This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json) Hash identifier: +y06/bIqkn5fBF7na51T9rFg+lxs64fpUp7VSMzzZnM= Subject key identifier: A8:BE:6D:52:88:18:79:14:C8:74:28:70:AE:74:A9:94:6B:C1:96:B2 Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763 Certificate serial: 019B52CEDC596FDB22DEF465738C2CF65E8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft Manifest number: 0B7C Signing time: Thu 25 Dec 2025 00:00:47 +0000 Manifest this update: Thu 25 Dec 2025 00:00:47 +0000 Manifest next update: Fri 26 Dec 2025 00:00:47 +0000 Files and hashes: 1: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (hash: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=) 2: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: EHAGHNWQcpquAG3l2dg8c4lXDHG8gg56otclAS+SStg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 00:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:ce:dc:59:6f:db:22:de:f4:65:73:8c:2c:f6:5e:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87de085975de6588e07fed135513aa38acedb763 Validity Not Before: Dec 25 00:00:47 2025 GMT Not After : Dec 26 00:00:47 2025 GMT Subject: CN=a8be6d5288187914c8742870ae74a9946bc196b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:fc:77:0f:82:07:dc:19:2e:c7:91:0b:98:62: 76:09:e6:ad:20:07:e7:c5:ff:71:00:56:35:c3:f3: a8:e5:80:f4:98:c9:31:eb:ca:ae:2c:bd:76:45:9a: f8:5a:a9:05:6a:92:b5:38:2e:ac:f3:a5:c5:53:6d: 71:f1:c1:b1:0d:32:3d:9f:57:9c:17:52:08:79:bd: 14:ff:0b:75:34:d6:a4:a7:34:13:cd:6b:c4:d7:11: ef:85:d3:5c:09:39:f3:08:b0:5c:58:1c:94:4f:6b: bd:92:65:3d:9f:0a:be:8e:81:f8:b4:a8:34:e8:bf: 5e:76:a7:ab:9d:cf:6d:0e:ba:66:17:83:06:53:b3: f3:32:88:c8:0a:ba:f3:2f:a1:53:15:bf:e6:d8:c4: 97:81:7e:09:c3:4a:dd:32:36:91:b8:4a:d7:d9:86: 4e:ac:74:a7:60:a4:62:1f:35:c4:71:cb:33:90:b4: 91:f3:0e:8f:e8:2e:cc:c3:b5:d9:5a:35:d2:e5:be: ed:14:33:d3:1b:14:f8:1b:47:34:59:41:ef:ea:42: a9:23:ab:97:1f:71:46:09:51:83:5f:eb:75:e0:23: 61:3f:2a:da:75:04:e7:e9:48:91:a2:b1:5a:c4:4e: 14:a3:24:36:fd:a0:23:e4:28:68:03:6e:28:35:67: 87:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:BE:6D:52:88:18:79:14:C8:74:28:70:AE:74:A9:94:6B:C1:96:B2 X509v3 Authority Key Identifier: keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d6:30:e9:da:69:ba:c7:05:1d:38:b8:20:d5:48:11:6a:ea:e8: b4:47:c3:1a:32:75:5f:fa:f9:b3:14:90:eb:27:a0:25:b5:49: f1:2d:c9:a2:e8:d1:af:be:d6:77:b1:b7:c5:01:0e:4f:0a:da: fc:2b:0a:eb:fc:76:83:1f:fb:3f:82:d2:fb:a9:37:c9:30:fd: 0f:40:0f:64:36:e7:f4:53:9d:65:cc:bb:63:d3:c7:45:f0:81: 07:a4:c0:4e:73:3f:dc:eb:32:39:e9:b7:a8:cb:78:a8:25:9a: d3:2f:34:3e:d3:6a:31:3c:18:e2:80:44:76:da:e6:1f:56:64: 68:4f:08:78:6f:01:31:74:d2:de:43:83:88:cb:97:37:30:ea: a0:ab:63:bd:02:cc:a8:47:a3:89:6f:6a:26:95:bf:f3:b7:9b: d6:94:4b:bb:9c:4c:dc:0e:6a:7d:39:27:02:1d:2e:63:22:70: 73:2c:37:00:74:9f:81:eb:bc:43:69:9a:26:f6:4a:04:18:f1: dc:a7:c3:2d:86:a0:79:79:2e:08:7c:d8:62:84:07:fb:db:3a: e8:9d:b0:cd:55:b5:99:31:da:ae:da:4f:83:b4:c9:41:98:8b: bf:9d:60:da:d0:ec:38:e7:ff:75:7f:d9:b8:5f:22:aa:c8:28: 81:13:f8:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSztxZb9si3vRlc4ws9l6MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl ZGI3NjMwHhcNMjUxMjI1MDAwMDQ3WhcNMjUxMjI2MDAwMDQ3WjAzMTEwLwYDVQQD EyhhOGJlNmQ1Mjg4MTg3OTE0Yzg3NDI4NzBhZTc0YTk5NDZiYzE5NmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfx3D4IH3Bkux5ELmGJ2CeatIAfn xf9xAFY1w/Oo5YD0mMkx68quLL12RZr4WqkFapK1OC6s86XFU21x8cGxDTI9n1ec F1IIeb0U/wt1NNakpzQTzWvE1xHvhdNcCTnzCLBcWByUT2u9kmU9nwq+joH4tKg0 6L9edqernc9tDrpmF4MGU7PzMojICrrzL6FTFb/m2MSXgX4Jw0rdMjaRuErX2YZO rHSnYKRiHzXEccszkLSR8w6P6C7Mw7XZWjXS5b7tFDPTGxT4G0c0WUHv6kKpI6uX H3FGCVGDX+t14CNhPyradQTn6UiRorFaxE4UoyQ2/aAj5ChoA24oNWeHsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKi+bVKIGHkUyHQocK50qZRrwZayMB8GA1UdIwQY MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1jDp2mm6 xwUdOLgg1UgRaurotEfDGjJ1X/r5sxSQ6yegJbVJ8S3JoujRr77Wd7G3xQEOTwra /CsK6/x2gx/7P4LS+6k3yTD9D0APZDbn9FOdZcy7Y9PHRfCBB6TATnM/3OsyOem3 qMt4qCWa0y80PtNqMTwY4oBEdtrmH1ZkaE8IeG8BMXTS3kODiMuXNzDqoKtjvQLM qEejiW9qJpW/87eb1pRLu5xM3A5qfTknAh0uYyJwcyw3AHSfgeu8Q2maJvZKBBjx 3KfDLYageXkuCHzYYoQH+9s66J2wzVW1mTHartpPg7TJQZiLv51g2tDsOOf/dX/Z uF8iqsgogRP4Xg== -----END CERTIFICATE-----Generated at Thu Dec 25 05:18:28 2025 by rpki-client