This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft File: h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json) Hash identifier: d8mI8Qm6S95UlSTWFwKQDZkhhitegwOWB3JGm067SOw= Subject key identifier: 3D:4D:97:09:D0:A6:DD:A6:46:A4:6D:0C:93:C7:89:C3:31:1D:DD:C0 Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Certificate serial: 019B45B877C3939E2EBAB6A516D35E74E25E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft Manifest number: 126F Signing time: Mon 22 Dec 2025 11:01:15 +0000 Manifest this update: Mon 22 Dec 2025 11:01:15 +0000 Manifest next update: Tue 23 Dec 2025 11:01:15 +0000 Files and hashes: 1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: qwIdE71DroII/PXSXHJVZFvOMHkXbNhRemTSnzuO+eM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:b8:77:c3:93:9e:2e:ba:b6:a5:16:d3:5e:74:e2:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Validity Not Before: Dec 22 11:01:15 2025 GMT Not After : Dec 23 11:01:15 2025 GMT Subject: CN=3d4d9709d0a6dda646a46d0c93c789c3311dddc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:4a:b1:07:30:62:28:91:c1:b3:01:d9:ad:2c: e8:1c:9a:1c:e9:12:0a:51:83:ef:6a:ed:e4:4f:da: a9:c9:11:d0:41:a7:d5:47:82:b3:c8:97:f7:3e:5b: 09:fb:c6:5f:52:7e:40:e8:e0:2d:20:01:be:0c:b2: 7f:21:fa:a8:3a:a0:e0:f5:15:7b:b0:1d:8d:f7:3c: f6:c9:42:ce:79:58:83:13:a2:fb:f9:84:91:35:3f: 52:89:49:62:97:bf:23:0b:35:ed:4a:5d:fb:e8:ff: d2:01:a5:12:ca:8e:40:c3:88:5d:3f:2b:93:7e:e3: 13:cb:d2:25:31:0a:08:ef:7b:0d:a7:50:b1:40:e0: 8a:0d:4d:9e:e3:2c:ce:ba:40:c2:4c:83:f3:03:80: 37:a6:eb:35:2c:fb:00:85:17:ad:a1:49:8b:d3:24: 69:da:c6:ab:d7:92:6f:09:1f:11:69:15:82:66:01: db:a6:4c:f4:99:27:b1:aa:df:2e:3d:12:6d:83:d4: 90:49:66:94:58:44:a6:ba:66:7d:04:50:4d:4f:05: 8d:a7:2b:db:13:fa:84:a9:9a:38:c6:81:58:e8:eb: 08:d6:f2:85:27:e0:f9:c6:98:e8:0f:4b:04:32:4f: e4:39:55:15:31:69:24:47:e1:4a:30:ec:78:52:e3: e4:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4D:97:09:D0:A6:DD:A6:46:A4:6D:0C:93:C7:89:C3:31:1D:DD:C0 X509v3 Authority Key Identifier: keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:84:a5:94:1b:78:5c:f9:47:67:92:cb:a8:44:d1:0d:c9:0a: 9e:f2:15:4b:7f:b7:40:13:5b:0c:47:68:21:39:dc:28:47:b0: 06:e1:08:93:0c:4a:bb:24:84:90:c9:33:8a:3e:7f:80:22:86: 21:49:3d:f4:a0:2f:e2:66:f7:c6:88:38:42:39:5b:d6:36:31: f9:69:12:62:48:a2:6a:14:fe:1e:59:4d:80:5d:3a:0b:92:39: a1:ff:eb:de:26:ed:f9:43:4c:59:e9:8f:b8:13:01:63:40:d7: 7d:dc:0b:ae:1e:20:ba:a4:d3:5a:3b:86:dc:ad:9f:2c:ea:4c: a0:5c:5e:83:ae:6e:f1:93:c7:a7:97:ba:ae:f1:84:71:f2:b8: 99:15:bd:00:78:68:5a:46:d0:55:e9:0d:d9:82:3f:ac:b5:5d: c5:33:9e:49:0b:71:f5:76:8b:90:92:70:fd:7f:13:13:d2:04: 8a:0f:b4:51:ff:33:d2:68:92:39:53:81:ab:40:f3:d5:9a:dd: aa:69:75:c3:24:54:d2:64:0b:c3:80:0e:eb:e8:a9:d4:58:f0: 07:1b:23:25:00:03:19:62:9e:1b:57:3f:07:48:f1:a0:85:10: 48:b4:36:f3:98:9d:69:a1:03:bf:5b:5f:40:c8:c5:14:f9:44: 18:a4:47:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFuHfDk54uuralFtNedOJeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1 YTAwZjQwHhcNMjUxMjIyMTEwMTE1WhcNMjUxMjIzMTEwMTE1WjAzMTEwLwYDVQQD EygzZDRkOTcwOWQwYTZkZGE2NDZhNDZkMGM5M2M3ODljMzMxMWRkZGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkqxBzBiKJHBswHZrSzoHJoc6RIK UYPvau3kT9qpyRHQQafVR4KzyJf3PlsJ+8ZfUn5A6OAtIAG+DLJ/IfqoOqDg9RV7 sB2N9zz2yULOeViDE6L7+YSRNT9SiUlil78jCzXtSl376P/SAaUSyo5Aw4hdPyuT fuMTy9IlMQoI73sNp1CxQOCKDU2e4yzOukDCTIPzA4A3pus1LPsAhRetoUmL0yRp 2sar15JvCR8RaRWCZgHbpkz0mSexqt8uPRJtg9SQSWaUWESmumZ9BFBNTwWNpyvb E/qEqZo4xoFY6OsI1vKFJ+D5xpjoD0sEMk/kOVUVMWkkR+FKMOx4UuPkxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1NlwnQpt2mRqRtDJPHicMxHd3AMB8GA1UdIwQY MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3 LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4SllBt4 XPlHZ5LLqETRDckKnvIVS3+3QBNbDEdoITncKEewBuEIkwxKuySEkMkzij5/gCKG IUk99KAv4mb3xog4Qjlb1jYx+WkSYkiiahT+HllNgF06C5I5of/r3ibt+UNMWemP uBMBY0DXfdwLrh4guqTTWjuG3K2fLOpMoFxeg65u8ZPHp5e6rvGEcfK4mRW9AHho WkbQVekN2YI/rLVdxTOeSQtx9XaLkJJw/X8TE9IEig+0Uf8z0miSOVOBq0Dz1Zrd qml1wyRU0mQLw4AO6+ip1FjwBxsjJQADGWKeG1c/B0jxoIUQSLQ285idaaEDv1tf QMjFFPlEGKRHIQ== -----END CERTIFICATE-----Generated at Mon Dec 22 17:07:24 2025 by rpki-client