This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft File: hw4qIH9pdyFKlXqOFI0fi1pc0II.mft (raw, json) Hash identifier: 2kz4a1xTmy2rv/FI6aP/+QwbRwZ3ItKC8zxnYvh5f5U= Subject key identifier: F3:E2:D4:FE:E5:32:12:58:6E:45:E3:E1:66:44:61:B1:51:4D:A3:E7 Authority key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82 Certificate issuer: /CN=870e2a207f6977214a957a8e148d1f8b5a5cd082 Certificate serial: 019B23D0CBED7E789B92626BB315D0BC3FD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft Manifest number: 045A Signing time: Mon 15 Dec 2025 21:00:44 +0000 Manifest this update: Mon 15 Dec 2025 21:00:44 +0000 Manifest next update: Tue 16 Dec 2025 21:00:44 +0000 Files and hashes: 1: hw4qIH9pdyFKlXqOFI0fi1pc0II.crl (hash: fl1Knib8mOEnOqdeknXu0UskB1Dj8E5ncn+tmRs5skQ=) 2: nKTvZPJPqdCXiSwzyA9j5IjgzXg.roa (hash: IlnUSzXgTeo7Aecj19DyZcjG2TpAU9jXATfOU6kk97U=) 3: zNxBSM9LhOTwYtAP52MRH2hzZ_o.roa (hash: 51C5X4gm2WkYmwXfFe/uw6oyIL71jLkdgjDOyTD+5rc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 21:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:d0:cb:ed:7e:78:9b:92:62:6b:b3:15:d0:bc:3f:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082 Validity Not Before: Dec 15 21:00:44 2025 GMT Not After : Dec 16 21:00:44 2025 GMT Subject: CN=f3e2d4fee53212586e45e3e1664461b1514da3e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:28:5a:e7:f7:20:0a:25:cf:fc:ba:03:47:38: f5:e1:d0:aa:9e:25:fc:f4:9a:02:cc:41:a2:b3:d0: fa:20:1d:89:2d:be:c1:92:ee:6a:5b:31:4b:d9:53: 88:cb:c0:c7:b6:87:49:9e:80:50:64:6e:f9:2c:0f: 84:0f:98:df:2b:85:0b:3f:90:08:09:67:60:39:c8: 63:3c:0c:75:b9:07:e0:c1:96:c2:8e:e0:f2:58:a3: 36:bf:a3:15:92:22:5b:7c:40:65:41:68:2d:8d:19: c1:31:39:c0:44:dc:56:41:c5:85:7b:cc:70:0b:85: 85:18:48:48:45:5d:fe:5c:c8:f6:ca:88:85:59:c8: 23:49:27:1b:a8:d1:04:6c:53:f9:53:e1:f2:60:ae: c0:e5:72:fd:5f:4f:af:a4:df:92:78:ca:87:c9:ba: 40:bd:9d:55:0d:81:78:17:ca:19:b9:c4:4f:d2:04: 65:73:a6:e5:aa:8d:3d:60:0c:87:9f:f5:d3:8f:f5: 2f:02:4c:37:c9:ee:ea:b1:41:a6:b0:a7:c9:1c:56: f0:3d:32:fa:05:90:3e:ee:d5:72:74:0f:d5:5b:eb: 10:0d:64:6a:98:40:c6:61:9a:a9:f4:5e:f2:53:aa: 32:9d:f8:5b:63:c6:16:c7:e3:da:60:21:4d:32:68: aa:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:E2:D4:FE:E5:32:12:58:6E:45:E3:E1:66:44:61:B1:51:4D:A3:E7 X509v3 Authority Key Identifier: