This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft File: hRwTZejd_OV1mPvo3n6oesYD4iw.mft (raw, json) Hash identifier: 57nZSsH++FXbOjAXrADlvuTms/U56oLw/DjKlaIFfuE= Subject key identifier: 5C:E8:4E:29:76:A2:B7:81:CF:AA:2D:13:07:89:CB:B8:E2:06:EC:F1 Authority key identifier: 85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C Certificate issuer: /CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c Certificate serial: 019B6CC6CC90E6CA33DEF9D4C3792661EACD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft Manifest number: 09F1 Signing time: Tue 30 Dec 2025 01:02:06 +0000 Manifest this update: Tue 30 Dec 2025 01:02:06 +0000 Manifest next update: Wed 31 Dec 2025 01:02:06 +0000 Files and hashes: 1: hRwTZejd_OV1mPvo3n6oesYD4iw.crl (hash: mJtEHKdRczqYdxD6knWX/PzsbdV3J8zIIKzLCCFoq+c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c6:cc:90:e6:ca:33:de:f9:d4:c3:79:26:61:ea:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851c1365e8ddfce57598fbe8de7ea87ac603e22c Validity Not Before: Dec 30 01:02:06 2025 GMT Not After : Dec 31 01:02:06 2025 GMT Subject: CN=5ce84e2976a2b781cfaa2d130789cbb8e206ecf1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:43:f9:9e:1a:eb:7a:c5:72:95:ef:f2:37:08: 2d:3e:fa:75:b7:72:f9:26:0f:06:7a:bc:29:49:f0: a7:92:47:c6:bc:81:f7:0c:67:34:58:d6:c2:be:ad: d9:e5:d8:93:23:f0:8d:38:22:b3:12:a5:6f:43:d0: 16:2e:5e:49:ce:ac:01:18:a6:b5:bf:f4:fc:32:e8: f8:35:59:16:ec:82:65:dc:00:98:be:d2:25:80:2a: 39:22:96:bf:65:26:fa:ce:c7:09:2f:eb:b0:97:aa: 06:6f:f6:db:b6:f7:05:50:ca:77:59:9e:7d:80:a4: ac:cd:b9:42:e6:45:57:13:4c:9a:99:15:5c:ce:1e: 85:e9:1d:7b:e6:ea:bc:d6:41:55:16:a5:50:db:a5: 13:00:44:0f:f7:1c:68:d9:7c:85:79:0f:64:0c:1d: 01:2e:c2:82:0d:3d:6f:84:b4:8b:33:d6:ad:3b:e2: 78:4a:8d:ea:16:d6:92:01:20:fa:81:56:ca:09:89: 04:12:b9:5a:f0:1d:03:6c:2a:3e:5c:b6:3f:44:7a: 94:9c:ec:bc:66:7d:d7:f7:11:74:51:48:a2:32:6c: 50:ce:f8:01:79:0d:59:2d:94:ab:bd:63:37:d9:5b: 72:ab:12:8e:0c:83:ce:31:2e:d8:dc:e3:0d:34:80: 24:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:E8:4E:29:76:A2:B7:81:CF:AA:2D:13:07:89:CB:B8:E2:06:EC:F1 X509v3 Authority Key Identifier: keyid:85:1C:13:65:E8:DD:FC:E5:75:98:FB:E8:DE:7E:A8:7A:C6:03:E2:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRwTZejd_OV1mPvo3n6oesYD4iw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3522e9-86e0-4b5a-a2c8-00f0601252c8/1/hRwTZejd_OV1mPvo3n6oesYD4iw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:60:fc:b4:e7:92:99:55:c5:09:ee:56:88:c5:d4:06:b7:95: 