This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft File: h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json) Hash identifier: nvscN6Q7RW4Rc6AtGxSIsFXkBA6DJNHXiIY69gntd8k= Subject key identifier: 4E:D1:B1:53:BB:7E:39:58:1E:1E:65:83:1C:3E:2E:5E:F9:37:5F:DD Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 Certificate issuer: /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Certificate serial: 019B34C5A25BFF1AC00BC0087470FBB4A72B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft Manifest number: 1045 Signing time: Fri 19 Dec 2025 04:02:05 +0000 Manifest this update: Fri 19 Dec 2025 04:02:05 +0000 Manifest next update: Sat 20 Dec 2025 04:02:05 +0000 Files and hashes: 1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: onI0oguTjxRlLqi16C88CXAtMYZ9C4QostEXPAMFZf0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:a2:5b:ff:1a:c0:0b:c0:08:74:70:fb:b4:a7:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Validity Not Before: Dec 19 04:02:05 2025 GMT Not After : Dec 20 04:02:05 2025 GMT Subject: CN=4ed1b153bb7e39581e1e65831c3e2e5ef9375fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:75:53:32:be:d0:f1:0c:e7:bc:ca:17:1b:0d: 62:38:3b:42:7d:44:8a:9e:a3:c9:21:c3:11:ce:c3: 69:31:ba:68:ea:7c:a0:6b:c0:dc:61:42:1b:60:6f: d0:ec:5e:5d:e0:35:b5:21:64:fa:63:47:65:c2:8f: dc:e6:8e:a6:36:bc:c6:29:b8:4d:52:b3:e8:da:76: 51:cd:7c:d1:bb:f6:95:48:f2:a6:50:13:3e:29:e2: 4e:91:14:74:48:6d:73:81:52:c0:f5:58:45:86:c5: 44:c9:69:b9:32:39:11:44:ca:5d:a3:c2:f5:5d:bf: 0d:fa:f3:cb:8c:be:05:82:96:4d:2c:7b:91:66:bc: 08:ba:13:b7:12:60:ef:65:58:8d:14:a1:e0:1a:36: 62:c9:9f:e6:ee:fc:14:9a:9b:96:6c:7e:1d:29:1f: 62:8f:4a:17:04:e2:cc:11:6a:ee:8d:b2:70:e6:e9: 9b:ed:9d:bf:3d:48:dd:e4:f5:d9:13:88:f8:25:5a: 5c:5f:55:fe:51:1a:95:a7:1d:e3:01:b9:9c:3d:f5: ab:2d:43:f2:b8:db:c4:a0:a3:bf:1c:ce:7e:d6:ad: 0d:77:70:db:bf:35:1b:b8:ab:9a:37:e5:95:e9:71: f9:18:60:a5:b1:d1:b5:71:f3:ca:9b:98:15:92:90: 8c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:D1:B1:53:BB:7E:39:58:1E:1E:65:83:1C:3E:2E:5E:F9:37:5F:DD X509v3 Authority Key Identifier: keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:5f:03:94:24:4b:6b:5d:75:09:e0:02:bb:9e:88:5d:62:e4: 6b:99:08:80:7d:85:56:bd:f4:fc:09:5a:35:cf:9b:1e:97:c0: 24:37:23:1a:62:e9:46:ab:0e:52:23:5a:fb:d2:26:fb:5a:27: 8d:52:dd:d8:5a:27:d2:45:77:5a:82:fa:e1:f9:e8:40:23:9e: b6:61:b1:17:c2:6b:3c:f1:cd:53:3e:c1:1e:ff:1b:f5:f5:90: cb:b4:e6:17:61:85:ba:bd:64:31:06:9f:47:0b:8e:87:b1:df: 95:a4:aa:4d:f2:7b:31:51:fa:7a:30:87:b4:1d:14:9f:9d:e6: 83:eb:ad:f7:b3:95:80:c2:83:a0:4e:8c:df:65:6a:c7:d2:f9: 68:c8:2a:fd:c8:3c:b6:45:31:c0:2c:83:e7:fb:ec:55:3f:ce: ff:47:36:79:a1:ca:b0:08:09:44:2c:4b:75:f6:d7:65:b3:ad: 10:3d:5b:ec:55:ad:21:31:50:db:dd:bc:7b:8e:9e:c2:cb:44: cc:a7:60:af:71:4a:7a:86:04:10:a1:b3:f0:35:04:2c:db:db: 6b:2c:7c:bc:46:88:34:63:c9:b5:98:27:0b:2f:5c:5e:b9:3a: 62:f6:d2:df:8e:01:02:d2:73:4c:85:0b:a7:5b:92:37:6f:77: a8:57:79:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xaJb/xrAC8AIdHD7tKcrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2 YzM3ZjMwHhcNMjUxMjE5MDQwMjA1WhcNMjUxMjIwMDQwMjA1WjAzMTEwLwYDVQQD Eyg0ZWQxYjE1M2JiN2UzOTU4MWUxZTY1ODMxYzNlMmU1ZWY5Mzc1ZmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHVTMr7Q8QznvMoXGw1iODtCfUSK nqPJIcMRzsNpMbpo6nyga8DcYUIbYG/Q7F5d4DW1IWT6Y0dlwo/c5o6mNrzGKbhN UrPo2nZRzXzRu/aVSPKmUBM+KeJOkRR0SG1zgVLA9VhFhsVEyWm5MjkRRMpdo8L1 Xb8N+vPLjL4FgpZNLHuRZrwIuhO3EmDvZViNFKHgGjZiyZ/m7vwUmpuWbH4dKR9i j0oXBOLMEWrujbJw5umb7Z2/PUjd5PXZE4j4JVpcX1X+URqVpx3jAbmcPfWrLUPy uNvEoKO/HM5+1q0Nd3DbvzUbuKuaN+WV6XH5GGClsdG1cfPKm5gVkpCM3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE7RsVO7fjlYHh5lgxw+Ll75N1/dMB8GA1UdIwQY MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmF8DlCRL a111CeACu56IXWLka5kIgH2FVr30/AlaNc+bHpfAJDcjGmLpRqsOUiNa+9Im+1on jVLd2Fon0kV3WoL64fnoQCOetmGxF8JrPPHNUz7BHv8b9fWQy7TmF2GFur1kMQaf RwuOh7HflaSqTfJ7MVH6ejCHtB0Un53mg+ut97OVgMKDoE6M32Vqx9L5aMgq/cg8 tkUxwCyD5/vsVT/O/0c2eaHKsAgJRCxLdfbXZbOtED1b7FWtITFQ2928e46ewstE zKdgr3FKeoYEEKGz8DUELNvbayx8vEaINGPJtZgnCy9cXrk6YvbS344BAtJzTIUL p1uSN293qFd5Vw== -----END CERTIFICATE-----Generated at Fri Dec 19 08:21:14 2025 by rpki-client