This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft File: tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft (raw, json) Hash identifier: UWhqXZh4xlK5R6B4oHz8Rn1QR7Ofxf/jNaYQ/akekfc= Subject key identifier: EF:67:65:A9:EC:B2:F6:6B:3B:7B:E5:4A:2C:B3:0C:45:97:18:20:3B Authority key identifier: B4:71:4B:FD:98:2E:D2:97:E5:C7:3E:CE:74:D2:22:E5:27:4C:1F:B5 Certificate issuer: /CN=b4714bfd982ed297e5c73ece74d222e5274c1fb5 Certificate serial: 019B4091D4369EF3D1A9CD122933CFE56A5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tHFL_Zgu0pflxz7OdNIi5SdMH7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft Manifest number: 14B1 Signing time: Sun 21 Dec 2025 11:00:57 +0000 Manifest this update: Sun 21 Dec 2025 11:00:57 +0000 Manifest next update: Mon 22 Dec 2025 11:00:57 +0000 Files and hashes: 1: j1BO9Furs7_Q3tvlbetVSRlAckY.roa (hash: tdoQUM0H+jW+enIWtoFRlfboER49yX/MAZeA5JaKIMs=) 2: tHFL_Zgu0pflxz7OdNIi5SdMH7U.crl (hash: opntDBMQ84vILfz5DPsOwVC924dZHeOp1veu2JUuGis=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft rsync://rpki.ripe.net/repository/DEFAULT/tHFL_Zgu0pflxz7OdNIi5SdMH7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 11:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:91:d4:36:9e:f3:d1:a9:cd:12:29:33:cf:e5:6a:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4714bfd982ed297e5c73ece74d222e5274c1fb5 Validity Not Before: Dec 21 11:00:57 2025 GMT Not After : Dec 22 11:00:57 2025 GMT Subject: CN=ef6765a9ecb2f66b3b7be54a2cb30c459718203b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:b0:3c:4d:29:67:5f:58:e1:8f:1f:66:79:25: 3f:0e:5c:ac:9e:ae:8c:6c:d2:3f:ac:e3:29:1e:62: d4:65:84:8d:3c:99:1a:90:21:f1:eb:e9:4f:30:77: 17:01:1a:c2:72:17:03:93:84:91:b2:50:eb:9a:80: 39:0a:81:5c:bc:0f:bf:51:89:83:f7:bb:4b:cb:ed: d7:c5:1f:5b:a4:b5:cd:ae:aa:5b:d0:34:4c:6e:ab: 7a:f1:8d:e9:a1:bd:a5:61:a1:31:26:fe:9a:4b:04: 5b:89:e0:31:9a:a3:45:de:5d:4c:48:fd:7e:7e:83: 72:5d:d2:0a:49:41:6b:dc:a0:ba:29:18:96:e0:9e: c2:40:be:98:b3:84:37:07:db:c8:35:ca:5a:a0:ea: a0:2b:83:d3:be:6c:57:4f:19:b5:ec:21:a9:32:c3: bf:81:ae:92:e7:84:00:21:27:e0:ac:23:3b:c1:8f: 8f:33:0d:4c:71:b1:0e:be:f0:c3:4c:65:8c:6f:2e: 85:ed:fe:60:50:6a:7b:7c:8b:5f:35:b0:fc:41:f4: 11:26:54:72:fd:3d:83:f5:75:7c:50:1d:69:f9:6f: e6:c9:2e:0b:d0:25:6a:86:5d:78:f9:d8:65:bd:e9: c0:cb:0e:d4:4d:77:a5:f0:ab:ad:85:6e:f8:05:1d: ae:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:67:65:A9:EC:B2:F6:6B:3B:7B:E5:4A:2C:B3:0C:45:97:18:20:3B X509v3 Authority Key Identifier: