This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft File: hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft (raw, json) Hash identifier: bV1VG8rYhIdC0oy+jD+EAHcEwwHknwS550BCAbpYqks= Subject key identifier: 71:5C:6F:02:57:09:60:CB:C7:3B:F1:AB:63:D2:A1:AF:7F:E5:A8:86 Authority key identifier: 85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54 Certificate issuer: /CN=8504ebf9db1710a47bae4508cdaf8131e1674a54 Certificate serial: 019B22F56D696AE2CD3C2EA2FF08B9E186C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft Manifest number: 177D Signing time: Mon 15 Dec 2025 17:01:08 +0000 Manifest this update: Mon 15 Dec 2025 17:01:08 +0000 Manifest next update: Tue 16 Dec 2025 17:01:08 +0000 Files and hashes: 1: 4NKKaipkT34nKtWhfa19D74f25c.roa (hash: YTaiys0RSHABRCWEassKEE2Fqko+03tYIMHlBHkZyig=) 2: hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl (hash: fqu8BBKBxu/Gnia2xJpCOajsdlF70hO1tclmarLrM5o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:f5:6d:69:6a:e2:cd:3c:2e:a2:ff:08:b9:e1:86:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8504ebf9db1710a47bae4508cdaf8131e1674a54 Validity Not Before: Dec 15 17:01:08 2025 GMT Not After : Dec 16 17:01:08 2025 GMT Subject: CN=715c6f02570960cbc73bf1ab63d2a1af7fe5a886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2f:8b:1b:6c:e1:66:d5:9b:e6:54:6d:0c:3e: 57:05:2d:ac:d2:46:ee:f6:21:ec:f3:03:eb:31:35: 59:0d:4a:c9:56:71:59:af:f2:ce:da:db:bb:08:8a: 64:5b:44:07:87:7b:3d:39:bf:62:03:96:76:6a:43: ca:5b:6f:43:69:a8:81:71:cd:83:1a:20:a3:b1:99: d6:5a:b5:b7:22:67:be:42:2e:79:e4:d8:88:cf:24: e4:1d:b8:89:c9:47:b4:9a:a7:c6:07:5e:d8:f3:b5: 3a:48:bb:3b:e0:50:a7:e8:d7:e0:30:54:0a:52:75: 8e:cf:c4:56:67:71:22:d0:9e:af:44:fa:9c:89:2d: b0:b5:28:fd:04:fb:6f:9e:9e:52:23:36:65:93:d7: 11:7c:5b:5b:31:8b:b6:77:97:6a:73:cc:08:2c:3a: 76:7a:41:19:64:48:99:fa:5d:e4:2b:85:19:e3:68: f3:0a:02:50:69:7c:4e:e0:7f:50:88:cb:d1:74:ae: 66:53:ce:3b:ad:70:5c:c4:6a:17:78:fb:2f:df:3e: 31:3a:f6:8a:20:a0:34:6c:43:02:fd:bb:4c:ab:3e: 10:b9:a7:57:c6:eb:a5:03:e9:37:6e:92:4d:a9:87: fd:cb:73:30:10:a7:cc:a4:d3:3c:b5:9a:e1:42:6d: cf:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:5C:6F:02:57:09:60:CB:C7:3B:F1:AB:63:D2:A1:AF:7F:E5:A8:86 X509v3 Authority Key Identifier: keyid:85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:d1:6a:cf:b1:f8:56:59:c5:d6:d0:44:58:6f:5e:b5:e7:37: dc:00:9f:de:76:97:2a:6c:2e:51:8c:70:5d:ad:04:d1:13:ab: 59:9c:cd:a6:65:21:2c:a0:8f:bd:99:03:2a:32:df:95:14:f6: 25:5e:24:75:61:55:c5:b8:8c:d9:c4:3d:1f:8e:73:87:56:0b: 3c:c6:17:88:2b:93:48:15:9e:a4:95:2f:6d:89:7a:ee:2c:b5: 04:f4:01:f9:94:d8:22:c9:11:d9:b6:a8:79:9e:50:04:42:07: 35:2c:7e:df:c2:d2:a7:b4:84:1a:56:d9:3f:ac:7d:e9:c7:df: 73:8a:f5:38:76:17:55:35:61:a3:62:9e:0a:da:c9:2e:de:33: bc:c2:dd:8b:6c:61:fc:c2:67:cf:8d:8d:de:d4:ae:71:b8:9b: 5f:84:84:b6:be:81:96:28:3e:58:73:dc:37:e6:21:43:6a:23: d5:00:ef:12:1e:4e:84:dc:11:7a:72:70:45:4e:7c:fd:09:37: 78:a3:56:bc:50:ae:e9:77:29:f1:84:57:56:d4:7f:da:15:82: 96:7c:c3:1a:ed:f5:77:ed:3c:b7:81:43:a6:d2:9d:82:29:fc: 07:52:a4:83:7a:11:6d:a2:3a:93:57:8d:dd:68:11:dc:ee:97: a6:73:0a:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsi9W1pauLNPC6i/wi54YbFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MDRlYmY5ZGIxNzEwYTQ3YmFlNDUwOGNkYWY4MTMxZTE2 NzRhNTQwHhcNMjUxMjE1MTcwMTA4WhcNMjUxMjE2MTcwMTA4WjAzMTEwLwYDVQQD Eyg3MTVjNmYwMjU3MDk2MGNiYzczYmYxYWI2M2QyYTFhZjdmZTVhODg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty+LG2zhZtWb5lRtDD5XBS2s0kbu 9iHs8wPrMTVZDUrJVnFZr/LO2tu7CIpkW0QHh3s9Ob9iA5Z2akPKW29DaaiBcc2D GiCjsZnWWrW3Ime+Qi555NiIzyTkHbiJyUe0mqfGB17Y87U6SLs74FCn6NfgMFQK UnWOz8RWZ3Ei0J6vRPqciS2wtSj9BPtvnp5SIzZlk9cRfFtbMYu2d5dqc8wILDp2 ekEZZEiZ+l3kK4UZ42jzCgJQaXxO4H9QiMvRdK5mU847rXBcxGoXePsv3z4xOvaK IKA0bEMC/btMqz4QuadXxuulA+k3bpJNqYf9y3MwEKfMpNM8tZrhQm3PxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHFcbwJXCWDLxzvxq2PSoa9/5aiGMB8GA1UdIwQY MBaAFIUE6/nbFxCke65FCM2vgTHhZ0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgt YTliMWRmNDRjZTJmLzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgtYTliMWRmNDRjZTJm LzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9Fqz7H4 VlnF1tBEWG9etec33ACf3naXKmwuUYxwXa0E0ROrWZzNpmUhLKCPvZkDKjLflRT2 JV4kdWFVxbiM2cQ9H45zh1YLPMYXiCuTSBWepJUvbYl67iy1BPQB+ZTYIskR2bao eZ5QBEIHNSx+38LSp7SEGlbZP6x96cffc4r1OHYXVTVho2KeCtrJLt4zvMLdi2xh /MJnz42N3tSucbibX4SEtr6Blig+WHPcN+YhQ2oj1QDvEh5OhNwRenJwRU58/Qk3 eKNWvFCu6Xcp8YRXVtR/2hWClnzDGu31d+08t4FDptKdgin8B1Kkg3oRbaI6k1eN 3WgR3O6XpnMKkw== -----END CERTIFICATE-----Generated at Mon Dec 15 20:23:11 2025 by rpki-client