This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft File: x0heKfEYwBvobBnmaPrPpIXecYw.mft (raw, json) Hash identifier: VpdzlMeQLMAvMAysDLdflABErX4NJFxqe7lxPrJhSJ4= Subject key identifier: B6:CC:BC:2B:54:99:F2:72:9A:79:7A:A0:86:FA:85:B6:04:48:98:1E Authority key identifier: C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C Certificate issuer: /CN=c7485e29f118c01be86c19e668facfa485de718c Certificate serial: 019B5A88C5E982A665B6948C1FC0E33DA122 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft Manifest number: 0EBD Signing time: Fri 26 Dec 2025 12:01:11 +0000 Manifest this update: Fri 26 Dec 2025 12:01:11 +0000 Manifest next update: Sat 27 Dec 2025 12:01:11 +0000 Files and hashes: 1: t18UoHeAEcZ6Yu4NKG2nAheiZEs.roa (hash: RypsXYxji2dJaH2ZVLBlo3yRoSbmcerkP3rshZoohgo=) 2: x0heKfEYwBvobBnmaPrPpIXecYw.crl (hash: DJc+c+/PyMIBDyVCr9bC3CoMcHMic5jvEmR1b1/V+EI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:c5:e9:82:a6:65:b6:94:8c:1f:c0:e3:3d:a1:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c7485e29f118c01be86c19e668facfa485de718c Validity Not Before: Dec 26 12:01:11 2025 GMT Not After : Dec 27 12:01:11 2025 GMT Subject: CN=b6ccbc2b5499f2729a797aa086fa85b60448981e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:8e:0b:c8:d4:de:c7:b3:d5:71:d9:24:09:20: 24:16:69:0f:90:6a:b3:21:c9:fc:61:ed:19:ee:30: a8:d4:e2:e1:e5:af:93:a1:3e:fa:26:57:dd:7c:73: dc:4d:eb:1c:64:bd:b4:b1:cb:5d:7c:c2:c7:cf:8e: 14:7f:be:c7:08:58:9e:0f:ba:55:b9:23:f2:95:00: 67:94:c2:13:c0:2a:ae:e3:7c:97:fe:48:55:c2:36: bb:e3:e5:f6:0d:6e:b6:01:45:0c:6f:8b:a4:e3:25: 0e:2f:7f:c3:26:df:5e:ed:88:48:93:7e:4f:34:97: 53:7b:b0:01:b5:fb:18:cb:73:4b:29:42:30:db:d1: dc:a6:a4:b8:91:a3:a9:44:03:71:e6:be:4a:9e:4c: 5b:85:52:ca:31:84:b9:48:8e:26:e5:37:78:a9:d1: 22:3d:99:8b:48:aa:48:87:3a:ff:fb:88:b3:31:52: b4:03:50:ea:06:6c:e1:d3:ea:f3:37:13:d9:87:c7: 6e:66:ca:90:66:c5:0e:f8:a6:2f:e1:09:76:ac:5d: 11:7f:c6:27:6f:d2:ad:0b:63:fa:c2:fc:60:5f:ed: 66:a4:65:0a:74:62:59:63:ac:c8:a3:4a:01:68:12: 13:57:76:45:87:c7:e5:a0:fa:c5:c2:7f:95:35:7f: 45:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:CC:BC:2B:54:99:F2:72:9A:79:7A:A0:86:FA:85:B6:04:48:98:1E X509v3 Authority Key Identifier: keyid:C7:48:5E:29:F1:18:C0:1B:E8:6C:19:E6:68:FA:CF:A4:85:DE:71:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0heKfEYwBvobBnmaPrPpIXecYw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/539171-574b-4451-b6d4-57f9bc6a5c30/1/x0heKfEYwBvobBnmaPrPpIXecYw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:5e:f1:75:f0:c8:6d:71:48:f0:eb:7c:53:b3:08:ce:70:60: 