This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft File: hugNGBwlPRTaHgupwdVmb1Ym1YE.mft (raw, json) Hash identifier: MC+YAAHILvjqN1xjeVEz4shgxYOYN/gy1yBXQjSFxJ8= Subject key identifier: 7E:07:9D:7D:78:FD:C1:79:DC:14:F1:13:7D:60:41:ED:24:C3:DF:77 Authority key identifier: 86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81 Certificate issuer: /CN=86e80d181c253d14da1e0ba9c1d5666f5626d581 Certificate serial: 019B4C9617223BA6DB31AD7EE05584912DA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft Manifest number: 01B5 Signing time: Tue 23 Dec 2025 19:01:03 +0000 Manifest this update: Tue 23 Dec 2025 19:01:03 +0000 Manifest next update: Wed 24 Dec 2025 19:01:03 +0000 Files and hashes: 1: GduTVoXL90rcY5IbBMohmd6Di4U.roa (hash: FpxhDiPtRQpdrB9mwbp5ACWnV465MFksntDsy9t3DCM=) 2: hugNGBwlPRTaHgupwdVmb1Ym1YE.crl (hash: cU8bp+RNaHls/7yyCOx2w1rEnrowzswHP25sac8GysY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:96:17:22:3b:a6:db:31:ad:7e:e0:55:84:91:2d:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86e80d181c253d14da1e0ba9c1d5666f5626d581 Validity Not Before: Dec 23 19:01:03 2025 GMT Not After : Dec 24 19:01:03 2025 GMT Subject: CN=7e079d7d78fdc179dc14f1137d6041ed24c3df77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b4:ac:b9:82:b5:db:c0:8b:1e:a3:cc:1a:5b: 67:7e:2c:02:f7:dc:9e:34:00:3d:7e:24:fa:f3:52: e1:74:21:23:5a:f4:21:c4:20:b4:06:5b:c6:ce:71: b4:86:fa:91:4c:d2:2f:8f:ee:a4:82:c3:bb:1e:b5: 43:fd:ae:68:db:11:00:f5:e6:99:39:01:95:35:cf: d8:69:0e:3e:84:e2:80:52:cc:bb:37:eb:19:a0:66: 18:71:35:89:39:8b:31:b3:91:03:61:62:10:b5:0a: fb:c9:4f:48:43:88:f0:d2:78:ad:56:9a:76:34:3f: 0b:3f:3e:d6:e6:5e:42:be:8f:21:b6:64:c2:8e:58: fb:d1:1d:d5:a3:33:a2:1f:8b:d5:64:88:59:d5:44: c7:16:85:5a:50:76:0f:42:74:72:53:4c:63:7a:b9: 91:7f:c1:23:05:a3:75:f8:82:b2:22:76:a1:9a:09: 30:e2:3e:81:54:e9:2b:1f:4f:e6:29:4e:cc:e2:02: 68:db:d4:a5:fb:56:ab:fb:30:c0:9d:d4:47:e7:12: 46:c3:07:24:dc:3c:17:d0:7b:aa:69:2a:7b:6d:e0: 4b:ab:b9:d0:56:27:e1:3e:f3:33:0e:03:60:a0:2e: 5d:85:ea:86:36:d8:32:5c:a3:3c:97:c0:3b:1c:6b: 63:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:07:9D:7D:78:FD:C1:79:DC:14:F1:13:7D:60:41:ED:24:C3:DF:77 X509v3 Authority Key Identifier: keyid:86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:35:f6:c6:4d:1f:68:4b:8c:14:f5:fa:b0:69:b6:30:72:b7: 07:6d:cf:6c:22:36:8a:17:4d:21:54:62:a2:95:ee:84:73:9d: 0e:c4:7a:1d:3b:36:5d:98:88:9c:cb:dc:d1:9f:61:48:70:fa: 52:ea:ba:6e:ad:5c:1b:f4:25:33:7c:a9:16:90:65:63:b1:6b: 1c:56:47:93:b8:b7:1e:79:c6:be:e2:4e:31:c1:92:a8:04:8b: de:5f:1f:de:08:53:e1:cd:bf:7c:fd:bf:92:56:41:15:96:65: 2f:db:d6:b5:f7:d9:4e:6b:5f:e9:37:ca:20:a4:98:2f:bc:4b: 55:f3:5c:f9:d8:b5:63:59:91:65:3d:18:03:cb:7a:03:4e:b2: e3:53:ad:b8:94:41:97:5c:c8:22:c5:3e:47:df:ae:18:19:8d: 07:6b:fd:af:ed:9d:4c:e5:42:2f:83:41:a9:2d:c7:fd:ae:31: 37:ac:e7:dd:64:6f:90:3c:b3:60:bd:20:77:a7:30:d3:60:90: d0:1c:d5:f4:86:72:3c:e3:d0:34:84:7a:44:46:3c:6e:87:da: f5:9f:f2:fa:b3:06:75:75:6c:9e:43:82:92:a9:ff:6a:9e:f8: 8e:70:52:57:16:4e:e1:e0:e4:20:b2:92:8a:27:85:4a:2f:b8: fb:db:df:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMlhciO6bbMa1+4FWEkS2hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZTgwZDE4MWMyNTNkMTRkYTFlMGJhOWMxZDU2NjZmNTYy NmQ1ODEwHhcNMjUxMjIzMTkwMTAzWhcNMjUxMjI0MTkwMTAzWjAzMTEwLwYDVQQD Eyg3ZTA3OWQ3ZDc4ZmRjMTc5ZGMxNGYxMTM3ZDYwNDFlZDI0YzNkZjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7SsuYK128CLHqPMGltnfiwC99ye NAA9fiT681LhdCEjWvQhxCC0BlvGznG0hvqRTNIvj+6kgsO7HrVD/a5o2xEA9eaZ OQGVNc/YaQ4+hOKAUsy7N+sZoGYYcTWJOYsxs5EDYWIQtQr7yU9IQ4jw0nitVpp2 ND8LPz7W5l5Cvo8htmTCjlj70R3VozOiH4vVZIhZ1UTHFoVaUHYPQnRyU0xjermR f8EjBaN1+IKyInahmgkw4j6BVOkrH0/mKU7M4gJo29Sl+1ar+zDAndRH5xJGwwck 3DwX0HuqaSp7beBLq7nQVifhPvMzDgNgoC5dheqGNtgyXKM8l8A7HGtj1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH4HnX14/cF53BTxE31gQe0kw993MB8GA1UdIwQY MBaAFIboDRgcJT0U2h4LqcHVZm9WJtWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTkt NzNmNTQzNDg4MjNjLzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTktNzNmNTQzNDg4MjNj LzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdDX2xk0f aEuMFPX6sGm2MHK3B23PbCI2ihdNIVRiopXuhHOdDsR6HTs2XZiInMvc0Z9hSHD6 Uuq6bq1cG/QlM3ypFpBlY7FrHFZHk7i3HnnGvuJOMcGSqASL3l8f3ghT4c2/fP2/ klZBFZZlL9vWtffZTmtf6TfKIKSYL7xLVfNc+di1Y1mRZT0YA8t6A06y41OtuJRB l1zIIsU+R9+uGBmNB2v9r+2dTOVCL4NBqS3H/a4xN6zn3WRvkDyzYL0gd6cw02CQ 0BzV9IZyPOPQNIR6REY8bofa9Z/y+rMGdXVsnkOCkqn/ap74jnBSVxZO4eDkILKS iieFSi+4+9vfZA== -----END CERTIFICATE-----Generated at Tue Dec 23 23:28:30 2025 by rpki-client