This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json) Hash identifier: 3kciCS78nNl1YZ3Lb43hZutqYgzHEAfyUEXE6BPX4Bo= Subject key identifier: 40:AF:56:03:62:01:C0:F6:62:34:36:A1:05:E1:1F:E9:1C:59:42:1F Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1 Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1 Certificate serial: 019B405A8D39BB7D27DBCB2B76D3DDBAD82A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft Manifest number: 178D Signing time: Sun 21 Dec 2025 10:00:34 +0000 Manifest this update: Sun 21 Dec 2025 10:00:34 +0000 Manifest next update: Mon 22 Dec 2025 10:00:34 +0000 Files and hashes: 1: 3MF6BuznJ4OfS1C5J5sFom719Ag.roa (hash: SgA1M+YF5PTZbvqD1BRuBpZXk3sFWrE/PgQsVhuZ/S4=) 2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: 3Z+2Nb2HEOVxMhV8en/b/ICTQRLRPuPRpSlbagZ20wI=) 3: pFxtApTW54EbBHD0oDAnh4jDG3E.roa (hash: gJNAVWKEII1RjZzGIybSB1Nkau8KmzUZnx0gYczpW88=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:8d:39:bb:7d:27:db:cb:2b:76:d3:dd:ba:d8:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1 Validity Not Before: Dec 21 10:00:34 2025 GMT Not After : Dec 22 10:00:34 2025 GMT Subject: CN=40af56036201c0f6623436a105e11fe91c59421f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:13:36:34:97:ed:85:a9:23:c1:a6:16:17:61: 01:41:77:90:ae:00:51:c4:10:12:60:a0:e5:64:a7: 1c:c3:56:15:33:6a:ad:63:08:d6:29:bf:9b:b3:55: e9:6c:77:bb:f0:b4:71:b0:8f:1b:61:bb:40:6e:ae: 70:eb:ed:b5:ca:6e:e4:48:fa:af:e1:90:e7:da:f3: 1b:6f:b7:2c:49:81:98:2d:41:d1:3c:c3:64:71:a3: da:e0:45:0e:2b:44:1a:46:30:ec:8e:d3:1d:74:5c: de:0b:33:40:e9:6e:c6:5b:43:b8:65:74:2b:2d:3b: 50:52:92:46:4e:ec:fe:d1:24:cd:52:4a:05:57:24: 06:9f:82:f3:21:0d:db:9a:af:d7:a5:3a:24:6d:c8: d7:53:ae:9d:b5:4c:cb:9b:af:4e:0c:4d:a8:e6:ff: f3:da:20:2a:0a:42:18:6c:2e:bc:6e:f9:c2:86:cf: 30:9a:c1:c2:ac:7c:31:eb:06:89:c1:6d:6d:c0:00: 17:76:8c:9d:f3:cc:91:3b:06:fa:d3:d7:68:c0:1b: 3f:fe:89:de:ec:1f:2a:76:42:1b:16:3b:1a:2f:c2: 90:bc:da:07:2c:0a:a4:81:11:81:35:1e:67:b3:02: de:75:28:cb:fd:f9:ef:fc:8f:83:79:7f:72:5f:23: 75:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:AF:56:03:62:01:C0:F6:62:34:36:A1:05:E1:1F:E9:1C:59:42:1F X509v3 Authority Key Identifier: keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:bd:33:71:d6:dd:1a:67:02:f0:23:f9:c4:ca:6d:48:75:b0: 9e:fc:46:50:13:a1:d3:19:f8:75:58:38:c7:c6:71:ac:69:12: e2:0a:5f:52:3c:b8:35:80:19:d2:e8:fd:29:f3:15:65:ab:df: e3:02:f0:cd:58:e5:51:f2:da:6f:4e:de:58:dd:12:18:02:28: 81:7f:4f:15:fb:54:79:33:b5:85:c8:9a:cf:e4:57:96:2f:5b: 0f:87:e0:66:49:da:38:78:67:f7:3a:05:bf:86:75:20:a0:b5: 7d:fe:88:50:cf:9f:b3:2a:09:ff:10:92:ab:9d:8a:4f:0b:ba: 76:e5:f0:21:9b:f7:59:7d:d3:78:7b:65:ff:18:a6:b4:81:c9: 3c:62:fd:c6:c6:24:e6:55:8f:a0:5a:d4:f7:6b:8f:52:08:54: d2:09:49:cc:2a:aa:44:22:4e:10:37:3c:23:25:1b:cb:23:bb: eb:f7:cb:12:13:9f:a2:35:9d:1b:01:43:fb:8e:8e:4f:31:4c: 3b:f0:54:9f:0d:41:c1:8a:61:51:f8:a8:26:17:89:86:f3:01: 7c:06:16:ae:c6:ee:fb:b1:67:0c:2d:5b:56:21:54:cd:6d:cf: 35:eb:36:03:2b:2e:e5:2a:70:cb:5c:6b:c2:60:19:39:37:63: 15:c8:82:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWo05u30n28srdtPdutgqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx MzUwYTEwHhcNMjUxMjIxMTAwMDM0WhcNMjUxMjIyMTAwMDM0WjAzMTEwLwYDVQQD Eyg0MGFmNTYwMzYyMDFjMGY2NjIzNDM2YTEwNWUxMWZlOTFjNTk0MjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxM2NJfthakjwaYWF2EBQXeQrgBR xBASYKDlZKccw1YVM2qtYwjWKb+bs1XpbHe78LRxsI8bYbtAbq5w6+21ym7kSPqv 4ZDn2vMbb7csSYGYLUHRPMNkcaPa4EUOK0QaRjDsjtMddFzeCzNA6W7GW0O4ZXQr LTtQUpJGTuz+0STNUkoFVyQGn4LzIQ3bmq/XpTokbcjXU66dtUzLm69ODE2o5v/z 2iAqCkIYbC68bvnChs8wmsHCrHwx6waJwW1twAAXdoyd88yROwb609dowBs//one 7B8qdkIbFjsaL8KQvNoHLAqkgRGBNR5nswLedSjL/fnv/I+DeX9yXyN1wwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECvVgNiAcD2YjQ2oQXhH+kcWUIfMB8GA1UdIwQY MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4 LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC70zcdbd GmcC8CP5xMptSHWwnvxGUBOh0xn4dVg4x8ZxrGkS4gpfUjy4NYAZ0uj9KfMVZavf 4wLwzVjlUfLab07eWN0SGAIogX9PFftUeTO1hciaz+RXli9bD4fgZknaOHhn9zoF v4Z1IKC1ff6IUM+fsyoJ/xCSq52KTwu6duXwIZv3WX3TeHtl/ximtIHJPGL9xsYk 5lWPoFrU92uPUghU0glJzCqqRCJOEDc8IyUbyyO76/fLEhOfojWdGwFD+46OTzFM O/BUnw1BwYphUfioJheJhvMBfAYWrsbu+7FnDC1bViFUzW3PNes2Aysu5Spwy1xr wmAZOTdjFciChQ== -----END CERTIFICATE-----Generated at Sun Dec 21 15:49:27 2025 by rpki-client