5a:28:5b:3f:a5:21:49:10:d6:1e:3d:b5:3f:2f:93:69:f7:67: 38:8e:4f:5d:63:d0:e2:11:ea:41:15:8a:a0:5e:c6:32:d5:a5: 33:52:87:29:c9:6f:12:9f:d0:48:8c:9a:6a:77:d4:14:e7:ba: a3:22:82:e4:dc:6e:f7:be:47:fe:f5:32:90:2c:cd:95:d7:f0: 46:91:c3:f6:d3:b7:a7:b1:46:4f:0e:ae:df:67:4d:66:ac:77: f9:60:88:00:13:6a:12:a7:96:0a:39:8f:28:76:24:1d:e5:6d: d5:57:96:2b:34:e0:8b:b3:5f:1e:f3:e0:99:a0:09:80:78:8b: ba:85:3f:3e:1b:ca:21:23:7c:a2:db:3a:ed:32:13:4a:0a:b4: e6:79:1f:c1:10:d0:a1:de:f9:06:5d:32:64:75:88:95:33:df: fb:ff:6a:a7:e8:b5:8a:69:c1:76:0d:3f:f9:77:06:fc:c2:e6: 9c:e1:5c:25:33:22:9e:07:71:0f:ca:ef:5c:53:ef:34:0b:d3: 86:0b:42:a9:48:a4:3a:1a:79:45:e1:12:6e:b5:27:73:d1:5d: 57:e1:9b:28:07:97:66:ae:02:f1:9f:84:15:d2:96:b9:24:fa: f5:09:a2:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiMXpgqZltpSMH8DjPaEiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3NDg1ZTI5ZjExOGMwMWJlODZjMTllNjY4ZmFjZmE0ODVk ZTcxOGMwHhcNMjUxMjI2MTIwMTExWhcNMjUxMjI3MTIwMTExWjAzMTEwLwYDVQQD EyhiNmNjYmMyYjU0OTlmMjcyOWE3OTdhYTA4NmZhODViNjA0NDg5ODFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI4LyNTex7PVcdkkCSAkFmkPkGqz Icn8Ye0Z7jCo1OLh5a+ToT76JlfdfHPcTescZL20sctdfMLHz44Uf77HCFieD7pV uSPylQBnlMITwCqu43yX/khVwja74+X2DW62AUUMb4uk4yUOL3/DJt9e7YhIk35P NJdTe7ABtfsYy3NLKUIw29HcpqS4kaOpRANx5r5KnkxbhVLKMYS5SI4m5Td4qdEi PZmLSKpIhzr/+4izMVK0A1DqBmzh0+rzNxPZh8duZsqQZsUO+KYv4Ql2rF0Rf8Yn b9KtC2P6wvxgX+1mpGUKdGJZY6zIo0oBaBITV3ZFh8floPrFwn+VNX9FJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLbMvCtUmfJymnl6oIb6hbYESJgeMB8GA1UdIwQY MBaAFMdIXinxGMAb6GwZ5mj6z6SF3nGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQt NTdmOWJjNmE1YzMwLzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC81MzkxNzEtNTc0Yi00NDUxLWI2ZDQtNTdmOWJjNmE1YzMw LzEveDBoZUtmRVl3QnZvYkJubWFQclBwSVhlY1l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtl7xdfDI bXFI8Ot8U7MIznBgWihbP6UhSRDWHj21Py+TafdnOI5PXWPQ4hHqQRWKoF7GMtWl M1KHKclvEp/QSIyaanfUFOe6oyKC5Nxu975H/vUykCzNldfwRpHD9tO3p7FGTw6u 32dNZqx3+WCIABNqEqeWCjmPKHYkHeVt1VeWKzTgi7NfHvPgmaAJgHiLuoU/PhvK ISN8ots67TITSgq05nkfwRDQod75Bl0yZHWIlTPf+/9qp+i1imnBdg0/+XcG/MLm nOFcJTMingdxD8rvXFPvNAvThgtCqUikOhp5ReESbrUnc9FdV+GbKAeXZq4C8Z+E FdKWuST69QmiLg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:00 2025 by rpki-client