This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft File: hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft (raw, json) Hash identifier: 78Ec0CpF7iISDSNBkZcLbwS7UARW+V+kGneNlaXOx0E= Subject key identifier: 81:F4:99:95:56:9C:C6:7C:7E:F8:51:F9:F5:D1:D6:B5:90:94:6A:2C Authority key identifier: 86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4 Certificate issuer: /CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4 Certificate serial: 019B51BC72B3AC41C8ADAB3DAAA7887C7EA3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft Manifest number: 0858 Signing time: Wed 24 Dec 2025 19:01:03 +0000 Manifest this update: Wed 24 Dec 2025 19:01:03 +0000 Manifest next update: Thu 25 Dec 2025 19:01:03 +0000 Files and hashes: 1: 6rszyN8yZZcIFadBDy7iWBsKHqI.roa (hash: dWt4x4jxo9KCoGxn2Sm9VBzQBMC43sDUxeYLn9feg7U=) 2: hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl (hash: /uYHvZRDkxRp/Z0TIV7EuEnlQdrO0cgMAZUMJfkaWsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:72:b3:ac:41:c8:ad:ab:3d:aa:a7:88:7c:7e:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4 Validity Not Before: Dec 24 19:01:03 2025 GMT Not After : Dec 25 19:01:03 2025 GMT Subject: CN=81f49995569cc67c7ef851f9f5d1d6b590946a2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3a:1b:fe:5d:1b:d9:80:39:82:4c:cf:fa:99: 03:b8:ca:2d:4b:b6:c7:e9:84:21:8c:75:ad:92:2a: aa:4f:2e:4e:13:d1:71:cb:9e:7c:aa:4e:5e:a1:b3: bf:32:31:74:97:08:1d:14:25:dd:1a:d3:60:ab:e8: 38:da:1f:14:11:70:a2:49:82:3e:57:42:58:fd:18: 15:01:cb:43:da:8c:57:87:e4:b9:94:ce:c5:11:9c: dc:8c:45:09:2d:54:0b:7d:09:63:16:a4:1b:1c:47: aa:fe:fd:e1:da:04:ac:1c:64:a0:73:91:ec:6c:7f: 3c:9a:97:52:06:52:b9:a1:22:70:5c:c4:25:e1:8d: 53:10:bf:95:3d:6c:0d:7c:b7:13:27:a9:08:e7:c2: 57:af:d8:8a:4e:42:d3:0e:ac:ec:97:16:f9:d3:ca: 28:ad:e7:e3:ac:89:38:bd:3b:de:bc:4f:8d:62:49: 38:01:0b:5c:9d:df:26:4c:8d:af:dc:0d:a8:4e:f2: 14:e2:83:1d:a0:cd:a7:af:81:8c:45:53:5f:79:07: 0b:d7:89:30:f0:43:4c:30:14:ff:45:8e:80:bc:87: b3:1a:1b:ca:69:54:c2:72:e2:ed:45:40:6b:45:22: 9a:b5:da:be:0c:8a:72:37:a8:f5:29:ca:3b:c8:5d: 8d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:F4:99:95:56:9C:C6:7C:7E:F8:51:F9:F5:D1:D6:B5:90:94:6A:2C X509v3 Authority Key Identifier: keyid:86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:dc:22:54:3b:03:bc:21:e7:f2:2d:c2:18:05:12:90:6c:9c: fa:86:7b:89:52:d6:91:47:b9:5f:b1:df:2d:7c:bc:9d:38:de: 21:10:2d:12:af:fc:f6:84:dd:5b:ab:51:44:f7:d4:ee:85:d0: 23:61:1b:df:5e:7f:30:05:bf:52:99:e2:a9:66:74:12:62:1b: d4:fb:a2:14:35:f0:6f:4c:7a:fa:99:b0:65:1f:04:0d:2f:c8: a7:ae:ae:30:b3:3f:5d:ad:36:19:46:79:f0:a7:09:43:a2:73: 6c:71:8a:9c:e9:80:0e:7a:d4:ab:03:b6:6f:7c:3f:f1:70:46: 03:f1:df:b9:07:69:15:99:4e:db:e1:fa:c4:07:c7:86:40:14: 32:35:7b:bf:be:79:00:3f:c8:a1:ed:a0:ef:7c:c3:ba:18:b9: 8a:ac:32:9c:b0:c6:40:e2:43:7e:5e:1b:a3:aa:4c:be:86:e4: f2:1a:9e:f7:97:ee:3d:b6:12:ba:b4:af:17:b9:2c:64:ad:08: ce:d9:cf:8b:50:96:37:fa:90:9b:f2:33:3a:0a:f3:28:41:31: bb:05:c7:e4:0d:39:42:f7:99:ad:57:44:dc:76:a5:61:b5:d9: 36:e9:87:96:19:50:29:bd:13:8d:f1:9a:bc:ee:f8:8d:f1:b0: 89:33:3b:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvHKzrEHIras9qqeIfH6jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ODVlMDVkODA1OTJjNmNmMTEzMjBlYjUwMjljYWMwNGE0 ZDliYjQwHhcNMjUxMjI0MTkwMTAzWhcNMjUxMjI1MTkwMTAzWjAzMTEwLwYDVQQD Eyg4MWY0OTk5NTU2OWNjNjdjN2VmODUxZjlmNWQxZDZiNTkwOTQ2YTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDob/l0b2YA5gkzP+pkDuMotS7bH 6YQhjHWtkiqqTy5OE9Fxy558qk5eobO/MjF0lwgdFCXdGtNgq+g42h8UEXCiSYI+ V0JY/RgVActD2oxXh+S5lM7FEZzcjEUJLVQLfQljFqQbHEeq/v3h2gSsHGSgc5Hs bH88mpdSBlK5oSJwXMQl4Y1TEL+VPWwNfLcTJ6kI58JXr9iKTkLTDqzslxb508oo refjrIk4vTvevE+NYkk4AQtcnd8mTI2v3A2oTvIU4oMdoM2nr4GMRVNfeQcL14kw 8ENMMBT/RY6AvIezGhvKaVTCcuLtRUBrRSKatdq+DIpyN6j1Kco7yF2NcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIH0mZVWnMZ8fvhR+fXR1rWQlGosMB8GA1UdIwQY MBaAFIaF4F2AWSxs8RMg61ApysBKTZu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAt NjhlZjI0Y2Y1ZWY5LzEvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAtNjhlZjI0Y2Y1ZWY5 LzEvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI9wiVDsD vCHn8i3CGAUSkGyc+oZ7iVLWkUe5X7HfLXy8nTjeIRAtEq/89oTdW6tRRPfU7oXQ I2Eb315/MAW/UpniqWZ0EmIb1PuiFDXwb0x6+pmwZR8EDS/Ip66uMLM/Xa02GUZ5 8KcJQ6JzbHGKnOmADnrUqwO2b3w/8XBGA/HfuQdpFZlO2+H6xAfHhkAUMjV7v755 AD/Ioe2g73zDuhi5iqwynLDGQOJDfl4bo6pMvobk8hqe95fuPbYSurSvF7ksZK0I ztnPi1CWN/qQm/IzOgrzKEExuwXH5A05QveZrVdE3HalYbXZNumHlhlQKb0TjfGa vO74jfGwiTM76g== -----END CERTIFICATE-----Generated at Wed Dec 24 23:23:32 2025 by rpki-client