This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft File: HtVdI1ecZBJxVa72UGlueVMdUI0.mft (raw, json) Hash identifier: LZ3TLpnlArFDIqDSbHsNQGZNYLQ73JUslhY/PwttaZU= Subject key identifier: 85:0C:8C:8B:18:4C:8C:BB:C1:7D:7B:C9:F3:7F:E9:F0:8E:3D:C4:79 Authority key identifier: 1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D Certificate issuer: /CN=1ed55d23579c64127155aef650696e79531d508d Certificate serial: 019B3D59CF7824D3119A4CECE8BC41C7D3BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft Manifest number: 13D7 Signing time: Sat 20 Dec 2025 20:00:54 +0000 Manifest this update: Sat 20 Dec 2025 20:00:54 +0000 Manifest next update: Sun 21 Dec 2025 20:00:54 +0000 Files and hashes: 1: 6JyLUIA_3_F6lFc7OjrgVvilXiM.roa (hash: Uy0b+c0tNGh5Lnfz6gBjiWLD/+3F2702TS3OgZODmXc=) 2: HtVdI1ecZBJxVa72UGlueVMdUI0.crl (hash: ZZg3p6q9Kp9ii5pzyRygexrNq1ZE3RTDTQt/0l2mItE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:cf:78:24:d3:11:9a:4c:ec:e8:bc:41:c7:d3:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ed55d23579c64127155aef650696e79531d508d Validity Not Before: Dec 20 20:00:54 2025 GMT Not After : Dec 21 20:00:54 2025 GMT Subject: CN=850c8c8b184c8cbbc17d7bc9f37fe9f08e3dc479 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ef:4c:c2:9e:74:f1:e2:a4:c2:c9:e6:96:cc: a1:2f:4b:66:1b:c0:ba:5e:28:79:84:0d:7e:82:8d: e2:18:d6:61:ef:a5:10:63:41:69:bd:a0:5c:47:df: d3:86:fd:35:bf:6c:7e:36:79:d7:51:f6:16:a2:cf: 37:ad:45:88:5f:5d:fd:ff:64:91:9d:d6:16:77:26: 42:4d:61:bc:43:8f:a6:f5:c3:91:79:9e:c4:c7:a3: ed:b2:11:1b:e4:da:75:7f:19:27:5b:a6:e6:84:8c: 5c:5e:34:ab:45:0e:68:71:7e:08:75:d7:9e:2d:85: e4:1f:83:9b:cd:c5:12:94:64:e7:9c:5b:33:2b:9c: f5:bb:8b:86:f2:7f:c0:95:97:49:14:89:81:a1:81: 10:b4:62:6b:36:ca:cb:4f:1b:fb:27:f2:28:80:f7: 60:dc:85:a2:ae:6b:f8:87:8f:4f:97:9b:59:ef:b2: c6:44:20:80:07:0d:2c:94:98:6b:dd:18:e7:04:59: ba:3f:12:3f:ab:68:b5:10:ea:1c:9a:cb:49:ac:a9: 79:85:96:dc:f3:97:f9:d9:48:67:1e:8b:59:c6:e5: bc:2e:c6:c2:29:3e:81:54:a6:22:f4:13:76:1c:da: bb:fd:22:8f:6a:dc:30:5b:40:22:46:df:f4:c6:17: 85:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:0C:8C:8B:18:4C:8C:BB:C1:7D:7B:C9:F3:7F:E9:F0:8E:3D:C4:79 X509v3 Authority Key Identifier: keyid:1E:D5:5D:23:57:9C:64:12:71:55:AE:F6:50:69:6E:79:53:1D:50:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtVdI1ecZBJxVa72UGlueVMdUI0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4fb274-d84f-4fba-938e-1e9ff91808c2/1/HtVdI1ecZBJxVa72UGlueVMdUI0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:e3:b1:bb:c2:2b:de:f9:d3:73:81:52:34:b5:86:41:a4:ef: 