This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json) Hash identifier: vlZbu76Tf5hmHe0bVhLzQJUuV52YwVWezGluSlkW7EM= Subject key identifier: 55:41:38:34:BB:71:96:AE:BB:BC:B5:3E:45:DA:D0:FD:11:2B:49:7F Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27 Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927 Certificate serial: 019B0F6ED51DEB68DC68C9D7E44A4BCE22E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft Manifest number: 1701 Signing time: Thu 11 Dec 2025 22:01:20 +0000 Manifest this update: Thu 11 Dec 2025 22:01:20 +0000 Manifest next update: Fri 12 Dec 2025 22:01:20 +0000 Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=) 2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=) 3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: iAkOCdzgYs4ktNmXsqsFjfOU8naVf/FvwLHNuZf3JJI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:d5:1d:eb:68:dc:68:c9:d7:e4:4a:4b:ce:22:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927 Validity Not Before: Dec 11 22:01:20 2025 GMT Not After : Dec 12 22:01:20 2025 GMT Subject: CN=55413834bb7196aebbbcb53e45dad0fd112b497f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:c3:75:37:e2:8d:aa:4d:34:c5:41:34:f5:65: db:da:42:8c:ed:08:14:7a:07:e6:82:5e:1d:de:c7: ef:66:f7:29:89:4a:5d:03:ac:cd:bf:0a:ca:74:09: 0a:55:cc:c3:33:52:0d:1e:59:29:51:b0:fd:74:f3: 08:b7:64:4c:0a:a3:9e:01:e7:c8:d2:71:63:4d:ab: d9:32:48:d0:eb:eb:23:fe:bb:b5:53:93:fb:4d:a9: fb:bb:4c:4b:12:e4:d3:48:14:d7:bc:92:f1:99:91: 81:ad:05:f9:58:e1:d6:c8:d1:90:2c:fb:5c:21:dd: 1e:ba:2a:2e:70:32:73:0c:34:31:e3:4e:73:ab:7b: 10:29:d8:bc:2a:73:97:66:cb:11:d9:02:76:81:a1: 14:f7:9c:a7:a8:e5:12:2c:98:2f:90:de:80:50:63: cf:c7:76:47:09:79:93:83:80:96:3f:22:04:a3:85: f8:88:04:f0:4c:4c:9a:9b:ec:9e:7c:90:5b:6c:e7: 8b:e4:55:b9:14:4c:30:aa:2a:2a:9c:c3:dd:a6:c8: bf:1a:0d:5c:3a:fa:1c:ca:45:9f:38:fe:96:c0:29: 1b:ad:f0:e1:c1:40:27:dc:bd:32:c7:02:5b:f1:88: 59:66:2b:71:71:37:69:38:b2:bc:e1:7f:e9:d8:b9: 59:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:41:38:34:BB:71:96:AE:BB:BC:B5:3E:45:DA:D0:FD:11:2B:49:7F X509v3 Authority Key Identifier: keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:72:5e:59:41:c1:1b:93:69:13:1f:af:10:63:2c:d9:a7:e9: 4f:49:ea:03:be:d9:e6:61:1b:75:7e:e0:0f:10:60:10:68:87: 51:b2:82:3b:0e:93:b8:10:26:fa:c2:cd:3d:1e:e6:6b:8e:75: 0e:79:eb:b0:ea:e6:bf:52:ff:12:68:0b:63:2f:3e:90:43:1a: 88:cc:0a:df:5d:71:68:52:eb:cf:55:37:53:96:3d:8e:77:b2: 98:c9:f9:e6:dc:6f:7c:1e:66:96:50:5c:5d:f5:0b:ed:9d:70: 43:19:17:40:e0:31:90:80:1e:ea:e7:fb:39:6b:a8:56:1d:91: e2:4e:ea:1a:2e:9b:91:73:04:e9:9e:c7:12:0d:0b:40:84:1d: b4:f7:67:8d:63:27:a7:ab:79:83:4a:b4:30:00:9e:52:e5:31: eb:b0:f9:a2:60:6b:65:c6:24:12:dd:24:81:a9:62:60:00:d9: 4c:dc:73:25:75:1c:2a:2c:6d:c2:e1:59:c6:ba:77:20:87:57: c3:23:b4:0f:84:9e:06:67:5d:5e:ed:51:d0:9a:58:00:16:7e: 76:95:b3:20:42:4b:35:ae:5d:53:17:5d:56:a8:dc:00:cc:f4: fd:45:bc:b7:10:c4:04:97:a7:23:34:61:d8:c2:4a:b8:38:c0: 47:2c:7d:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbtUd62jcaMnX5EpLziLlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj ODQ5MjcwHhcNMjUxMjExMjIwMTIwWhcNMjUxMjEyMjIwMTIwWjAzMTEwLwYDVQQD Eyg1NTQxMzgzNGJiNzE5NmFlYmJiY2I1M2U0NWRhZDBmZDExMmI0OTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68N1N+KNqk00xUE09WXb2kKM7QgU egfmgl4d3sfvZvcpiUpdA6zNvwrKdAkKVczDM1INHlkpUbD9dPMIt2RMCqOeAefI 0nFjTavZMkjQ6+sj/ru1U5P7Tan7u0xLEuTTSBTXvJLxmZGBrQX5WOHWyNGQLPtc Id0euioucDJzDDQx405zq3sQKdi8KnOXZssR2QJ2gaEU95ynqOUSLJgvkN6AUGPP x3ZHCXmTg4CWPyIEo4X4iATwTEyam+yefJBbbOeL5FW5FEwwqioqnMPdpsi/Gg1c OvocykWfOP6WwCkbrfDhwUAn3L0yxwJb8YhZZitxcTdpOLK84X/p2LlZGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFVBODS7cZauu7y1PkXa0P0RK0l/MB8GA1UdIwQY MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATHJeWUHB G5NpEx+vEGMs2afpT0nqA77Z5mEbdX7gDxBgEGiHUbKCOw6TuBAm+sLNPR7ma451 DnnrsOrmv1L/EmgLYy8+kEMaiMwK311xaFLrz1U3U5Y9jneymMn55txvfB5mllBc XfUL7Z1wQxkXQOAxkIAe6uf7OWuoVh2R4k7qGi6bkXME6Z7HEg0LQIQdtPdnjWMn p6t5g0q0MACeUuUx67D5omBrZcYkEt0kgaliYADZTNxzJXUcKixtwuFZxrp3IIdX wyO0D4SeBmddXu1R0JpYABZ+dpWzIEJLNa5dUxddVqjcAMz0/UW8txDEBJenIzRh 2MJKuDjARyx9dg== -----END CERTIFICATE-----Generated at Fri Dec 12 00:00:11 2025 by rpki-client