This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft File: hn3QWtctwi--owKfzukOb7BjiQQ.mft (raw, json) Hash identifier: 8iy/nn8/XssWdeiUxl+M4Plmi46Ath0MpOmwwL+SgkU= Subject key identifier: C2:F3:FB:93:D8:64:AE:E4:A9:CF:C1:52:B8:C4:19:27:28:F9:1A:86 Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04 Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904 Certificate serial: 019B405B178BAD8DB61AC29054607FFE2CED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 10:01:10 +0000 Manifest this update: Sun 21 Dec 2025 10:01:10 +0000 Manifest next update: Mon 22 Dec 2025 10:01:10 +0000 Files and hashes: 1: 1hbevT8gwbMVGXnU3oslqDok4xQ.roa (hash: PvOSpkQG3GMAcOSv9DP0juXGFg1PxvMowO3npVuSH5E=) 2: hn3QWtctwi--owKfzukOb7BjiQQ.crl (hash: GyFIOOQnAfhcewSSsKgP68tAb4Dsnstz7rCYOSKWtN0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:17:8b:ad:8d:b6:1a:c2:90:54:60:7f:fe:2c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904 Validity Not Before: Dec 21 10:01:10 2025 GMT Not After : Dec 22 10:01:10 2025 GMT Subject: CN=c2f3fb93d864aee4a9cfc152b8c4192728f91a86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:af:53:a1:0a:af:e9:28:80:12:2c:ee:13:98: 3a:41:1b:c8:96:4f:d5:a8:a9:e4:d3:81:d0:2f:92: fd:42:dd:ef:7f:8d:b0:1a:1c:9d:c2:99:1b:08:5f: 91:94:80:de:f2:1e:f6:1f:94:75:d8:96:90:c8:5c: 56:8c:9b:84:d4:0c:45:2d:fe:a1:3d:06:fd:99:a1: 0c:c1:f8:c3:54:5c:c0:f1:ff:16:ef:c4:0c:bc:64: 2e:7d:46:58:41:ad:a6:6f:4a:eb:01:97:1e:f3:cb: d0:cb:15:29:44:1b:0e:3e:02:9d:8a:d5:9c:3e:84: 96:42:29:6f:50:f8:17:37:08:e9:e1:c0:4f:ea:83: 0d:d0:73:bd:65:86:5b:8c:1e:20:8c:0f:10:36:bb: 41:f9:8e:d5:87:80:a4:43:ef:84:de:fc:2a:63:83: 99:b1:4f:b4:09:7d:e9:66:42:5c:f5:ab:38:37:0b: 5a:e6:98:84:81:bc:79:3d:2a:e8:0b:90:ae:30:42: 07:69:89:91:74:10:e0:b5:57:fd:0b:42:83:da:98: 32:1b:c3:36:43:a1:9b:b0:5b:8d:c0:50:88:93:e4: 19:fa:9a:f4:50:bd:06:10:d5:f5:07:84:2c:3d:fe: e1:5a:09:49:f0:df:47:87:1d:e9:b9:dc:fa:3f:be: ce:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:F3:FB:93:D8:64:AE:E4:A9:CF:C1:52:B8:C4:19:27:28:F9:1A:86 X509v3 Authority Key Identifier: keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:68:b4:f1:8a:11:ac:68:3a:b0:7b:fc:43:f0:11:b4:c4:b5: fa:0c:39:df:f8:8a:ee:d2:5c:bd:b2:23:77:d9:37:c3:9e:53: 3d:0a:23:71:81:18:4d:ec:58:21:15:f3:e4:15:b4:1e:b4:b4: 71:7b:88:9d:cb:07:c3:0f:80:74:70:b7:c3:dd:9b:59:30:66: d2:03:cd:a5:eb:e2:43:7e:97:36:8c:29:75:ba:12:9a:a1:2c: 6e:f4:14:97:4f:92:25:1a:46:e2:74:e4:71:96:ae:17:3e:c0: 57:e9:e6:8d:8b:a1:2b:56:8b:1f:51:1f:0a:18:cc:46:55:ac: 10:bd:b0:47:10:97:0c:25:c4:6e:d2:8e:5a:6a:49:1a:68:66: a6:c4:21:b8:42:b5:70:be:b8:34:f3:0e:f3:99:25:4c:77:b9: 7d:48:0c:34:aa:d1:4c:7a:97:e7:33:10:ed:08:6c:79:3f:73: df:bf:a0:0b:c7:a4:32:46:6a:4a:d2:d8:5a:67:62:ee:da:57: 34:95:19:70:c1:0b:20:b9:a9:8b:e7:1d:ee:fb:19:f1:6d:21: 47:57:7a:1b:5c:5c:d7:1f:35:0c:5a:d0:e3:6e:e7:f0:aa:bd: 19:f2:99:bd:f2:a4:b0:07:7b:7b:2a:a2:7b:3c:a6:f1:d4:6e: cb:33:99:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWxeLrY22GsKQVGB//iztMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2 Mzg5MDQwHhcNMjUxMjIxMTAwMTEwWhcNMjUxMjIyMTAwMTEwWjAzMTEwLwYDVQQD EyhjMmYzZmI5M2Q4NjRhZWU0YTljZmMxNTJiOGM0MTkyNzI4ZjkxYTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK9ToQqv6SiAEizuE5g6QRvIlk/V qKnk04HQL5L9Qt3vf42wGhydwpkbCF+RlIDe8h72H5R12JaQyFxWjJuE1AxFLf6h PQb9maEMwfjDVFzA8f8W78QMvGQufUZYQa2mb0rrAZce88vQyxUpRBsOPgKditWc PoSWQilvUPgXNwjp4cBP6oMN0HO9ZYZbjB4gjA8QNrtB+Y7Vh4CkQ++E3vwqY4OZ sU+0CX3pZkJc9as4Nwta5piEgbx5PSroC5CuMEIHaYmRdBDgtVf9C0KD2pgyG8M2 Q6GbsFuNwFCIk+QZ+pr0UL0GENX1B4QsPf7hWglJ8N9Hhx3pudz6P77OswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMLz+5PYZK7kqc/BUrjEGSco+RqGMB8GA1UdIwQY MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt MjM5ZTVhYmZjYzZhLzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGi08YoR rGg6sHv8Q/ARtMS1+gw53/iK7tJcvbIjd9k3w55TPQojcYEYTexYIRXz5BW0HrS0 cXuIncsHww+AdHC3w92bWTBm0gPNpeviQ36XNowpdboSmqEsbvQUl0+SJRpG4nTk cZauFz7AV+nmjYuhK1aLH1EfChjMRlWsEL2wRxCXDCXEbtKOWmpJGmhmpsQhuEK1 cL64NPMO85klTHe5fUgMNKrRTHqX5zMQ7QhseT9z37+gC8ekMkZqStLYWmdi7tpX NJUZcMELILmpi+cd7vsZ8W0hR1d6G1xc1x81DFrQ427n8Kq9GfKZvfKksAd7eyqi ezym8dRuyzOZCA== -----END CERTIFICATE-----Generated at Sun Dec 21 19:29:20 2025 by rpki-client