keyid:B4:71:4B:FD:98:2E:D2:97:E5:C7:3E:CE:74:D2:22:E5:27:4C:1F:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tHFL_Zgu0pflxz7OdNIi5SdMH7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:5e:56:7c:ac:a5:43:76:dc:b6:90:2a:14:4c:29:31:40:bf: 04:1c:32:ad:d3:e1:fd:53:f8:4d:4a:0c:ad:2c:48:f1:eb:c2: 48:60:11:b2:3b:d5:fc:29:5d:33:ec:e1:4a:58:be:cf:28:bf: b9:9b:6a:61:10:fa:91:61:89:99:a3:c7:6d:6a:26:92:9a:56: d3:b2:0d:02:7d:5b:ce:9a:bc:ea:62:9f:d3:68:9c:c2:91:84: bc:26:72:5d:e2:1e:e8:9a:2a:69:9d:6c:74:fe:be:a7:09:ac: 0b:cd:29:f3:70:1b:50:52:68:84:ea:ad:55:50:dc:d1:41:64: 9c:f1:03:1c:59:d9:fd:49:8e:7f:52:5a:57:e4:06:67:7d:c0: 0f:3a:bc:a3:0e:e0:7d:42:d0:97:a2:1c:f1:e0:f7:af:88:14: 9d:0c:83:1f:af:9f:85:4f:2b:39:99:da:35:ae:8e:f0:33:63: d4:2b:81:3b:c6:0e:e2:44:31:83:3d:bc:e0:f6:9b:d7:1c:01: 63:ab:ca:48:14:24:2b:40:b6:6c:6c:2b:b0:68:cb:5d:51:e3: eb:ae:2f:fe:a5:13:35:85:e0:7d:93:5f:b7:43:00:bf:c0:ae: d5:37:6c:15:88:7f:f4:04:65:0a:9b:b3:9a:a8:9c:48:07:76: 9d:1c:cd:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAkdQ2nvPRqc0SKTPP5WpdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NzE0YmZkOTgyZWQyOTdlNWM3M2VjZTc0ZDIyMmU1Mjc0 YzFmYjUwHhcNMjUxMjIxMTEwMDU3WhcNMjUxMjIyMTEwMDU3WjAzMTEwLwYDVQQD EyhlZjY3NjVhOWVjYjJmNjZiM2I3YmU1NGEyY2IzMGM0NTk3MTgyMDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bA8TSlnX1jhjx9meSU/Dlysnq6M bNI/rOMpHmLUZYSNPJkakCHx6+lPMHcXARrCchcDk4SRslDrmoA5CoFcvA+/UYmD 97tLy+3XxR9bpLXNrqpb0DRMbqt68Y3pob2lYaExJv6aSwRbieAxmqNF3l1MSP1+ foNyXdIKSUFr3KC6KRiW4J7CQL6Ys4Q3B9vINcpaoOqgK4PTvmxXTxm17CGpMsO/ ga6S54QAISfgrCM7wY+PMw1McbEOvvDDTGWMby6F7f5gUGp7fItfNbD8QfQRJlRy /T2D9XV8UB1p+W/myS4L0CVqhl14+dhlvenAyw7UTXel8KuthW74BR2uIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO9nZanssvZrO3vlSiyzDEWXGCA7MB8GA1UdIwQY MBaAFLRxS/2YLtKX5cc+znTSIuUnTB+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEhGTF9aZ3UwcGZseHo3T2ROSWk1U2RNSDdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jZjc3MTgtMjc0ZC00MTJiLWI3NTUt NjJlYTFlN2U4ZmM2LzEvdEhGTF9aZ3UwcGZseHo3T2ROSWk1U2RNSDdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9jZjc3MTgtMjc0ZC00MTJiLWI3NTUtNjJlYTFlN2U4ZmM2 LzEvdEhGTF9aZ3UwcGZseHo3T2ROSWk1U2RNSDdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAl5WfKyl Q3bctpAqFEwpMUC/BBwyrdPh/VP4TUoMrSxI8evCSGARsjvV/CldM+zhSli+zyi/ uZtqYRD6kWGJmaPHbWomkppW07INAn1bzpq86mKf02icwpGEvCZyXeIe6JoqaZ1s dP6+pwmsC80p83AbUFJohOqtVVDc0UFknPEDHFnZ/UmOf1JaV+QGZ33ADzq8ow7g fULQl6Ic8eD3r4gUnQyDH6+fhU8rOZnaNa6O8DNj1CuBO8YO4kQxgz284Pab1xwB Y6vKSBQkK0C2bGwrsGjLXVHj664v/qUTNYXgfZNft0MAv8Cu1TdsFYh/9ARlCpuz mqicSAd2nRzNeQ== -----END CERTIFICATE-----Generated at Sun Dec 21 17:15:14 2025 by rpki-client