This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft File: h9tx9pGbDvmO78mWSSiodRAjagM.mft (raw, json) Hash identifier: HRPVm9WBFJDbhvGmt5KtPOR7n2W2M8fThexL/zR65kY= Subject key identifier: 89:8B:38:CE:AA:3A:EE:2B:B4:EC:25:CF:A9:AA:DB:CB:13:21:1C:93 Authority key identifier: 87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03 Certificate issuer: /CN=87db71f6919b0ef98eefc9964928a87510236a03 Certificate serial: 019B43249700CB4735FD27BA74E9E1F68906 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft Manifest number: 0C3F Signing time: Sun 21 Dec 2025 23:00:29 +0000 Manifest this update: Sun 21 Dec 2025 23:00:29 +0000 Manifest next update: Mon 22 Dec 2025 23:00:29 +0000 Files and hashes: 1: h9tx9pGbDvmO78mWSSiodRAjagM.crl (hash: Js2+v2+VnJ0Tn0VbubNegD5KNOvmZW3mRGA2irkOrNA=) 2: k9VkkHu7wqpz0IelVxE8bU-qY6o.roa (hash: vCMb7FvkUh1quiKigDU5pU3f6Rl+/OZ8cn/L/kTas88=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:24:97:00:cb:47:35:fd:27:ba:74:e9:e1:f6:89:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87db71f6919b0ef98eefc9964928a87510236a03 Validity Not Before: Dec 21 23:00:29 2025 GMT Not After : Dec 22 23:00:29 2025 GMT Subject: CN=898b38ceaa3aee2bb4ec25cfa9aadbcb13211c93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:dd:5f:6e:03:97:32:74:ca:79:fd:53:50:0f: c6:a7:4e:96:38:f0:16:42:b6:c2:b7:92:0c:7d:f6: be:23:05:49:02:ca:37:7e:fe:a1:df:ee:99:dd:61: 84:c5:88:be:2c:4a:16:70:c5:1b:de:55:10:a2:71: d2:48:ec:54:3d:22:b9:c9:67:e5:71:11:85:5b:94: 46:b1:63:8b:f0:bb:ea:74:76:7f:6e:33:48:67:27: 1d:f8:c2:c2:ff:c1:f8:91:9c:a3:04:b3:b9:79:58: b4:8e:98:54:77:e3:d7:ad:c2:70:fe:b6:22:fd:be: d2:d2:e4:7d:0a:c6:6e:e7:1b:01:a8:3f:f4:ae:0a: ec:de:b8:34:c4:94:e2:81:1e:5e:12:0b:8e:cd:db: ad:f2:f8:f9:36:d6:9e:54:fe:a5:88:a5:21:a8:0e: a0:0d:0a:16:61:d7:e6:65:3a:90:d4:7e:cf:c4:10: 9a:93:55:36:8a:ee:cd:04:3f:be:f5:4d:1d:b6:3f: 0d:db:e6:5c:ae:10:d6:76:be:3b:bc:f6:d6:48:c3: 91:d0:81:e6:a4:e9:65:dc:64:87:86:36:8c:23:20: 5a:ad:a9:f0:cd:7c:ad:b7:63:48:d7:36:c3:82:54: 62:77:bf:56:bf:aa:c3:d7:52:ef:9c:0c:43:44:6d: 17:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:8B:38:CE:AA:3A:EE:2B:B4:EC:25:CF:A9:AA:DB:CB:13:21:1C:93 X509v3 Authority Key Identifier: keyid:87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:28:6e:d8:ac:30:a3:b2:63:72:aa:53:df:e1:28:cb:b0:96: 5f:bb:bf:c7:ee:7b:9f:90:e5:ea:02:38:f2:93:c9:9b:fa:d1: c6:a1:b7:58:f8:d0:1f:fb:7a:fc:2d:0e:2c:73:f2:56:00:e4: 2d:67:65:45:fa:78:2f:a2:02:6d:95:7c:46:67:d4:ad:06:24: 13:b6:82:f3:98:36:6a:a1:8b:9a:1a:e2:be:5a:d4:9d:44:0c: 88:83:01:c8:08:74:e8:b2:a3:db:f1:70:07:ce:31:78:33:72: 16:7d:47:ca:6d:e7:b0:33:03:e3:dd:c7:d1:81:eb:41:a2:bd: e1:f5:b5:d0:b3:e7:b5:29:2d:5f:f9:0f:2f:96:41:d9:f6:9f: 7c:8d:5c:cf:bb:ac:12:73:30:d9:00:3c:db:5a:68:21:af:4d: 67:ae:09:cd:f8:3f:35:d7:2c:ab:c3:1f:90:2c:13:b1:a4:93: 06:01:dc:c9:32:7a:89:3c:9a:7e:2c:bc:b6:fd:de:82:6b:75: ea:53:85:ee:26:a2:74:18:97:dc:1b:30:16:26:55:67:07:2a: 97:45:29:6d:8b:dd:90:4f:59:43:7f:54:27:fb:14:3e:6b:dd: 00:6c:ad:fe:94:f5:43:10:fe:ae:92:74:95:d1:cf:e1:de:e8: d4:f2:1a:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJJcAy0c1/Se6dOnh9okGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZGI3MWY2OTE5YjBlZjk4ZWVmYzk5NjQ5MjhhODc1MTAy MzZhMDMwHhcNMjUxMjIxMjMwMDI5WhcNMjUxMjIyMjMwMDI5WjAzMTEwLwYDVQQD Eyg4OThiMzhjZWFhM2FlZTJiYjRlYzI1Y2ZhOWFhZGJjYjEzMjExYzkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN1fbgOXMnTKef1TUA/Gp06WOPAW QrbCt5IMffa+IwVJAso3fv6h3+6Z3WGExYi+LEoWcMUb3lUQonHSSOxUPSK5yWfl cRGFW5RGsWOL8LvqdHZ/bjNIZycd+MLC/8H4kZyjBLO5eVi0jphUd+PXrcJw/rYi /b7S0uR9CsZu5xsBqD/0rgrs3rg0xJTigR5eEguOzdut8vj5NtaeVP6liKUhqA6g DQoWYdfmZTqQ1H7PxBCak1U2iu7NBD++9U0dtj8N2+ZcrhDWdr47vPbWSMOR0IHm pOll3GSHhjaMIyBaranwzXytt2NI1zbDglRid79Wv6rD11LvnAxDRG0X1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFImLOM6qOu4rtOwlz6mq28sTIRyTMB8GA1UdIwQY MBaAFIfbcfaRmw75ju/JlkkoqHUQI2oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODIt OTA0YTA4MDMxYTlmLzEvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODItOTA0YTA4MDMxYTlm LzEvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfShu2Kww o7JjcqpT3+Eoy7CWX7u/x+57n5Dl6gI48pPJm/rRxqG3WPjQH/t6/C0OLHPyVgDk LWdlRfp4L6ICbZV8RmfUrQYkE7aC85g2aqGLmhrivlrUnUQMiIMByAh06LKj2/Fw B84xeDNyFn1Hym3nsDMD493H0YHrQaK94fW10LPntSktX/kPL5ZB2faffI1cz7us EnMw2QA821poIa9NZ64Jzfg/Ndcsq8MfkCwTsaSTBgHcyTJ6iTyafiy8tv3egmt1 6lOF7iaidBiX3BswFiZVZwcql0UpbYvdkE9ZQ39UJ/sUPmvdAGyt/pT1QxD+rpJ0 ldHP4d7o1PIaXg== -----END CERTIFICATE-----Generated at Mon Dec 22 02:18:57 2025 by rpki-client