keyid:87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:c6:9a:7e:0f:ba:33:96:b4:fd:56:e1:8d:37:b1:7a:8b:13: c4:0e:ca:bb:b3:28:a6:67:ba:d6:79:15:9a:20:56:21:28:ee: ae:43:c3:ce:b4:65:33:ac:0a:69:3d:00:7d:3a:7a:a2:ed:ad: b8:0b:b7:25:85:4c:9f:cd:f0:48:5f:a6:f2:f0:8d:ae:fc:01: db:70:34:3a:23:8d:b4:c1:78:5f:a5:8e:b2:ab:35:fb:d4:03: 31:33:86:ab:c6:d2:df:3a:29:bd:44:45:a8:ed:31:06:f6:dd: 43:54:dd:71:51:0f:2c:fb:60:5e:5a:a8:ec:72:02:d6:ef:47: 9c:4b:cd:e1:0d:87:51:f5:ce:dd:63:33:78:67:fc:9c:ec:44: b3:02:bd:0b:68:2e:00:e8:7e:0d:7e:33:b5:3b:8f:5c:05:8a: 0c:c2:27:b1:c8:c2:f5:41:18:b8:1a:58:52:d3:bd:b7:56:3a: 3b:84:8e:c5:e9:83:6a:f9:6f:9f:90:55:a7:7d:c3:09:6b:03: 70:3b:98:6e:f2:59:3d:3b:50:40:d9:b8:79:06:3c:a8:e5:ca: 47:5c:58:ef:c4:36:f5:43:07:65:6b:6d:2e:6b:57:7e:0d:1f: bd:b9:22:b1:c5:79:a8:cd:a5:7b:8c:8e:93:28:d9:1f:6d:31: 5b:58:eb:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsj0MvtfnibkmJrsxXQvD/QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MGUyYTIwN2Y2OTc3MjE0YTk1N2E4ZTE0OGQxZjhiNWE1 Y2QwODIwHhcNMjUxMjE1MjEwMDQ0WhcNMjUxMjE2MjEwMDQ0WjAzMTEwLwYDVQQD EyhmM2UyZDRmZWU1MzIxMjU4NmU0NWUzZTE2NjQ0NjFiMTUxNGRhM2U3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriha5/cgCiXP/LoDRzj14dCqniX8 9JoCzEGis9D6IB2JLb7Bku5qWzFL2VOIy8DHtodJnoBQZG75LA+ED5jfK4ULP5AI CWdgOchjPAx1uQfgwZbCjuDyWKM2v6MVkiJbfEBlQWgtjRnBMTnARNxWQcWFe8xw C4WFGEhIRV3+XMj2yoiFWcgjSScbqNEEbFP5U+HyYK7A5XL9X0+vpN+SeMqHybpA vZ1VDYF4F8oZucRP0gRlc6blqo09YAyHn/XTj/UvAkw3ye7qsUGmsKfJHFbwPTL6 BZA+7tVydA/VW+sQDWRqmEDGYZqp9F7yU6oynfhbY8YWx+PaYCFNMmiqkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPPi1P7lMhJYbkXj4WZEYbFRTaPnMB8GA1UdIwQY MBaAFIcOKiB/aXchSpV6jhSNH4taXNCCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUt OGE5NDY4N2RiYTZmLzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUtOGE5NDY4N2RiYTZm LzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8aafg+6 M5a0/VbhjTexeosTxA7Ku7Mopme61nkVmiBWISjurkPDzrRlM6wKaT0AfTp6ou2t uAu3JYVMn83wSF+m8vCNrvwB23A0OiONtMF4X6WOsqs1+9QDMTOGq8bS3zopvURF qO0xBvbdQ1TdcVEPLPtgXlqo7HIC1u9HnEvN4Q2HUfXO3WMzeGf8nOxEswK9C2gu AOh+DX4ztTuPXAWKDMInscjC9UEYuBpYUtO9t1Y6O4SOxemDavlvn5BVp33DCWsD cDuYbvJZPTtQQNm4eQY8qOXKR1xY78Q29UMHZWttLmtXfg0fvbkiscV5qM2le4yO kyjZH20xW1jrjw== -----END CERTIFICATE-----Generated at Tue Dec 16 06:36:34 2025 by rpki-client