This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json) Hash identifier: mgXPTXRPCVwGWrgde0ZuYplaed0wtI0Qmi2E6SLHN/0= Subject key identifier: D6:1B:6E:48:14:4A:CE:8A:D7:B3:DF:07:68:E1:0A:CD:47:5F:1F:9F Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Certificate serial: 019B3E6DCC9ED095C6CC4AEDCD34D031C33F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft Manifest number: 0A7F Signing time: Sun 21 Dec 2025 01:02:21 +0000 Manifest this update: Sun 21 Dec 2025 01:02:21 +0000 Manifest next update: Mon 22 Dec 2025 01:02:21 +0000 Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=) 2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: n3pkHw4HrrzDQzqN6Em6YlY7kKpGCWNjdoe7/ECFUvY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:cc:9e:d0:95:c6:cc:4a:ed:cd:34:d0:31:c3:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Validity Not Before: Dec 21 01:02:21 2025 GMT Not After : Dec 22 01:02:21 2025 GMT Subject: CN=d61b6e48144ace8ad7b3df0768e10acd475f1f9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:1f:a7:04:de:bb:6a:3b:85:4e:41:69:4e:91: 0f:37:59:e1:4d:3c:51:2c:07:43:81:3c:e0:91:45: d6:e7:ac:df:59:b2:9b:d6:9a:18:70:0c:6b:c9:f9: 36:69:df:b4:1f:69:56:f5:ed:c8:7a:23:e7:44:28: a6:93:32:60:08:9f:f8:4b:49:47:b3:37:44:ed:fb: 52:d8:b6:ab:78:0d:99:36:45:60:bf:46:27:a7:6e: 5c:df:a3:55:b7:70:58:dc:bd:11:de:c6:81:45:15: 64:50:dd:52:a2:68:59:0b:32:29:a2:2e:31:19:a2: e3:3d:24:82:dd:a0:d4:90:0f:44:67:6d:e5:ed:3f: fc:21:3c:ef:3a:6b:96:b1:ae:12:f5:12:40:41:42: e4:af:60:71:c1:d5:0f:7a:38:15:c7:c7:44:f9:6e: 78:aa:b3:01:06:46:74:b6:f9:31:fe:41:4c:9f:98: 7e:61:82:fa:dc:71:d8:e4:be:a8:54:d7:18:80:3a: 76:8a:b8:09:c1:7d:3d:50:cf:a9:c4:57:a5:2b:aa: 9f:fe:dd:8f:e0:72:46:e3:b4:39:b2:a2:ed:70:51: 4e:5f:4e:31:79:f8:0a:e7:fe:e2:19:93:9f:0d:d2: 9a:3c:78:ea:b9:6d:0c:c2:5d:54:ab:85:8d:a0:9e: c8:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:1B:6E:48:14:4A:CE:8A:D7:B3:DF:07:68:E1:0A:CD:47:5F:1F:9F X509v3 Authority Key Identifier: keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:d6:5a:89:9b:b1:ac:e4:8d:06:b9:a2:6b:64:6d:75:df:1e: bb:68:e4:dc:1d:2b:86:c1:f8:d7:e9:a0:d9:ab:fc:54:4b:04: ff:af:bc:0f:be:2c:9e:94:b8:be:00:f6:6b:fe:99:d8:26:7b: ef:39:d7:e4:e6:b6:ce:2d:7b:e6:25:f8:1d:37:27:6b:02:47: 0d:3c:e0:89:a3:e9:67:99:6e:45:cd:df:fd:2d:63:31:01:79: 48:2b:ca:cd:b1:0a:aa:e7:dc:23:fe:f4:88:d5:b0:96:46:d3: 1c:01:6d:30:27:12:2a:97:87:bc:03:ba:66:eb:66:07:74:92: b2:33:e5:3a:2a:78:5a:8c:4a:34:f3:fe:b9:14:20:b4:08:e9: 97:a9:3c:11:f4:d4:2a:0e:52:34:9f:6b:1d:0b:20:ae:f2:4a: d1:b0:94:cb:29:08:8c:6b:9d:29:a1:9e:50:8f:bf:27:21:85: dc:64:c3:68:01:e3:41:42:19:c8:60:39:19:a3:80:bb:a7:be: 54:d9:b1:fe:67:33:4b:9a:5e:5d:59:0b:dc:44:ea:dd:0a:9e: 7a:be:d3:bb:76:21:1e:b0:44:99:8c:51:42:cb:5a:92:91:be: 28:81:78:35:ad:89:0e:1b:60:ab:b3:07:14:e5:4c:4d:e1:62: e9:04:6e:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bcye0JXGzErtzTTQMcM/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5 MWMxMzgwHhcNMjUxMjIxMDEwMjIxWhcNMjUxMjIyMDEwMjIxWjAzMTEwLwYDVQQD EyhkNjFiNmU0ODE0NGFjZThhZDdiM2RmMDc2OGUxMGFjZDQ3NWYxZjlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8B+nBN67ajuFTkFpTpEPN1nhTTxR LAdDgTzgkUXW56zfWbKb1poYcAxryfk2ad+0H2lW9e3IeiPnRCimkzJgCJ/4S0lH szdE7ftS2LareA2ZNkVgv0Ynp25c36NVt3BY3L0R3saBRRVkUN1SomhZCzIpoi4x GaLjPSSC3aDUkA9EZ23l7T/8ITzvOmuWsa4S9RJAQULkr2BxwdUPejgVx8dE+W54 qrMBBkZ0tvkx/kFMn5h+YYL63HHY5L6oVNcYgDp2irgJwX09UM+pxFelK6qf/t2P 4HJG47Q5sqLtcFFOX04xefgK5/7iGZOfDdKaPHjquW0Mwl1Uq4WNoJ7IpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNYbbkgUSs6K17PfB2jhCs1HXx+fMB8GA1UdIwQY MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4 LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNZaiZux rOSNBrmia2Rtdd8eu2jk3B0rhsH41+mg2av8VEsE/6+8D74snpS4vgD2a/6Z2CZ7 7znX5Oa2zi175iX4HTcnawJHDTzgiaPpZ5luRc3f/S1jMQF5SCvKzbEKqufcI/70 iNWwlkbTHAFtMCcSKpeHvAO6ZutmB3SSsjPlOip4WoxKNPP+uRQgtAjpl6k8EfTU Kg5SNJ9rHQsgrvJK0bCUyykIjGudKaGeUI+/JyGF3GTDaAHjQUIZyGA5GaOAu6e+ VNmx/mczS5peXVkL3ETq3Qqeer7Tu3YhHrBEmYxRQstakpG+KIF4Na2JDhtgq7MH FOVMTeFi6QRucg== -----END CERTIFICATE-----Generated at Sun Dec 21 08:36:50 2025 by rpki-client