This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft File: HCF8gIa-KdUPg8j9j8kXsAnePIE.mft (raw, json) Hash identifier: d0n70HV+25NyYuJq80TqS7Pte9cUtHrahaUdT3yBJlc= Subject key identifier: 6E:73:81:72:15:1B:B4:5D:94:F8:80:67:85:F2:4F:70:F2:14:63:41 Authority key identifier: 1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81 Certificate issuer: /CN=1c217c8086be29d50f83c8fd8fc917b009de3c81 Certificate serial: 019B59E376A7A860C2DA58A36D4A4361C41B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft Manifest number: 02BD Signing time: Fri 26 Dec 2025 09:00:37 +0000 Manifest this update: Fri 26 Dec 2025 09:00:37 +0000 Manifest next update: Sat 27 Dec 2025 09:00:37 +0000 Files and hashes: 1: 0Ai9U12mBfKyiWOFnwxyJgomY7A.roa (hash: w93SlMAnXeNUWu2aTB2M64qmn0qVbSFDgVMubrcribE=) 2: HCF8gIa-KdUPg8j9j8kXsAnePIE.crl (hash: D6qwrJAKo7Na+0UpxNZI0Dh8eSvKlJ4FtKhYnlFWqkk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:76:a7:a8:60:c2:da:58:a3:6d:4a:43:61:c4:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c217c8086be29d50f83c8fd8fc917b009de3c81 Validity Not Before: Dec 26 09:00:37 2025 GMT Not After : Dec 27 09:00:37 2025 GMT Subject: CN=6e738172151bb45d94f8806785f24f70f2146341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f6:bd:ee:d1:ef:4a:c3:be:bc:32:5d:fa:d0: 7f:3d:19:2b:7e:2f:8d:bb:46:42:e3:aa:bf:30:5f: ce:dc:43:71:2b:62:45:56:16:b1:06:da:42:77:5a: 48:b6:ac:8d:85:28:3a:f6:78:49:ec:7c:93:40:4b: 81:27:99:a3:fe:40:e1:c2:16:92:59:18:a9:33:50: 90:94:7a:f0:7d:ef:cf:1f:83:06:fe:db:29:b5:7e: a4:13:e7:11:08:d2:48:31:16:88:b7:3a:a0:05:47: 9b:38:49:da:fc:c4:78:ed:39:09:47:fb:0e:c5:da: 22:32:e6:1b:0a:14:3a:29:ad:d1:41:9e:a9:c9:98: eb:c2:9b:77:7d:51:3c:97:5b:0d:5b:d5:39:44:46: 2e:58:68:cf:76:00:82:70:07:6d:48:14:30:9b:e7: e9:fc:ed:67:41:d6:ce:06:2b:c2:e7:67:b3:b7:fa: bb:d1:38:7c:a4:f6:9a:89:58:c1:58:dc:cd:21:b4: 30:85:b8:4c:44:96:af:1b:c7:e5:7f:f8:14:14:91: 33:83:6b:66:25:00:5d:4f:52:ce:87:77:2e:4c:83: 1d:95:9d:5e:9b:04:3a:07:45:90:5b:c0:76:ce:3b: 2d:86:e1:cd:ff:e4:e3:6a:57:16:36:62:c3:c6:b8: c5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:73:81:72:15:1B:B4:5D:94:F8:80:67:85:F2:4F:70:F2:14:63:41 X509v3 Authority Key Identifier: keyid:1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:8f:4b:7d:ce:94:cf:4c:23:66:56:26:28:34:36:12:68:de: 85:cf:dc:4e:de:26:08:9c:e1:45:89:92:ce:1c:bd:42:76:ac: 9d:b5:10:fb:59:7e:4f:b7:4f:db:ee:d1:6a:9c:dc:fd:ba:7f: 35:2d:fe:30:69:27:7f:a1:de:f6:3b:6f:53:dc:39:25:ff:a8: c7:a9:2e:69:98:35:9b:71:8a:0a:92:0a:01:b3:a5:be:c1:e2: c9:44:3f:74:8a:d0:9a:df:4c:ec:5f:86:3e:21:e0:75:4e:a0: 23:4f:05:e8:5b:35:db:1e:f8:fb:d2:e0:76:dc:c6:bf:ed:39: 0b:91:ca:bc:eb:99:9b:ac:84:c0:7c:5b:45:6b:76:33:d5:5e: ff:8d:96:83:c4:6f:f3:8f:c4:d5:03:92:d5:9a:ad:5c:53:f4: 5a:3a:65:67:ca:04:27:99:24:a1:ab:b1:82:f9:6f:9c:35:0d: 91:4a:4c:39:dc:0f:bc:73:c1:92:57:64:71:2b:9f:69:4a:46: 81:a3:8f:63:ca:ef:42:87:00:ee:d7:37:6f:e0:c1:d4:98:8b: 5a:c3:4f:98:01:3b:06:08:25:ff:6a:06:a2:57:e5:a9:23:79: 94:ec:66:bf:5b:83:cb:ad:d3:9c:5a:83:5a:d6:3a:d7:6d:de: 1b:3e:49:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ43anqGDC2lijbUpDYcQbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMjE3YzgwODZiZTI5ZDUwZjgzYzhmZDhmYzkxN2IwMDlk ZTNjODEwHhcNMjUxMjI2MDkwMDM3WhcNMjUxMjI3MDkwMDM3WjAzMTEwLwYDVQQD Eyg2ZTczODE3MjE1MWJiNDVkOTRmODgwNjc4NWYyNGY3MGYyMTQ2MzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2va97tHvSsO+vDJd+tB/PRkrfi+N u0ZC46q/MF/O3ENxK2JFVhaxBtpCd1pItqyNhSg69nhJ7HyTQEuBJ5mj/kDhwhaS WRipM1CQlHrwfe/PH4MG/tsptX6kE+cRCNJIMRaItzqgBUebOEna/MR47TkJR/sO xdoiMuYbChQ6Ka3RQZ6pyZjrwpt3fVE8l1sNW9U5REYuWGjPdgCCcAdtSBQwm+fp /O1nQdbOBivC52ezt/q70Th8pPaaiVjBWNzNIbQwhbhMRJavG8flf/gUFJEzg2tm JQBdT1LOh3cuTIMdlZ1emwQ6B0WQW8B2zjsthuHN/+TjalcWNmLDxrjFSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG5zgXIVG7RdlPiAZ4XyT3DyFGNBMB8GA1UdIwQY MBaAFBwhfICGvinVD4PI/Y/JF7AJ3jyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1Zjkt ZjM0YjMxZDNiNDNjLzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1ZjktZjM0YjMxZDNiNDNj LzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiI9Lfc6U z0wjZlYmKDQ2Emjehc/cTt4mCJzhRYmSzhy9QnasnbUQ+1l+T7dP2+7Rapzc/bp/ NS3+MGknf6He9jtvU9w5Jf+ox6kuaZg1m3GKCpIKAbOlvsHiyUQ/dIrQmt9M7F+G PiHgdU6gI08F6Fs12x74+9LgdtzGv+05C5HKvOuZm6yEwHxbRWt2M9Ve/42Wg8Rv 84/E1QOS1ZqtXFP0WjplZ8oEJ5kkoauxgvlvnDUNkUpMOdwPvHPBkldkcSufaUpG gaOPY8rvQocA7tc3b+DB1JiLWsNPmAE7Bggl/2oGolflqSN5lOxmv1uDy63TnFqD WtY6123eGz5JOA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:23 2025 by rpki-client