21:90:a4:3c:bf:fa:84:16:53:80:34:47:9f:e3:af:64:08:b8: 89:1a:58:d7:2c:0e:cd:8a:19:26:a4:5a:fa:5d:4d:34:44:f6: 6f:f8:d3:8e:1b:f7:0b:60:40:25:82:7b:6d:ad:ff:9c:ab:33: 66:4a:3f:dd:5f:a2:52:3a:f9:8a:67:25:46:fa:a8:3a:9d:36: c0:04:48:09:df:d3:22:2f:83:83:f5:37:59:1a:39:ac:2e:91: 63:a0:e1:f5:bb:91:de:ae:ed:ea:93:ea:94:ff:48:94:c6:56: 20:5f:53:da:31:21:26:1f:17:5e:20:93:22:9a:81:2b:0b:2f: 94:d6:f1:17:c4:c7:f5:70:af:f1:8f:28:71:fb:2f:a2:3c:4b: 26:7c:4f:f9:50:ea:9b:24:d0:84:37:6c:e8:ad:21:1c:f6:fc: 64:f3:59:fe:51:ba:84:80:ab:e4:6e:fe:fb:70:f2:82:04:a3: 33:f6:11:4a:14:b7:d2:c6:7b:eb:f7:c4:52:ae:18:4c:1e:66: d0:cd:30:8a:b2:e4:b4:b5:7d:9b:a2:ac:ff:ec:90:94:d0:06: d6:8f:d7:b6:7b:0c:34:11:86:aa:91:96:c5:fe:f8:15:5c:63: 66:d9:c0:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Wc94JNMRmkzs6LxBx9O/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlZDU1ZDIzNTc5YzY0MTI3MTU1YWVmNjUwNjk2ZTc5NTMx ZDUwOGQwHhcNMjUxMjIwMjAwMDU0WhcNMjUxMjIxMjAwMDU0WjAzMTEwLwYDVQQD Eyg4NTBjOGM4YjE4NGM4Y2JiYzE3ZDdiYzlmMzdmZTlmMDhlM2RjNDc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu9Mwp508eKkwsnmlsyhL0tmG8C6 Xih5hA1+go3iGNZh76UQY0FpvaBcR9/Thv01v2x+NnnXUfYWos83rUWIX139/2SR ndYWdyZCTWG8Q4+m9cOReZ7Ex6PtshEb5Np1fxknW6bmhIxcXjSrRQ5ocX4Iddee LYXkH4ObzcUSlGTnnFszK5z1u4uG8n/AlZdJFImBoYEQtGJrNsrLTxv7J/IogPdg 3IWirmv4h49Pl5tZ77LGRCCABw0slJhr3RjnBFm6PxI/q2i1EOocmstJrKl5hZbc 85f52UhnHotZxuW8LsbCKT6BVKYi9BN2HNq7/SKPatwwW0AiRt/0xheFXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIUMjIsYTIy7wX17yfN/6fCOPcR5MB8GA1UdIwQY MBaAFB7VXSNXnGQScVWu9lBpbnlTHVCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80ZmIyNzQtZDg0Zi00ZmJhLTkzOGUt MWU5ZmY5MTgwOGMyLzEvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy80ZmIyNzQtZDg0Zi00ZmJhLTkzOGUtMWU5ZmY5MTgwOGMy LzEvSHRWZEkxZWNaQkp4VmE3MlVHbHVlVk1kVUkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPuOxu8Ir 3vnTc4FSNLWGQaTvIZCkPL/6hBZTgDRHn+OvZAi4iRpY1ywOzYoZJqRa+l1NNET2 b/jTjhv3C2BAJYJ7ba3/nKszZko/3V+iUjr5imclRvqoOp02wARICd/TIi+Dg/U3 WRo5rC6RY6Dh9buR3q7t6pPqlP9IlMZWIF9T2jEhJh8XXiCTIpqBKwsvlNbxF8TH 9XCv8Y8ocfsvojxLJnxP+VDqmyTQhDds6K0hHPb8ZPNZ/lG6hICr5G7++3DyggSj M/YRShS30sZ76/fEUq4YTB5m0M0wirLktLV9m6Ks/+yQlNAG1o/XtnsMNBGGqpGW xf74FVxjZtnARg== -----END CERTIFICATE-----Generated at Sun Dec 21 04:51:59 2025 by rpki-client