64: 35:7c:5e:37:4d:e4:3c:83:74:22:eb:4c:64:f3:24:07:a9:c3: 71:55:c7:fa:39:ee:f3:f8:85:7e:b7:96:57:23:99:d4:94:84: 8c:0d:d6:f2:57:ce:1e:11:38:41:47:80:63:d5:d0:70:9b:54: a0:7f:8a:15:c7:8f:d7:c3:1b:06:88:f2:93:b4:3c:e0:5f:1d: fc:da:8f:0b:1c:d9:14:b1:67:e2:97:79:63:84:dc:a4:41:bf: 1f:e1:56:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsnR/+GraOuhfNygBi8D7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYTBjODIzYzM2MGI1Zjg2MTQ4OTJkMzViMTAzYzY0Nzc0 ZmQ2NWQwHhcNMjUxMjE4MjMwMTMxWhcNMjUxMjE5MjMwMTMxWjAzMTEwLwYDVQQD EyhhYzM0NTdmZDBiM2Y0MDkwNWQxZjViYWM0ZmJkZmMyMTcyNDBlZmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroG9b5qswLi4arcC62ZZMIyWL9Cn v7fK733VEOIlgHYnTbeksCNoDqpkWBhJuvNVFAdACQWBoijPqQdBqRCTxqqeokN0 Kzcbu4xJUBxHXh9MnbJnMjnNJwnJGbIyPfOn08BmoI5iqA8ZPWxAwCkSl85JINwE rrXeykCPbqVoJpd8WdVdCFqEGYHaLMH2hGk/DBsymFkbfUwfZ1ORd/nhlbqJsF9U JdSVG9tlD6or8XcAIcIHcf3JQaqDrpHPLT9uNkJdsmu8nuru+QuRpHqa5xBECxOr ioLdY3BMrzzSdTnhfbMmTYUhplegKYLZbZ4ssPhK5ioiktqj9SK/YvQU9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKw0V/0LP0CQXR9brE+9/CFyQO/zMB8GA1UdIwQY MBaAFB6gyCPDYLX4YUiS01sQPGR3T9ZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80OTI2MTUtODE2Mi00YjM3LWJjYmIt NWMwZDA1N2VmMmE2LzEvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80OTI2MTUtODE2Mi00YjM3LWJjYmItNWMwZDA1N2VmMmE2 LzEvSHFESUk4Tmd0ZmhoU0pMVFd4QThaSGRQMWwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUHtEEEi 9D1UnTVttMZbPkNiWBqEKVCcd07cGlXhIZXXsbUXl1vTvVb5RT7dKwcyQz4+Ri/Q 27zT2HEAGTIOjKNb+XVyv2k+ft7NlOXtn8pI6bVA7/I4HmIadoAlOWIgPyYJoQu0 15hc80Mbogf31jaD2ybd4v/0FnKlkcE87f1zqpCmO8+G4fMCDL2l1FzwOvjhVyaQ j2eNCQ1FhYz4AlZkNXxeN03kPIN0IutMZPMkB6nDcVXH+jnu8/iFfreWVyOZ1JSE jA3W8lfOHhE4QUeAY9XQcJtUoH+KFceP18MbBojyk7Q84F8d/NqPCxzZFLFn4pd5 Y4TcpEG/H+FWEw== -----END CERTIFICATE-----Generated at Fri Dec 19 04:48:57 2025 by rpki-client