This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft File: h5kgiOdlXLE0AgypWw5X1Oba9A8.mft (raw, json) Hash identifier: 6rXx2k53nwh3B2o8wSEptRFSh5nQkMnBw/bEKDX9wU4= Subject key identifier: 0C:61:AA:65:B2:6E:8D:19:48:86:CA:40:31:C9:C4:D8:A2:96:A2:91 Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F Certificate issuer: /CN=87992088e7655cb134020ca95b0e57d4e6daf40f Certificate serial: 019B3C7DB8D0422D4ECE68FFEE6750201A01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 16:00:30 +0000 Manifest this update: Sat 20 Dec 2025 16:00:30 +0000 Manifest next update: Sun 21 Dec 2025 16:00:30 +0000 Files and hashes: 1: h5kgiOdlXLE0AgypWw5X1Oba9A8.crl (hash: sEyMiRQ0k/8uQ9qHg17E0v4A7ueLmZqF7NGW8tvikz4=) 2: vH-eK3MDkjfjQIWGcNruZ1gYj6o.roa (hash: X8Ll3xNOyDNsY8OoD7P2fm6g2ckrfD35bOMThe6H4RM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:b8:d0:42:2d:4e:ce:68:ff:ee:67:50:20:1a:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f Validity Not Before: Dec 20 16:00:30 2025 GMT Not After : Dec 21 16:00:30 2025 GMT Subject: CN=0c61aa65b26e8d194886ca4031c9c4d8a296a291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:71:12:8c:ab:3c:2f:19:fd:50:f1:8d:0d:51: 9f:ef:6b:2b:70:90:d6:c7:3b:12:b4:2b:35:3a:94: 65:90:f5:08:7a:3f:11:c7:92:1f:ed:ef:7e:38:61: b8:87:5f:5f:c5:64:f4:14:30:a5:04:67:4c:d7:cc: c0:6b:35:1b:13:cd:13:ad:e6:2b:09:03:36:3e:25: 68:57:1b:69:8a:7d:c9:3d:88:a4:b6:2d:2f:20:4f: 53:50:eb:e5:bf:c5:11:43:84:a9:f6:05:6c:c7:a1: ea:5b:27:ea:c1:64:22:33:a6:c0:eb:ef:13:ae:41: 40:36:ff:59:a0:2b:5c:76:fd:cf:9e:7f:fc:91:c0: cc:7a:3c:9f:33:10:83:ce:ab:3d:25:38:64:22:0a: c6:69:4c:6e:7e:9f:de:d4:e9:55:2c:32:cd:5d:22: 80:03:b5:78:d6:b0:05:b9:dd:4c:59:5b:8d:f2:1e: 6c:5a:54:10:39:c4:35:d0:b9:fc:b4:7e:8f:f3:ca: 70:94:b4:9d:f4:bd:59:9f:8f:92:7e:56:b6:61:c5: d7:e8:3c:97:c6:ac:8e:4c:c2:35:c0:a1:70:4c:f8: f5:d9:ff:92:b2:bc:f9:81:2a:0d:9a:e4:90:ad:4a: b4:67:f7:6a:d9:da:6b:b9:79:e5:1f:76:4f:54:f1: 57:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:61:AA:65:B2:6E:8D:19:48:86:CA:40:31:C9:C4:D8:A2:96:A2:91 X509v3 Authority Key Identifier: keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:23:1f:30:45:79:6e:d1:7e:82:47:d2:33:46:5b:e4:ae:71: c2:b5:5a:f0:63:6c:cd:36:92:5d:85:43:8f:62:96:6d:37:13: d3:b6:c2:e9:9d:7b:19:2c:6b:bc:6d:7d:9f:25:04:b6:72:37: 5b:96:25:31:41:ab:f3:24:ad:55:1d:29:49:82:83:b2:b1:93: 90:d2:05:ac:88:c0:8b:40:8f:b6:bc:3f:71:66:cd:24:b0:23: b7:10:a2:88:0a:e9:8b:42:61:23:bd:92:3c:c5:12:bf:33:f9: 72:c3:98:6e:6b:ed:95:6a:de:cf:46:e2:2c:1d:13:7e:83:7e: ea:6e:f3:fd:57:d3:95:4d:15:1b:ff:74:34:bd:7a:30:aa:c6: 20:31:28:69:c3:52:65:e2:5c:2c:e5:1f:2e:40:6b:98:a9:45: 01:dc:75:2b:fc:6d:44:04:a6:b1:23:73:fa:2e:b0:50:cb:11: b7:b0:01:26:68:37:28:a7:fe:94:94:b5:17:f8:41:10:b5:b8: 28:58:36:1d:8e:cf:15:48:4b:3a:0b:11:de:30:11:91:54:9d: 62:a5:02:cd:69:e6:fc:ed:b2:eb:45:60:21:e1:e8:70:97:fa: 82:ff:17:e7:c5:88:c6:95:cf:97:17:5d:88:d4:3c:6e:a0:78: 20:19:c4:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fbjQQi1Ozmj/7mdQIBoBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk YWY0MGYwHhcNMjUxMjIwMTYwMDMwWhcNMjUxMjIxMTYwMDMwWjAzMTEwLwYDVQQD EygwYzYxYWE2NWIyNmU4ZDE5NDg4NmNhNDAzMWM5YzRkOGEyOTZhMjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXESjKs8Lxn9UPGNDVGf72srcJDW xzsStCs1OpRlkPUIej8Rx5If7e9+OGG4h19fxWT0FDClBGdM18zAazUbE80TreYr CQM2PiVoVxtpin3JPYikti0vIE9TUOvlv8URQ4Sp9gVsx6HqWyfqwWQiM6bA6+8T rkFANv9ZoCtcdv3Pnn/8kcDMejyfMxCDzqs9JThkIgrGaUxufp/e1OlVLDLNXSKA A7V41rAFud1MWVuN8h5sWlQQOcQ10Ln8tH6P88pwlLSd9L1Zn4+Sfla2YcXX6DyX xqyOTMI1wKFwTPj12f+Ssrz5gSoNmuSQrUq0Z/dq2dpruXnlH3ZPVPFXoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAxhqmWybo0ZSIbKQDHJxNiilqKRMB8GA1UdIwQY MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt ODVlYTYzYzI0NDc0LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0 LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSMfMEV5 btF+gkfSM0Zb5K5xwrVa8GNszTaSXYVDj2KWbTcT07bC6Z17GSxrvG19nyUEtnI3 W5YlMUGr8yStVR0pSYKDsrGTkNIFrIjAi0CPtrw/cWbNJLAjtxCiiArpi0JhI72S PMUSvzP5csOYbmvtlWrez0biLB0TfoN+6m7z/VfTlU0VG/90NL16MKrGIDEoacNS ZeJcLOUfLkBrmKlFAdx1K/xtRASmsSNz+i6wUMsRt7ABJmg3KKf+lJS1F/hBELW4 KFg2HY7PFUhLOgsR3jARkVSdYqUCzWnm/O2y60VgIeHocJf6gv8X58WIxpXPlxdd iNQ8bqB4IBnE9g== -----END CERTIFICATE-----Generated at Sat Dec 20 18:13:08 2025 by rpki-client