This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft File: CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft (raw, json) Hash identifier: D4bqGmtVQ23dQxsVcHu3xHWJmYBMBykxkybxHs8qpuQ= Subject key identifier: 9E:81:F9:A2:BE:74:78:20:B6:33:00:F8:C9:0B:8F:DA:10:D2:9E:8B Authority key identifier: 08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08 Certificate issuer: /CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108 Certificate serial: 019B1A6060B6330213DE21C576C42C0C496D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft Manifest number: 137A Signing time: Sun 14 Dec 2025 01:01:22 +0000 Manifest this update: Sun 14 Dec 2025 01:01:22 +0000 Manifest next update: Mon 15 Dec 2025 01:01:22 +0000 Files and hashes: 1: CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl (hash: Wl8pKiWhrkrZQ5y53N6RluIF3gFSYxWH1vtBG03b2ds=) 2: NSQQr0dchBVb5NqeR8z3x_MXCeI.roa (hash: XPvSVq5h7mPPG5QqR8bg1ZJJPL/y/MfsW5VYh5EY4C8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1a:60:60:b6:33:02:13:de:21:c5:76:c4:2c:0c:49:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108 Validity Not Before: Dec 14 01:01:22 2025 GMT Not After : Dec 15 01:01:22 2025 GMT Subject: CN=9e81f9a2be747820b63300f8c90b8fda10d29e8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e0:eb:a8:29:70:aa:ae:f0:ac:3e:fc:4f:0a: 0f:7d:1d:87:97:fd:eb:08:00:fc:76:b1:e6:54:8e: bc:6f:08:a9:75:fe:31:6e:9e:55:6c:dc:7c:27:72: db:5e:46:fb:a8:71:9a:e2:d2:68:f6:f2:ec:13:11: f7:25:1e:f1:a0:db:9a:59:7f:85:a6:32:4e:04:de: 2a:28:76:c0:0e:4e:c4:44:7e:e0:8f:9c:69:c3:7c: 2c:35:45:3d:d9:32:2b:1b:75:41:45:3f:6e:73:3b: fa:48:19:6e:2a:19:07:5c:cb:8e:e5:df:bf:ae:10: bf:27:8c:16:df:3e:8c:8f:38:cd:1c:ea:61:9a:3a: 3e:fc:2c:2c:24:32:2c:cc:e9:72:17:13:af:bd:87: 76:7f:2f:ca:d3:b2:d9:60:a2:53:62:2e:38:c0:48: ac:39:80:55:26:b9:6a:4a:e5:17:45:82:14:65:28: cf:64:b2:71:70:58:34:73:d9:4e:f7:fe:e9:09:79: e6:ce:01:0c:f7:e0:b8:35:35:64:4f:db:fc:e9:c1: 1b:a8:d5:1c:06:16:eb:69:a6:12:66:fc:41:d1:c9: 8d:8b:38:e2:12:7e:7f:26:3f:7e:5b:0b:d0:4e:a3: b3:20:c2:7a:35:c2:c3:28:63:7e:51:3f:eb:75:79: 63:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:81:F9:A2:BE:74:78:20:B6:33:00:F8:C9:0B:8F:DA:10:D2:9E:8B X509v3 Authority Key Identifier: keyid:08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:45:2c:55:36:91:ba:30:61:51:0d:23:11:6e:37:4e:e4:4a: ac:80:48:91:54:c9:d8:eb:d1:a7:13:8b:93:13:f5:50:aa:e3: f4:26:09:77:51:46:f7:51:1c:ec:30:e0:87:07:fa:e1:2a:2a: 0e:a7:81:1c:35:73:2a:d6:17:2f:41:21:a4:ad:78:2d:16:7e: 48:5a:9f:bb:10:22:89:22:3b:ef:13:37:aa:b4:e0:3a:3a:2c: 58:6d:4f:68:cc:dc:78:59:a9:3f:1d:57:a3:c3:d7:cd:29:a9: 08:23:b8:8c:dd:4b:43:c2:18:d4:a1:7c:7c:df:9e:27:ff:b1: ea:c2:3a:0c:2a:ac:f3:1e:1a:71:7a:2d:cb:c9:9d:6a:3c:12: f5:88:bd:ee:b0:ae:6c:03:5f:7c:23:c2:98:2b:b8:13:fb:4b: fc:ee:85:b2:0b:db:52:89:27:20:3b:0f:80:51:8b:8c:c0:de: fb:47:e2:57:7b:c7:5c:e2:91:4f:99:20:f0:24:1c:d8:4c:21: 0c:af:64:a8:62:c8:e4:ec:55:7c:80:87:56:f4:19:b6:5e:03: 26:f4:a7:d7:03:5b:19:7b:ad:e6:b7:72:72:15:cc:a4:b5:21: 0f:93:42:07:4f:10:18:98:84:f8:17:ba:82:fe:9e:a3:e6:29: 47:30:c7:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsaYGC2MwIT3iHFdsQsDEltMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZDFmMWY4YjQxZDc0ZjdkODY2YjFlNWFkZmQxOGFmZTIw MjcxMDgwHhcNMjUxMjE0MDEwMTIyWhcNMjUxMjE1MDEwMTIyWjAzMTEwLwYDVQQD Eyg5ZTgxZjlhMmJlNzQ3ODIwYjYzMzAwZjhjOTBiOGZkYTEwZDI5ZThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uDrqClwqq7wrD78TwoPfR2Hl/3r CAD8drHmVI68bwipdf4xbp5VbNx8J3LbXkb7qHGa4tJo9vLsExH3JR7xoNuaWX+F pjJOBN4qKHbADk7ERH7gj5xpw3wsNUU92TIrG3VBRT9uczv6SBluKhkHXMuO5d+/ rhC/J4wW3z6MjzjNHOphmjo+/CwsJDIszOlyFxOvvYd2fy/K07LZYKJTYi44wEis OYBVJrlqSuUXRYIUZSjPZLJxcFg0c9lO9/7pCXnmzgEM9+C4NTVkT9v86cEbqNUc BhbraaYSZvxB0cmNizjiEn5/Jj9+WwvQTqOzIMJ6NcLDKGN+UT/rdXljgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ6B+aK+dHggtjMA+MkLj9oQ0p6LMB8GA1UdIwQY MBaAFAjR8fi0HXT32Gax5a39GK/iAnEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmIt ZGY1Y2I5ZjBlM2E0LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmItZGY1Y2I5ZjBlM2E0 LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkUsVTaR ujBhUQ0jEW43TuRKrIBIkVTJ2OvRpxOLkxP1UKrj9CYJd1FG91Ec7DDghwf64Soq DqeBHDVzKtYXL0EhpK14LRZ+SFqfuxAiiSI77xM3qrTgOjosWG1PaMzceFmpPx1X o8PXzSmpCCO4jN1LQ8IY1KF8fN+eJ/+x6sI6DCqs8x4acXoty8mdajwS9Yi97rCu bANffCPCmCu4E/tL/O6FsgvbUoknIDsPgFGLjMDe+0fiV3vHXOKRT5kg8CQc2Ewh DK9kqGLI5OxVfICHVvQZtl4DJvSn1wNbGXut5rdychXMpLUhD5NCB08QGJiE+Be6 gv6eo+YpRzDHAg== -----END CERTIFICATE-----Generated at Sun Dec 14 06:03:00 2025 by rpki-client