This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft File: IHeZAnMp8iaCdkVzryEV2pWp9r8.mft (raw, json) Hash identifier: DfE5RHNQNkZS86jEG9aLc0cUk7Yhv7TIurF+gtWZnSc= Subject key identifier: 87:FF:EC:54:63:9E:E6:BE:14:20:02:6A:29:F5:F4:8F:21:BE:3A:79 Authority key identifier: 20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF Certificate issuer: /CN=207799027329f22682764573af2115da95a9f6bf Certificate serial: 019B766E677BD726E6FAC94A4AEAC5BE6583 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft Manifest number: 10A5 Signing time: Wed 31 Dec 2025 22:01:45 +0000 Manifest this update: Wed 31 Dec 2025 22:01:45 +0000 Manifest next update: Thu 01 Jan 2026 22:01:45 +0000 Files and hashes: 1: 8EaewYTyFly5jEaj4gZEqMNcVMk.roa (hash: gqxj+841N8d9uy4L59oEcZudU4ge+IzVBr1jzF4wgjc=) 2: IHeZAnMp8iaCdkVzryEV2pWp9r8.crl (hash: Rk1nXnnSNmN8fUVnjesR9YYuP+4fBwVqNJQIHabcjME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 22:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:6e:67:7b:d7:26:e6:fa:c9:4a:4a:ea:c5:be:65:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=207799027329f22682764573af2115da95a9f6bf Validity Not Before: Dec 31 22:01:45 2025 GMT Not After : Jan 1 22:01:45 2026 GMT Subject: CN=87ffec54639ee6be1420026a29f5f48f21be3a79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:14:d0:7c:cc:b4:5b:c1:dd:4b:9d:be:1f:0f: ac:c8:37:fe:cf:05:26:8c:50:a4:a5:e0:4b:34:b1: 0d:16:05:2a:5b:6e:9d:e3:eb:4b:27:2e:ab:6b:f2: ad:1e:5f:8b:14:fc:98:18:be:33:56:51:fc:0f:13: 89:af:8e:44:a5:c4:fb:33:e8:f3:7b:24:06:d4:ef: 8a:30:7c:50:5d:3c:0c:68:4a:cb:9e:51:7d:e3:11: 47:97:6c:c2:4f:b6:da:2f:1b:08:7b:85:d9:fb:d2: d2:89:34:68:1f:1b:2f:9f:e5:2a:c9:2e:da:de:9f: 59:4a:2a:f0:c1:25:a9:88:1e:56:6c:a3:fd:a6:b9: 5c:43:9f:95:03:80:81:65:bc:61:55:30:fb:40:52: 26:de:45:f8:5e:3e:17:3c:f0:d4:03:1a:26:89:d8: 1f:8b:c7:23:58:cf:5e:2a:9a:d5:7b:70:f1:71:e4: d5:2b:75:d0:e1:42:21:28:a8:93:32:3a:3a:79:63: 8b:f5:20:65:15:5b:6c:cc:6a:e3:c4:17:90:7b:91: 0d:45:5f:7e:35:1f:45:81:5e:6c:b6:6f:de:70:ce: 51:98:9e:a8:a9:9a:fd:34:3f:b8:df:a3:31:d4:2b: 02:f8:2c:9d:63:ce:83:b5:4e:f6:e1:c3:55:aa:b9: c1:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:FF:EC:54:63:9E:E6:BE:14:20:02:6A:29:F5:F4:8F:21:BE:3A:79 X509v3 Authority Key Identifier: