This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft File: HrwURUFHAQyh700E0hASXh7X0ho.mft (raw, json) Hash identifier: +JHzSKT8rYECdizDC8CfixKDWuyYeI0NYXuJLKDPGtA= Subject key identifier: 30:89:B9:A4:29:84:57:ED:DF:24:6A:74:04:1B:1A:14:D6:A9:E8:4C Authority key identifier: 1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A Certificate issuer: /CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a Certificate serial: 019BB1A7BCE64100360C3CAF321BB82D166C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft Manifest number: 0984 Signing time: Mon 12 Jan 2026 10:01:58 +0000 Manifest this update: Mon 12 Jan 2026 10:01:58 +0000 Manifest next update: Tue 13 Jan 2026 10:01:58 +0000 Files and hashes: 1: HrwURUFHAQyh700E0hASXh7X0ho.crl (hash: GoFLUydyfkii85b/nyX9aUScr0XteaOLc6x6gQDYWrM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 10:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b1:a7:bc:e6:41:00:36:0c:3c:af:32:1b:b8:2d:16:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ebc14454147010ca1ef4d04d210125e1ed7d21a Validity Not Before: Jan 12 10:01:58 2026 GMT Not After : Jan 13 10:01:58 2026 GMT Subject: CN=3089b9a4298457eddf246a74041b1a14d6a9e84c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:fe:84:5a:bc:e1:fa:b0:ea:41:5d:56:65:58: f2:42:ac:d0:d4:86:23:b9:de:c6:2a:26:7d:15:fa: a1:95:97:b8:4b:75:5b:a5:56:ec:1e:a6:4f:a1:07: 56:9c:79:89:1e:52:9c:c7:91:8a:3e:9e:6a:3f:ed: 8f:77:55:fb:fe:e3:e2:56:a5:f9:97:84:ee:7b:98: 31:68:6a:76:6e:11:8a:2c:b8:26:c5:93:45:1c:d3: 21:d3:00:a3:a2:d3:41:b3:61:cc:34:bf:72:f3:c1: 44:c3:3b:c1:d1:3b:3c:2c:e0:ea:9d:9f:eb:b8:7f: fe:57:ef:e1:00:20:86:3d:0e:68:08:29:2d:9d:d8: b6:f4:4b:1a:90:cc:12:93:20:e2:22:ce:ed:8d:00: b7:83:1a:8b:9b:17:6d:d2:3e:f0:ec:d0:12:e1:0c: 7e:0d:95:ac:c5:3e:e8:37:21:52:1b:1d:09:5a:49: 9e:56:d5:03:f4:ba:e2:fb:4c:55:6e:72:3b:23:63: 34:e3:ff:19:a7:6f:c6:eb:a5:4c:77:92:45:6d:6d: db:17:54:4b:43:49:3d:f3:f9:86:96:15:0b:a0:35: a1:21:69:09:00:83:10:1a:3c:f3:a7:67:cb:df:4a: e8:22:c0:10:1c:fc:bf:4b:b8:34:1c:41:49:9a:ff: c4:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:89:B9:A4:29:84:57:ED:DF:24:6A:74:04:1B:1A:14:D6:A9:E8:4C X509v3 Authority Key Identifier: keyid:1E:BC:14:45:41:47:01:0C:A1:EF:4D:04:D2:10:12:5E:1E:D7:D2:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HrwURUFHAQyh700E0hASXh7X0ho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/48bf98-7e15-45be-bd39-205079e51c13/1/HrwURUFHAQyh700E0hASXh7X0ho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:9f:74:41:38:15:87:39:c7:73:2c:dc:08:f4:95:53:45:12: 