This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json) Hash identifier: 1RM5MR5pU/8I8E6zWUllCgbcCK2ZI1TgrXPO2ExKCAE= Subject key identifier: 6A:FC:CC:51:D3:9A:55:41:EE:A4:EF:80:21:74:21:A5:A3:6D:BF:B4 Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019B4626E1B34C808B0D26CF8F9537D95417 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft Manifest number: 109B Signing time: Mon 22 Dec 2025 13:01:51 +0000 Manifest this update: Mon 22 Dec 2025 13:01:51 +0000 Manifest next update: Tue 23 Dec 2025 13:01:51 +0000 Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=) 2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: NGzAuTSzvHzZmO43lETbFl55BVmau5ilDXUmG3dWaIM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:26:e1:b3:4c:80:8b:0d:26:cf:8f:95:37:d9:54:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Dec 22 13:01:51 2025 GMT Not After : Dec 23 13:01:51 2025 GMT Subject: CN=6afccc51d39a5541eea4ef80217421a5a36dbfb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d6:93:2b:8a:00:b6:62:28:80:35:54:99:3d: 01:82:ba:ab:3a:58:29:7a:1d:6b:b2:be:5e:e4:d9: b6:1c:4a:d6:29:e6:3e:54:f0:d2:33:7c:b1:2c:e8: c6:4d:21:43:8b:1e:27:a8:ed:dd:1a:23:10:ed:08: 71:fe:db:ac:da:49:10:1d:45:3f:6e:bb:ce:88:29: a7:b3:c9:d7:5f:39:37:1c:0b:3f:b3:17:92:77:08: 82:ee:60:cd:06:1e:be:62:1a:c5:f8:ef:ab:12:1f: 11:51:05:fa:e0:8d:50:7c:2d:e0:c9:01:3b:15:a8: 77:dc:e5:67:33:3e:8c:a5:d8:80:1d:fb:ce:55:67: 35:27:5a:b4:46:61:b2:83:f1:39:53:7e:70:28:e8: 01:ec:d6:95:f3:ce:53:2f:02:e3:49:5e:15:75:a6: 8c:16:65:64:d4:58:b8:0e:e4:11:7a:55:c6:50:4a: f6:a5:bb:35:d5:1c:8a:fc:20:0d:f1:1c:95:43:7e: 8b:50:59:ef:cd:1a:50:6a:1a:c6:47:40:48:b8:a3: 8e:6f:89:9e:3b:43:50:0c:82:8a:31:48:d4:e4:50: 4c:9d:23:cf:c4:56:2d:57:b6:34:70:47:a5:f9:86: 97:ad:40:e0:7a:02:7c:57:ea:43:f1:0f:0d:58:b4: 03:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:FC:CC:51:D3:9A:55:41:EE:A4:EF:80:21:74:21:A5:A3:6D:BF:B4 X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:b0:90:9f:08:72:ff:c9:73:0f:32:52:2a:2d:f9:95:6d:ac: 8a:84:09:34:dc:14:83:bf:fb:b4:b7:73:66:74:10:3a:50:23: e3:37:55:06:8c:5a:65:2d:7a:81:63:8f:0b:f7:3a:99:ca:dd: d0:66:f9:65:47:c0:4a:be:48:7d:36:d2:f3:59:9f:7d:a2:ed: 47:ac:83:27:84:e3:b8:98:9e:29:7f:17:cf:fc:79:1e:14:9a: ad:aa:6d:fa:3b:8e:f7:26:3d:23:25:fe:c6:00:f3:b7:5a:03: 00:23:87:13:2d:7f:18:ea:cf:f0:20:68:ae:68:c9:06:a7:43: 5b:99:8c:33:6d:fb:e4:09:08:81:8e:25:09:a8:34:9e:bd:93: 30:f1:27:3f:92:cf:ee:1a:ec:3b:b4:7f:ea:fb:8c:fe:9d:99: dd:12:33:dc:69:2f:14:b0:9d:7e:47:ea:c2:e3:84:b9:a3:f1: 80:74:ca:37:a1:bf:e8:46:c1:12:fc:23:c1:e6:a7:d7:7e:8c: 44:1b:a1:b9:a7:fa:63:67:d5:f8:f8:6b:c5:36:7f:aa:45:cc: fc:1e:91:44:7d:f2:59:46:4e:7c:25:2f:fc:b1:cd:37:65:e3: 15:02:51:62:e9:7d:d8:74:fb:de:99:8c:b6:e3:98:f2:4a:d3: 96:16:e5:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJuGzTICLDSbPj5U32VQXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjUxMjIyMTMwMTUxWhcNMjUxMjIzMTMwMTUxWjAzMTEwLwYDVQQD Eyg2YWZjY2M1MWQzOWE1NTQxZWVhNGVmODAyMTc0MjFhNWEzNmRiZmI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNaTK4oAtmIogDVUmT0BgrqrOlgp eh1rsr5e5Nm2HErWKeY+VPDSM3yxLOjGTSFDix4nqO3dGiMQ7Qhx/tus2kkQHUU/ brvOiCmns8nXXzk3HAs/sxeSdwiC7mDNBh6+YhrF+O+rEh8RUQX64I1QfC3gyQE7 Fah33OVnMz6MpdiAHfvOVWc1J1q0RmGyg/E5U35wKOgB7NaV885TLwLjSV4VdaaM FmVk1Fi4DuQRelXGUEr2pbs11RyK/CAN8RyVQ36LUFnvzRpQahrGR0BIuKOOb4me O0NQDIKKMUjU5FBMnSPPxFYtV7Y0cEel+YaXrUDgegJ8V+pD8Q8NWLQDwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGr8zFHTmlVB7qTvgCF0IaWjbb+0MB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGLCQnwhy /8lzDzJSKi35lW2sioQJNNwUg7/7tLdzZnQQOlAj4zdVBoxaZS16gWOPC/c6mcrd 0Gb5ZUfASr5IfTbS81mffaLtR6yDJ4TjuJieKX8Xz/x5HhSarapt+juO9yY9IyX+ xgDzt1oDACOHEy1/GOrP8CBormjJBqdDW5mMM2375AkIgY4lCag0nr2TMPEnP5LP 7hrsO7R/6vuM/p2Z3RIz3GkvFLCdfkfqwuOEuaPxgHTKN6G/6EbBEvwjwean136M RBuhuaf6Y2fV+PhrxTZ/qkXM/B6RRH3yWUZOfCUv/LHNN2XjFQJRYul92HT73pmM tuOY8krTlhblKQ== -----END CERTIFICATE-----Generated at Mon Dec 22 18:18:40 2025 by rpki-client