This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json) Hash identifier: oBHOgzpiXZmCApvTtjRy0IzGPhysyNC0FJ6vSEMhpKo= Subject key identifier: 96:AD:3F:9D:DD:7A:96:A6:83:B8:41:2B:51:7D:BD:3E:C5:11:B7:C3 Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add Certificate serial: 019B66FBB2170BB8756AA6A3B74F336B3B2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft Manifest number: 1324 Signing time: Sun 28 Dec 2025 22:02:09 +0000 Manifest this update: Sun 28 Dec 2025 22:02:09 +0000 Manifest next update: Mon 29 Dec 2025 22:02:09 +0000 Files and hashes: 1: AFoF1GuFzHjl8hWS56zz0OT3Bgg.roa (hash: tZKNbZDCtPOdNWQDTedTIFStwLgZ/2vtLmBHU+SWAQk=) 2: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: GYxNsFAGQsW5w077pBN134aTGhCNCzGuiJyDmrCmAwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:fb:b2:17:0b:b8:75:6a:a6:a3:b7:4f:33:6b:3b:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=869035c317734f661bbf85c2184155a1f3616add Validity Not Before: Dec 28 22:02:09 2025 GMT Not After : Dec 29 22:02:09 2025 GMT Subject: CN=96ad3f9ddd7a96a683b8412b517dbd3ec511b7c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1a:bc:2f:d7:27:30:72:60:fc:50:60:3a:45: c3:f2:41:e4:9f:8b:64:d2:9f:f8:05:ad:bd:6b:9d: 1b:ce:77:d6:38:0d:09:52:77:64:ac:1e:2d:65:17: 8f:3d:7c:a3:42:2e:15:f5:74:cb:54:07:d4:21:5b: a7:37:33:36:d5:09:dc:b7:09:02:ee:12:40:23:e3: af:18:4f:d9:36:12:22:4d:ce:81:31:47:bd:1c:c9: c7:65:64:a2:67:b8:b8:40:1f:4b:c1:12:82:a0:95: 1a:ab:8c:aa:9d:cf:4b:b4:bf:3c:fe:0b:ff:43:13: a8:57:db:d3:10:e7:21:29:6b:7f:a4:b7:d1:ea:23: 4c:78:f6:2f:bf:0a:c9:f4:22:bd:05:72:d9:c4:c1: e7:c5:bb:87:75:ed:d2:3f:f8:ae:3e:e7:78:ae:49: 1e:16:ae:63:3a:25:a5:28:a6:b8:0f:60:4a:16:07: 88:9d:ec:66:18:54:05:d3:b7:fe:b6:49:e0:2b:9e: 06:77:ad:26:81:3c:2b:86:ec:d7:23:c6:35:81:f5: 72:4d:de:ad:1a:22:7e:2f:6a:17:2d:54:73:4f:78: 79:85:41:b3:09:57:a5:8f:3f:6e:31:42:04:47:93: 66:d0:50:bf:6d:02:50:94:6c:cd:f8:e2:ed:a5:c8: b5:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:AD:3F:9D:DD:7A:96:A6:83:B8:41:2B:51:7D:BD:3E:C5:11:B7:C3 X509v3 Authority Key Identifier: keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:fc:aa:ee:f6:53:3b:62:2e:4d:21:a2:38:fb:43:df:19:a2: 1e:37:db:9d:f4:1a:51:3f:53:f0:be:a7:55:7e:2c:f4:ee:0d: 7d:29:90:29:99:f4:fe:b8:ab:6f:4b:0c:3b:55:ad:69:37:59: 40:3f:75:c0:0a:d5:39:e1:9a:4a:54:ac:cd:95:5c:9e:01:3b: 64:26:e7:38:cc:12:dc:be:08:05:8a:15:e8:d6:45:3f:ce:a0: 0c:35:1b:af:ab:96:26:51:68:cb:68:72:40:5f:d7:58:b2:e7: e0:b7:b0:bc:a6:6e:61:cc:49:94:16:f9:11:42:88:23:e1:2e: 27:d3:db:47:9a:66:bf:e6:2c:8c:8a:ea:62:67:b3:28:d5:00: 8f:1f:d6:26:3a:90:1c:8b:94:5e:f7:b6:2c:d9:9d:28:cc:7f: 5a:02:11:80:1b:39:7a:64:d8:f9:68:d6:22:d0:f7:22:8d:b2: c1:5a:25:b2:5a:a6:c5:aa:19:42:9c:bc:37:25:d1:bf:31:a6: 7a:3c:56:3c:10:a8:8e:a3:90:ea:b2:0b:49:61:32:2a:75:0a: 8a:4d:51:b3:35:ee:c9:72:b5:c1:25:c7:91:6d:59:21:e0:23: 7e:fb:28:66:73:b0:ee:05:b3:d0:6f:8e:ff:47:c5:0a:19:f9: 4d:62:fa:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtm+7IXC7h1aqajt08zazsrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2 MTZhZGQwHhcNMjUxMjI4MjIwMjA5WhcNMjUxMjI5MjIwMjA5WjAzMTEwLwYDVQQD Eyg5NmFkM2Y5ZGRkN2E5NmE2ODNiODQxMmI1MTdkYmQzZWM1MTFiN2MzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxq8L9cnMHJg/FBgOkXD8kHkn4tk 0p/4Ba29a50bznfWOA0JUndkrB4tZRePPXyjQi4V9XTLVAfUIVunNzM21QnctwkC 7hJAI+OvGE/ZNhIiTc6BMUe9HMnHZWSiZ7i4QB9LwRKCoJUaq4yqnc9LtL88/gv/ QxOoV9vTEOchKWt/pLfR6iNMePYvvwrJ9CK9BXLZxMHnxbuHde3SP/iuPud4rkke Fq5jOiWlKKa4D2BKFgeInexmGFQF07f+tkngK54Gd60mgTwrhuzXI8Y1gfVyTd6t GiJ+L2oXLVRzT3h5hUGzCVeljz9uMUIER5Nm0FC/bQJQlGzN+OLtpci1TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJatP53depamg7hBK1F9vT7FEbfDMB8GA1UdIwQY MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfyq7vZT O2IuTSGiOPtD3xmiHjfbnfQaUT9T8L6nVX4s9O4NfSmQKZn0/rirb0sMO1WtaTdZ QD91wArVOeGaSlSszZVcngE7ZCbnOMwS3L4IBYoV6NZFP86gDDUbr6uWJlFoy2hy QF/XWLLn4LewvKZuYcxJlBb5EUKII+EuJ9PbR5pmv+YsjIrqYmezKNUAjx/WJjqQ HIuUXve2LNmdKMx/WgIRgBs5emTY+WjWItD3Io2ywVolslqmxaoZQpy8NyXRvzGm ejxWPBCojqOQ6rILSWEyKnUKik1RszXuyXK1wSXHkW1ZIeAjfvsoZnOw7gWz0G+O /0fFChn5TWL6iA== -----END CERTIFICATE-----Generated at Mon Dec 29 03:29:17 2025 by rpki-client