This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft File: h0HsF9wDCbE9iKZ-oi3Luyak46E.mft (raw, json) Hash identifier: 91qwkuN1UJOn6EBx0Nk9FZaCp7+onhIYjLZphefkQj8= Subject key identifier: 34:48:17:63:AA:36:55:80:87:5B:0E:34:BB:33:24:04:3A:63:7D:94 Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1 Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1 Certificate serial: 019B1382A0DF4ECF3F841462F17960365C20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft Manifest number: 0A9F Signing time: Fri 12 Dec 2025 17:01:26 +0000 Manifest this update: Fri 12 Dec 2025 17:01:26 +0000 Manifest next update: Sat 13 Dec 2025 17:01:26 +0000 Files and hashes: 1: cASyfuH0abUwpn-V7hmuZSIQ09c.roa (hash: U2HpSDc4zJjb5yR4FxelHkJvS6rW6HvOOx+N/+WSuMk=) 2: h0HsF9wDCbE9iKZ-oi3Luyak46E.crl (hash: gBnwKnJ9Xmp8nXW6V5A5gMrmGK+mrhZ86ZsfapUrtSY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 16:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:13:82:a0:df:4e:cf:3f:84:14:62:f1:79:60:36:5c:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1 Validity Not Before: Dec 12 17:01:26 2025 GMT Not After : Dec 13 17:01:26 2025 GMT Subject: CN=34481763aa365580875b0e34bb3324043a637d94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d5:4d:1c:72:cc:28:55:87:55:38:e5:5a:cd: b4:c4:4d:a9:7f:b6:58:3f:3b:18:33:0b:be:32:8d: 38:13:11:0a:01:d2:ad:2d:99:c7:57:4b:ce:7a:e3: 99:f2:33:0a:1c:84:e2:d6:21:23:22:01:23:4b:1e: d8:66:7b:07:3a:d9:79:62:d5:30:44:e8:3a:2c:8b: 1e:e0:f4:07:ae:92:0d:61:0d:92:e3:79:02:79:6b: 67:ab:09:95:8b:d4:0d:49:1d:91:20:ef:6b:15:59: 98:fc:ab:06:36:27:72:b2:44:4a:3e:d7:d2:8a:18: 5e:52:78:46:55:4c:ec:26:48:83:06:5f:b5:92:59: c3:4c:da:a0:55:2f:74:6c:d2:da:87:b5:b6:be:b3: 6c:03:7b:4a:13:a2:01:4a:e5:b4:16:e0:ef:29:a4: ee:73:71:88:25:89:62:ce:10:91:ed:70:c7:1e:7e: 79:ad:4c:5c:2a:db:4e:8e:0a:82:08:4f:d5:cf:26: a0:32:87:50:4f:f5:49:2e:eb:e1:c4:45:cc:15:00: f0:04:2f:f8:c4:05:b3:90:b2:e4:8c:cb:80:81:d7: 7b:50:8c:8b:82:1c:0c:d9:ae:5e:69:50:c8:54:50: 1b:96:64:e5:b7:d1:da:30:95:5e:db:8a:16:b1:55: 3a:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:48:17:63:AA:36:55:80:87:5B:0E:34:BB:33:24:04:3A:63:7D:94 X509v3 Authority Key Identifier: keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:0e:dc:4d:f3:85:99:dc:14:61:84:d5:8c:7b:a9:2d:a1:7c: 6d:b3:1e:0a:22:7d:f2:0c:4d:fc:5d:56:95:32:35:f7:b5:91: 07:44:87:ec:8e:a4:bf:87:f4:7b:63:4e:93:2d:3d:a1:b8:e3: 57:f0:c9:61:c7:34:43:b9:4b:a3:c5:d2:65:8a:cf:23:a6:2d: c0:7e:33:f8:9f:c5:42:e2:35:90:5a:dd:d5:13:b6:69:1d:cf: 5e:56:2b:5c:aa:e5:e5:fa:b3:a2:69:7e:94:0b:3d:ad:dd:d9: b8:ae:3c:22:b8:b6:77:fc:1c:eb:8b:37:c4:fc:a6:d8:ef:c9: 7b:15:8e:21:9d:94:45:31:d7:d9:c1:7f:ea:e2:eb:0d:57:44: b0:dd:0d:e8:c4:06:9d:06:2b:d6:21:27:f7:cd:a1:61:2a:7a: e6:59:14:59:3b:9e:da:31:16:03:f6:dd:37:f9:06:44:27:1c: cf:90:d2:e0:03:38:13:dd:f3:58:2f:87:17:5f:82:30:5f:c2: b0:80:01:cc:94:9f:0d:71:36:e2:0f:11:3a:77:f9:27:1a:a4: 68:b2:ba:3c:4d:95:fc:5c:52:fe:7a:50:89:f7:5d:6a:07:59: fa:cd:41:88:d1:23:5e:d8:5e:b0:be:3b:58:9c:18:bc:7e:a1: 7d:0e:76:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsTgqDfTs8/hBRi8XlgNlwgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh NGUzYTEwHhcNMjUxMjEyMTcwMTI2WhcNMjUxMjEzMTcwMTI2WjAzMTEwLwYDVQQD EygzNDQ4MTc2M2FhMzY1NTgwODc1YjBlMzRiYjMzMjQwNDNhNjM3ZDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudVNHHLMKFWHVTjlWs20xE2pf7ZY PzsYMwu+Mo04ExEKAdKtLZnHV0vOeuOZ8jMKHITi1iEjIgEjSx7YZnsHOtl5YtUw ROg6LIse4PQHrpINYQ2S43kCeWtnqwmVi9QNSR2RIO9rFVmY/KsGNidyskRKPtfS ihheUnhGVUzsJkiDBl+1klnDTNqgVS90bNLah7W2vrNsA3tKE6IBSuW0FuDvKaTu c3GIJYlizhCR7XDHHn55rUxcKttOjgqCCE/VzyagModQT/VJLuvhxEXMFQDwBC/4 xAWzkLLkjMuAgdd7UIyLghwM2a5eaVDIVFAblmTlt9HaMJVe24oWsVU6AQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDRIF2OqNlWAh1sONLszJAQ6Y32UMB8GA1UdIwQY MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt MWFjNGE0MDA3ZGI0LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0 LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdw7cTfOF mdwUYYTVjHupLaF8bbMeCiJ98gxN/F1WlTI197WRB0SH7I6kv4f0e2NOky09objj V/DJYcc0Q7lLo8XSZYrPI6YtwH4z+J/FQuI1kFrd1RO2aR3PXlYrXKrl5fqzoml+ lAs9rd3ZuK48Iri2d/wc64s3xPym2O/JexWOIZ2URTHX2cF/6uLrDVdEsN0N6MQG nQYr1iEn982hYSp65lkUWTue2jEWA/bdN/kGRCccz5DS4AM4E93zWC+HF1+CMF/C sIABzJSfDXE24g8ROnf5JxqkaLK6PE2V/FxS/npQifddagdZ+s1BiNEjXthesL47 WJwYvH6hfQ52FQ== -----END CERTIFICATE-----Generated at Fri Dec 12 19:22:47 2025 by rpki-client