68:91:36:73:76:0e:44:35:1b:b1:39:54:ae:dc:46:40:56:7a: 3a:09:9b:5f:36:0a:fc:29:ca:da:e2:da:9f:51:43:49:27:bb: 79:40:2a:34:d2:0a:83:a5:7c:da:08:aa:40:42:3d:90:81:eb: de:2c:30:b0:b7:13:07:ed:68:c9:b6:79:7e:e3:e7:6c:aa:bb: 9a:e7:75:e4:20:b3:3c:c2:61:98:7c:7b:bf:92:09:97:57:f3: 8d:21:02:c7:67:1a:be:ac:6d:5c:3e:6a:15:18:b4:1d:db:d1: 8d:b1:c6:30:f0:7e:b8:bd:6e:56:f1:a4:24:1f:8e:ef:f0:5b: 51:d1:8c:50:d8:99:a8:c4:64:f5:ea:5c:49:0b:d5:4d:48:f5: 52:4a:c0:3b:35:96:69:14:1e:61:5e:1c:b4:b2:14:52:a8:0b: 45:9e:dd:ee:c3:a1:ac:b9:f7:41:fc:51:b6:73:de:ac:25:b5: 1e:2e:4a:fc:d0:ab:4d:3b:49:f1:84:9a:4a:3b:63:a4:ee:f9: 75:4a:46:ed:45:de:eb:6a:3f:cc:6e:5f:ad:53:db:e2:44:13: b9:54:cc:68:89:5f:14:f6:42:da:b3:97:fa:54:28:dc:32:c4: 1b:73:e6:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuxp7zmQQA2DDyvMhu4LRZsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYmMxNDQ1NDE0NzAxMGNhMWVmNGQwNGQyMTAxMjVlMWVk N2QyMWEwHhcNMjYwMTEyMTAwMTU4WhcNMjYwMTEzMTAwMTU4WjAzMTEwLwYDVQQD EygzMDg5YjlhNDI5ODQ1N2VkZGYyNDZhNzQwNDFiMWExNGQ2YTllODRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP6EWrzh+rDqQV1WZVjyQqzQ1IYj ud7GKiZ9FfqhlZe4S3VbpVbsHqZPoQdWnHmJHlKcx5GKPp5qP+2Pd1X7/uPiVqX5 l4Tue5gxaGp2bhGKLLgmxZNFHNMh0wCjotNBs2HMNL9y88FEwzvB0Ts8LODqnZ/r uH/+V+/hACCGPQ5oCCktndi29EsakMwSkyDiIs7tjQC3gxqLmxdt0j7w7NAS4Qx+ DZWsxT7oNyFSGx0JWkmeVtUD9Lri+0xVbnI7I2M04/8Zp2/G66VMd5JFbW3bF1RL Q0k98/mGlhULoDWhIWkJAIMQGjzzp2fL30roIsAQHPy/S7g0HEFJmv/EPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDCJuaQphFft3yRqdAQbGhTWqehMMB8GA1UdIwQY MBaAFB68FEVBRwEMoe9NBNIQEl4e19IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzkt MjA1MDc5ZTUxYzEzLzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy80OGJmOTgtN2UxNS00NWJlLWJkMzktMjA1MDc5ZTUxYzEz LzEvSHJ3VVJVRkhBUXloNzAwRTBoQVNYaDdYMGhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVZ90QTgV hznHcyzcCPSVU0USaJE2c3YORDUbsTlUrtxGQFZ6OgmbXzYK/CnK2uLan1FDSSe7 eUAqNNIKg6V82giqQEI9kIHr3iwwsLcTB+1oybZ5fuPnbKq7mud15CCzPMJhmHx7 v5IJl1fzjSECx2cavqxtXD5qFRi0HdvRjbHGMPB+uL1uVvGkJB+O7/BbUdGMUNiZ qMRk9epcSQvVTUj1UkrAOzWWaRQeYV4ctLIUUqgLRZ7d7sOhrLn3QfxRtnPerCW1 Hi5K/NCrTTtJ8YSaSjtjpO75dUpG7UXe62o/zG5frVPb4kQTuVTMaIlfFPZC2rOX +lQo3DLEG3PmIQ== -----END CERTIFICATE-----Generated at Mon Jan 12 16:20:04 2026 by rpki-client