5c:fd:18:ab:e2:9d:b9:b6:11:33:1a:2c:5a:13:6a:ea:00:d2: 2f:b3:66:96:37:33:7c:1d:b9:4a:53:23:92:d9:ac:9d:6a:52: ba:85:27:c4:4e:2d:45:93:19:56:10:6a:38:fb:51:d4:5f:ad: 00:69:25:69:c2:0b:0f:6b:10:9f:3a:fe:3f:60:09:49:b1:e1: 49:ee:32:d4:52:88:4e:fc:d3:df:4e:b6:cc:0a:8d:0c:71:04: ae:d9:80:b5:9f:9c:65:66:0d:5f:d1:d4:16:65:03:16:c3:c0: a6:05:a5:78:33:b9:d2:1b:44:f4:76:30:c8:10:6e:e8:f6:cc: 8f:87:b7:20:d0:06:f4:46:59:66:64:86:bd:4c:fb:46:3b:dd: aa:5e:43:ce:0d:86:75:99:9c:d3:26:92:51:ba:44:d7:d1:d6: 1e:a6:95:2d:d1:23:27:2e:14:48:f9:93:75:24:03:2c:2a:ca: e6:d2:db:ce:f3:3b:d9:7e:ed:1d:db:1c:95:85:e2:5e:69:30: af:36:90:fa:55:25:38:e3:1a:30:54:1e:e2:fc:f8:e6:ef:54: 37:d2:01:ee:dc:5f:d3:2a:4d:d9:52:17:4d:30:12:7c:e6:be: c2:54:ee:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxsyQ5soz3vnUw3kmYerNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MWMxMzY1ZThkZGZjZTU3NTk4ZmJlOGRlN2VhODdhYzYw M2UyMmMwHhcNMjUxMjMwMDEwMjA2WhcNMjUxMjMxMDEwMjA2WjAzMTEwLwYDVQQD Eyg1Y2U4NGUyOTc2YTJiNzgxY2ZhYTJkMTMwNzg5Y2JiOGUyMDZlY2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUP5nhrresVyle/yNwgtPvp1t3L5 Jg8GerwpSfCnkkfGvIH3DGc0WNbCvq3Z5diTI/CNOCKzEqVvQ9AWLl5JzqwBGKa1 v/T8Muj4NVkW7IJl3ACYvtIlgCo5Ipa/ZSb6zscJL+uwl6oGb/bbtvcFUMp3WZ59 gKSszblC5kVXE0yamRVczh6F6R175uq81kFVFqVQ26UTAEQP9xxo2XyFeQ9kDB0B LsKCDT1vhLSLM9atO+J4So3qFtaSASD6gVbKCYkEErla8B0DbCo+XLY/RHqUnOy8 Zn3X9xF0UUiiMmxQzvgBeQ1ZLZSrvWM32VtyqxKODIPOMS7Y3OMNNIAkaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFzoTil2oreBz6otEweJy7jiBuzxMB8GA1UdIwQY MBaAFIUcE2Xo3fzldZj76N5+qHrGA+IsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgt MDBmMDYwMTI1MmM4LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8zNTIyZTktODZlMC00YjVhLWEyYzgtMDBmMDYwMTI1MmM4 LzEvaFJ3VFplamRfT1YxbVB2bzNuNm9lc1lENGl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmD8tOeS mVXFCe5WiMXUBreVXP0Yq+KdubYRMxosWhNq6gDSL7NmljczfB25SlMjktmsnWpS uoUnxE4tRZMZVhBqOPtR1F+tAGklacILD2sQnzr+P2AJSbHhSe4y1FKITvzT3062 zAqNDHEErtmAtZ+cZWYNX9HUFmUDFsPApgWleDO50htE9HYwyBBu6PbMj4e3INAG 9EZZZmSGvUz7Rjvdql5Dzg2GdZmc0yaSUbpE19HWHqaVLdEjJy4USPmTdSQDLCrK 5tLbzvM72X7tHdsclYXiXmkwrzaQ+lUlOOMaMFQe4vz45u9UN9IB7txf0ypN2VIX TTASfOa+wlTuBA== -----END CERTIFICATE-----Generated at Tue Dec 30 07:13:22 2025 by rpki-client