This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft File: h5kgiOdlXLE0AgypWw5X1Oba9A8.mft (raw, json) Hash identifier: OuEq3dBJnni2CsCZWhVkzYEGdVfhdanwmXP+0CLdcdY= Subject key identifier: 9C:AB:BF:83:F8:E5:48:35:C6:9C:95:B3:50:1F:37:5F:92:A7:A2:F7 Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F Certificate issuer: /CN=87992088e7655cb134020ca95b0e57d4e6daf40f Certificate serial: 019B3A8F51A46072847C4645894E50B3012E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft Manifest number: 1788 Signing time: Sat 20 Dec 2025 07:00:29 +0000 Manifest this update: Sat 20 Dec 2025 07:00:29 +0000 Manifest next update: Sun 21 Dec 2025 07:00:29 +0000 Files and hashes: 1: h5kgiOdlXLE0AgypWw5X1Oba9A8.crl (hash: sUI8F94LP3FXdEzhB+95bUeeDjYc3xJidMU/4I9Tb10=) 2: vH-eK3MDkjfjQIWGcNruZ1gYj6o.roa (hash: X8Ll3xNOyDNsY8OoD7P2fm6g2ckrfD35bOMThe6H4RM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:8f:51:a4:60:72:84:7c:46:45:89:4e:50:b3:01:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f Validity Not Before: Dec 20 07:00:29 2025 GMT Not After : Dec 21 07:00:29 2025 GMT Subject: CN=9cabbf83f8e54835c69c95b3501f375f92a7a2f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:08:e7:90:e2:3d:40:a4:3c:1e:c9:ef:2d:99: 85:97:08:99:d7:64:ae:d2:70:3d:de:6d:3f:54:36: 0b:c0:2c:01:c7:5c:f2:3f:75:27:b6:96:4a:cd:0c: 7c:52:4c:60:19:9d:7b:c0:eb:da:e7:80:11:7d:8f: 92:59:46:0f:35:ad:57:94:ec:73:ee:04:08:47:b9: dc:2e:13:9a:60:4b:a8:62:53:b2:76:83:96:5f:33: 24:90:d4:c6:e0:ee:56:1a:f2:55:3d:75:73:16:ea: 10:e2:d4:0a:98:fc:1e:38:42:7b:f6:e8:ac:f0:ad: d4:eb:1e:ff:3e:98:e1:03:42:ac:55:2e:65:f4:4a: 83:26:8e:76:5a:67:47:1a:2b:f2:f5:d8:39:ab:de: bb:ea:85:d1:a3:75:26:d1:48:ec:cf:95:cb:46:42: d1:9a:77:7e:e8:48:83:f6:62:fa:28:01:0b:a1:0a: 2a:ff:d0:f0:a2:c2:36:7b:5f:45:0b:a3:9e:d8:e0: c0:2f:60:3f:35:5e:4b:fd:e4:a4:97:5b:15:e1:18: e7:5b:2e:00:3d:9d:9c:a7:74:a3:01:a8:a8:36:6e: d9:2e:e1:37:35:7c:83:22:2d:3e:c1:a5:f7:0c:c6: ee:af:e5:a3:13:7b:c3:ba:f9:de:21:43:d4:b5:c1: 17:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:AB:BF:83:F8:E5:48:35:C6:9C:95:B3:50:1F:37:5F:92:A7:A2:F7 X509v3 Authority Key Identifier: keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:a4:8f:5f:3a:f6:87:7d:f2:73:de:1d:96:76:85:b0:b3:b7: 2f:c7:3e:d4:0a:c9:e5:d0:1c:f2:fa:ee:9f:a1:6b:63:99:68: a1:4f:00:46:7b:9c:9e:cb:f3:6f:39:44:ef:c8:8e:67:1c:0f: c3:db:0e:f6:2b:ed:40:34:36:3e:7a:2a:d8:70:e6:bc:73:03: 23:1c:68:c9:41:49:c9:1a:78:a6:68:28:9f:a4:6a:c7:4e:3f: 5e:7d:53:51:ea:82:09:44:5c:7f:b3:3c:50:fa:89:20:00:26: 89:f1:9f:be:70:21:0e:7d:2b:f5:67:0a:52:a8:4d:a5:37:d5: 5c:07:d2:c3:6c:30:e8:fe:db:dc:1e:5c:3c:e5:0b:31:6f:7a: 20:7f:e6:8b:49:56:f0:94:c7:a9:9e:c4:30:21:d5:ec:c9:73: 51:6d:58:a3:c9:4a:f5:55:79:9b:66:55:7b:55:38:6a:7b:23: e8:b5:b9:6e:bf:94:e4:63:7f:36:9b:91:27:33:2d:6d:d2:72: f5:7b:6c:79:e4:f5:ba:cd:30:e5:c3:07:d6:ec:27:fa:8d:88: 29:51:c5:e2:f4:aa:16:b5:d8:95:4b:2e:3a:04:9f:b7:e8:a8: b1:37:f5:4b:28:75:ee:db:37:7d:3a:bb:41:5a:2c:1c:fe:16: 21:6b:08:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6j1GkYHKEfEZFiU5QswEuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk YWY0MGYwHhcNMjUxMjIwMDcwMDI5WhcNMjUxMjIxMDcwMDI5WjAzMTEwLwYDVQQD Eyg5Y2FiYmY4M2Y4ZTU0ODM1YzY5Yzk1YjM1MDFmMzc1ZjkyYTdhMmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAjnkOI9QKQ8HsnvLZmFlwiZ12Su 0nA93m0/VDYLwCwBx1zyP3UntpZKzQx8UkxgGZ17wOva54ARfY+SWUYPNa1XlOxz 7gQIR7ncLhOaYEuoYlOydoOWXzMkkNTG4O5WGvJVPXVzFuoQ4tQKmPweOEJ79uis 8K3U6x7/PpjhA0KsVS5l9EqDJo52WmdHGivy9dg5q9676oXRo3Um0Ujsz5XLRkLR mnd+6EiD9mL6KAELoQoq/9DwosI2e19FC6Oe2ODAL2A/NV5L/eSkl1sV4RjnWy4A PZ2cp3SjAaioNm7ZLuE3NXyDIi0+waX3DMbur+WjE3vDuvneIUPUtcEXhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJyrv4P45Ug1xpyVs1AfN1+Sp6L3MB8GA1UdIwQY MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt ODVlYTYzYzI0NDc0LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0 LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaSPXzr2 h33yc94dlnaFsLO3L8c+1ArJ5dAc8vrun6FrY5looU8ARnucnsvzbzlE78iOZxwP w9sO9ivtQDQ2Pnoq2HDmvHMDIxxoyUFJyRp4pmgon6Rqx04/Xn1TUeqCCURcf7M8 UPqJIAAmifGfvnAhDn0r9WcKUqhNpTfVXAfSw2ww6P7b3B5cPOULMW96IH/mi0lW 8JTHqZ7EMCHV7MlzUW1Yo8lK9VV5m2ZVe1U4ansj6LW5br+U5GN/NpuRJzMtbdJy 9XtseeT1us0w5cMH1uwn+o2IKVHF4vSqFrXYlUsuOgSft+iosTf1Syh17ts3fTq7 QVosHP4WIWsIbA== -----END CERTIFICATE-----Generated at Sat Dec 20 16:06:26 2025 by rpki-client