keyid:20:77:99:02:73:29:F2:26:82:76:45:73:AF:21:15:DA:95:A9:F6:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHeZAnMp8iaCdkVzryEV2pWp9r8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fc9f2b-7f2f-4238-aa19-98cba8ff2ca3/1/IHeZAnMp8iaCdkVzryEV2pWp9r8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:ef:f7:74:8a:7c:d6:74:9f:cd:cd:c0:48:86:f3:0b:7b:d0: 64:12:45:7d:38:67:c6:8b:a7:34:9c:dd:47:2c:32:cf:2a:eb: 95:63:96:a6:cf:76:4e:51:68:25:b4:b4:52:75:6d:f6:59:2d: c2:ae:d5:83:ce:9c:0c:55:21:a4:a2:51:dc:4c:ac:a8:0a:a8: 27:54:27:37:48:7f:68:fc:b1:13:c2:03:8f:7d:5f:7a:ff:28: ed:08:ee:fb:78:40:31:f5:0b:95:c8:60:63:89:bd:cf:9d:2c: ec:8b:4e:62:bb:5d:14:87:52:6c:0a:54:cd:27:b0:d2:44:85: 76:64:b3:53:af:7b:5c:8d:ba:5c:5d:81:52:c1:76:26:aa:7d: 73:67:96:8f:8c:f2:e3:5e:ae:6a:0e:2b:dc:f7:cb:64:90:f4: 30:df:2c:f4:b5:1f:3e:fc:e0:ed:5b:ee:12:75:c4:9b:2b:cf: 32:44:56:62:d2:37:d1:5a:0b:7e:8b:dd:e6:f9:b0:f6:c9:ce: 78:1d:c8:a2:5b:d7:5f:f3:aa:77:80:61:87:8d:00:41:6b:23: 64:25:b9:4a:fa:cb:b9:52:4f:62:6f:68:85:10:cc:af:e4:a7: 01:da:7a:f3:2b:53:a8:d9:1a:b7:c1:10:ff:ba:0d:df:b5:b6: 29:33:f2:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2bmd71ybm+slKSurFvmWDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwNzc5OTAyNzMyOWYyMjY4Mjc2NDU3M2FmMjExNWRhOTVh OWY2YmYwHhcNMjUxMjMxMjIwMTQ1WhcNMjYwMTAxMjIwMTQ1WjAzMTEwLwYDVQQD Eyg4N2ZmZWM1NDYzOWVlNmJlMTQyMDAyNmEyOWY1ZjQ4ZjIxYmUzYTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRTQfMy0W8HdS52+Hw+syDf+zwUm jFCkpeBLNLENFgUqW26d4+tLJy6ra/KtHl+LFPyYGL4zVlH8DxOJr45EpcT7M+jz eyQG1O+KMHxQXTwMaErLnlF94xFHl2zCT7baLxsIe4XZ+9LSiTRoHxsvn+UqyS7a 3p9ZSirwwSWpiB5WbKP9prlcQ5+VA4CBZbxhVTD7QFIm3kX4Xj4XPPDUAxomidgf i8cjWM9eKprVe3DxceTVK3XQ4UIhKKiTMjo6eWOL9SBlFVtszGrjxBeQe5ENRV9+ NR9FgV5stm/ecM5RmJ6oqZr9ND+436Mx1CsC+CydY86DtU724cNVqrnBWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIf/7FRjnua+FCACain19I8hvjp5MB8GA1UdIwQY MBaAFCB3mQJzKfImgnZFc68hFdqVqfa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTkt OThjYmE4ZmYyY2EzLzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9mYzlmMmItN2YyZi00MjM4LWFhMTktOThjYmE4ZmYyY2Ez LzEvSUhlWkFuTXA4aWFDZGtWenJ5RVYycFdwOXI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACe/3dIp8 1nSfzc3ASIbzC3vQZBJFfThnxounNJzdRywyzyrrlWOWps92TlFoJbS0UnVt9lkt wq7Vg86cDFUhpKJR3EysqAqoJ1QnN0h/aPyxE8IDj31fev8o7Qju+3hAMfULlchg Y4m9z50s7ItOYrtdFIdSbApUzSew0kSFdmSzU697XI26XF2BUsF2Jqp9c2eWj4zy 416uag4r3PfLZJD0MN8s9LUfPvzg7VvuEnXEmyvPMkRWYtI30VoLfovd5vmw9snO eB3IolvXX/Oqd4Bhh40AQWsjZCW5SvrLuVJPYm9ohRDMr+SnAdp68ytTqNkat8EQ /7oN37W2KTPynQ== -----END CERTIFICATE-----Generated at Thu Jan 1 02:49:34 2026 by rpki-client