This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json) Hash identifier: 4V4UkrfmG8BiF4VRDEVZD1SGnLZAD+XrxKXrn3Gism4= Subject key identifier: EE:41:8A:43:69:B9:0A:64:AF:8A:9C:4C:25:58:DF:06:9E:A1:F3:54 Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Certificate serial: 019B3CB4EE739C6A9A491DA087AFBF30EC3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft Manifest number: 1719 Signing time: Sat 20 Dec 2025 17:00:49 +0000 Manifest this update: Sat 20 Dec 2025 17:00:49 +0000 Manifest next update: Sun 21 Dec 2025 17:00:49 +0000 Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=) 2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: vGjhjX1LjOBIedye6+d8UMhloN8PmzOBPyxPO2GSJNw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:ee:73:9c:6a:9a:49:1d:a0:87:af:bf:30:ec:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Validity Not Before: Dec 20 17:00:49 2025 GMT Not After : Dec 21 17:00:49 2025 GMT Subject: CN=ee418a4369b90a64af8a9c4c2558df069ea1f354 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2e:30:06:f1:07:42:ac:44:86:1e:18:c9:30: be:e2:20:7e:63:5a:4b:9a:43:8a:2d:2e:66:49:0e: 6a:84:a5:83:e8:f1:8e:03:32:85:a1:b7:b8:0f:ac: 4a:82:7f:58:10:58:9b:a8:ad:10:ef:43:f9:56:7b: b5:e1:18:43:cb:3b:9b:cd:ab:94:f3:cb:f2:ea:06: 92:77:3b:f2:1a:30:c9:37:2a:a7:ac:3f:a5:88:be: 49:9f:c1:31:7b:03:fd:43:c6:28:01:f8:e5:c0:de: a1:8b:1d:2f:9e:e5:17:d3:37:10:af:b2:a8:a5:0b: b3:54:7c:50:55:ae:ca:66:9d:d5:1c:ae:85:d2:16: 86:07:3a:f2:e7:8c:75:b7:2f:b2:09:dd:24:99:ff: 0f:0f:3c:41:53:7d:be:14:c8:9c:2d:6a:7e:55:9c: 0e:fd:84:ac:c3:af:63:d8:ef:2f:57:4e:eb:f0:9a: f6:2e:83:e5:d7:02:7e:d8:9b:23:b1:15:90:a5:13: 73:07:a6:c1:7b:a9:8c:0e:e3:9a:22:cb:71:a3:54: 8b:b6:c3:51:f7:b3:8a:0b:24:78:72:e5:c0:60:ea: ed:cf:9b:3f:7e:9e:76:2b:60:4a:46:4d:a9:41:a6: 00:d1:b4:53:38:bb:d4:b6:c7:fe:c4:16:61:06:68: d6:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:41:8A:43:69:B9:0A:64:AF:8A:9C:4C:25:58:DF:06:9E:A1:F3:54 X509v3 Authority Key Identifier: keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:4c:c4:1f:67:19:a3:7f:29:0e:5d:68:b2:e9:73:ba:f2:e3: 6d:2b:a1:fd:4a:6d:eb:7a:84:71:27:8e:f7:9e:59:fb:16:50: a3:c4:96:c4:72:af:a8:c9:df:03:6f:ec:7d:05:42:f5:b7:06: 71:db:b6:70:79:66:4c:69:7f:7f:f1:06:09:0b:e9:62:3c:0a: 7d:3c:30:fc:b3:c0:e4:ba:1e:ec:69:e8:db:f3:9e:b7:e0:8d: 9a:77:c6:18:67:05:94:2b:7a:1f:be:25:69:e5:5a:63:47:ce: 43:ed:fa:c1:9e:8a:c9:39:df:12:d5:df:27:3a:80:d2:b9:69: f1:c3:49:4f:5e:f1:b8:60:9b:3a:bd:ec:2d:9d:0f:8a:24:7a: b0:f6:c1:bc:e3:e3:c3:c7:d2:a6:01:eb:1d:62:6d:8f:30:5e: 2d:4f:8c:72:4c:34:8a:1f:cb:86:2d:b2:73:d4:2e:04:8a:4c: 33:bc:85:15:60:a2:e5:4a:13:80:f9:b8:1c:49:f1:ca:d2:c2: 2f:07:83:8e:14:b1:41:01:f5:e8:2a:fc:39:a9:ac:4b:0e:e3: 54:5a:bc:0d:0f:80:28:73:e0:f6:64:a8:19:cb:e6:6a:3c:fb: c6:93:61:ba:f7:9d:fe:44:3e:b9:62:a6:2f:b9:a9:be:27:0a: 34:80:05:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tO5znGqaSR2gh6+/MOw7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0 NWI2Y2QwHhcNMjUxMjIwMTcwMDQ5WhcNMjUxMjIxMTcwMDQ5WjAzMTEwLwYDVQQD EyhlZTQxOGE0MzY5YjkwYTY0YWY4YTljNGMyNTU4ZGYwNjllYTFmMzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS4wBvEHQqxEhh4YyTC+4iB+Y1pL mkOKLS5mSQ5qhKWD6PGOAzKFobe4D6xKgn9YEFibqK0Q70P5Vnu14RhDyzubzauU 88vy6gaSdzvyGjDJNyqnrD+liL5Jn8ExewP9Q8YoAfjlwN6hix0vnuUX0zcQr7Ko pQuzVHxQVa7KZp3VHK6F0haGBzry54x1ty+yCd0kmf8PDzxBU32+FMicLWp+VZwO /YSsw69j2O8vV07r8Jr2LoPl1wJ+2JsjsRWQpRNzB6bBe6mMDuOaIstxo1SLtsNR 97OKCyR4cuXAYOrtz5s/fp52K2BKRk2pQaYA0bRTOLvUtsf+xBZhBmjWlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO5BikNpuQpkr4qcTCVY3waeofNUMB8GA1UdIwQY MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOkzEH2cZ o38pDl1osulzuvLjbSuh/Upt63qEcSeO955Z+xZQo8SWxHKvqMnfA2/sfQVC9bcG cdu2cHlmTGl/f/EGCQvpYjwKfTww/LPA5Loe7Gno2/Oet+CNmnfGGGcFlCt6H74l aeVaY0fOQ+36wZ6KyTnfEtXfJzqA0rlp8cNJT17xuGCbOr3sLZ0PiiR6sPbBvOPj w8fSpgHrHWJtjzBeLU+Mckw0ih/Lhi2yc9QuBIpMM7yFFWCi5UoTgPm4HEnxytLC LweDjhSxQQH16Cr8OamsSw7jVFq8DQ+AKHPg9mSoGcvmajz7xpNhuved/kQ+uWKm L7mpvicKNIAFcg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:52:20 2025 by rpki-client