This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.mft File: hJICE8sjC_5REhzl-03s4oAYvtA.mft (raw, json) Hash identifier: +SpTJY+Lr/wsDzwXNy6Nw2BAd5cTDeU4iQILzu//cx4= Subject key identifier: 66:CE:E2:38:6C:59:53:B7:59:62:7F:AC:5A:55:F2:23:ED:19:A1:C4 Authority key identifier: 84:92:02:13:CB:23:0B:FE:51:12:1C:E5:FB:4D:EC:E2:80:18:BE:D0 Certificate issuer: /CN=84920213cb230bfe51121ce5fb4dece28018bed0 Certificate serial: 019B544F37DFF1C66C473773C6B40E3AA269 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJICE8sjC_5REhzl-03s4oAYvtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.mft Manifest number: 1793 Signing time: Thu 25 Dec 2025 07:00:36 +0000 Manifest this update: Thu 25 Dec 2025 07:00:36 +0000 Manifest next update: Fri 26 Dec 2025 07:00:36 +0000 Files and hashes: 1: hJICE8sjC_5REhzl-03s4oAYvtA.crl (hash: pzAoa66HlO6kShOK7B+PHv/2htFKwFprxwuQAxIV7Wg=) 2: zYnN-i8U1PX-vVy0Kko-kLxeBsU.roa (hash: SDcPgjrr8y9zPr3/XTNgtJ+0oZH17N4IYV4VzMId4hs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.crl rsync://rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.mft rsync://rpki.ripe.net/repository/DEFAULT/hJICE8sjC_5REhzl-03s4oAYvtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:4f:37:df:f1:c6:6c:47:37:73:c6:b4:0e:3a:a2:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84920213cb230bfe51121ce5fb4dece28018bed0 Validity Not Before: Dec 25 07:00:36 2025 GMT Not After : Dec 26 07:00:36 2025 GMT Subject: CN=66cee2386c5953b759627fac5a55f223ed19a1c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fe:3c:44:8a:27:e3:b3:13:6c:05:bd:39:37: fc:8d:e8:10:d9:96:54:3e:42:8b:0c:c8:81:73:bb: d1:c5:b2:b2:49:d4:b1:28:8c:db:ef:a9:cc:12:dc: 5f:b6:d0:23:16:1b:aa:c4:75:a1:04:52:b6:9f:9b: 22:83:6f:16:10:9c:1d:a6:ba:25:1d:22:d9:ab:97: e2:55:8e:54:ca:b3:f6:ee:d1:99:17:e6:f0:01:c6: f0:af:3c:dc:e9:16:bb:80:d4:15:78:9f:56:a3:9d: 56:45:b6:94:2e:6b:ba:5e:fd:d4:40:c7:0d:01:82: 38:3d:ab:26:b2:f0:40:dd:fa:57:68:99:58:68:b9: 01:9a:b8:4c:35:6e:7a:1a:33:37:34:bd:fe:55:af: a4:b3:32:6b:88:79:e7:a4:9d:35:a2:99:eb:6b:29: 38:fb:a3:ec:15:bd:2c:80:85:a8:e1:33:0a:42:54: 5a:bd:58:a3:1f:1a:37:d9:53:51:ce:b1:91:ab:d0: 8a:61:ba:48:7f:7d:2c:8e:7f:88:c9:54:78:cd:81: 17:90:b5:2d:1f:0a:09:f2:9c:47:31:b5:75:0d:b7: 6e:b5:5b:92:84:a3:63:f1:55:ae:46:df:fb:e5:cc: 65:35:b5:2a:7d:13:02:13:58:82:3a:4d:2b:b9:f6: f3:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:CE:E2:38:6C:59:53:B7:59:62:7F:AC:5A:55:F2:23:ED:19:A1:C4 X509v3 Authority Key Identifier: keyid:84:92:02:13:CB:23:0B:FE:51:12:1C:E5:FB:4D:EC:E2:80:18:BE:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJICE8sjC_5REhzl-03s4oAYvtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a8a09c-0f84-4a89-8a16-b04b4d043f9f/1/hJICE8sjC_5REhzl-03s4oAYvtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:3b:aa:57:07:23:5b:b1:97:a7:ce:7a:1b:a3:2e:6c:fb:63: e5:4c:d3:c7:aa:44:79:b9:9a:b7:48:e3:b6:d5:26:b4:5c:7f: 57:9d:c4:30:ff:1b:68:08:a3:a6:b1:5e:8e:ba:4c:db:7b:d2: c8:f9:d2:f1:36:56:9f:a5:aa:2f:87:d7:af:aa:f5:dd:99:8f: f4:73:1a:f1:4c:4d:6e:0b:e3:39:f9:71:67:d1:ed:56:fd:c5: a6:ec:4f:48:fa:2d:6a:70:63:2d:7b:3f:c5:e8:06:70:91:5a: d7:02:69:ad:8b:41:d7:ad:7e:a4:c2:bb:c1:28:20:5b:3d:90: 48:dd:76:2c:2d:88:0b:45:88:7f:8e:15:26:bd:63:7a:45:85: 71:11:0e:36:ff:b0:11:49:eb:2d:7e:a9:ec:85:5e:11:53:9d: 03:b7:b1:90:0b:e2:be:e6:a8:a4:f0:39:a0:6e:a6:85:b7:97: ca:60:5e:cd:93:f4:f7:89:c3:fe:97:a2:d4:79:f9:5f:8d:73: 11:ac:59:e6:35:04:7f:f8:13:89:57:d3:f7:e9:76:69:ac:5d: 92:4d:32:c4:c8:07:9c:d0:a7:aa:3a:1d:4e:76:4d:15:38:a7: d8:08:76:f4:a0:1b:34:35:69:59:aa:84:47:6c:51:84:64:01: a7:ab:c2:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUTzff8cZsRzdzxrQOOqJpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0OTIwMjEzY2IyMzBiZmU1MTEyMWNlNWZiNGRlY2UyODAx OGJlZDAwHhcNMjUxMjI1MDcwMDM2WhcNMjUxMjI2MDcwMDM2WjAzMTEwLwYDVQQD Eyg2NmNlZTIzODZjNTk1M2I3NTk2MjdmYWM1YTU1ZjIyM2VkMTlhMWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP48RIon47MTbAW9OTf8jegQ2ZZU PkKLDMiBc7vRxbKySdSxKIzb76nMEtxfttAjFhuqxHWhBFK2n5sig28WEJwdprol HSLZq5fiVY5UyrP27tGZF+bwAcbwrzzc6Ra7gNQVeJ9Wo51WRbaULmu6Xv3UQMcN AYI4PasmsvBA3fpXaJlYaLkBmrhMNW56GjM3NL3+Va+kszJriHnnpJ01opnrayk4 +6PsFb0sgIWo4TMKQlRavVijHxo32VNRzrGRq9CKYbpIf30sjn+IyVR4zYEXkLUt HwoJ8pxHMbV1DbdutVuShKNj8VWuRt/75cxlNbUqfRMCE1iCOk0rufbz7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGbO4jhsWVO3WWJ/rFpV8iPtGaHEMB8GA1UdIwQY MBaAFISSAhPLIwv+URIc5ftN7OKAGL7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEpJQ0U4c2pDXzVSRWh6bC0wM3M0b0FZdnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hOGEwOWMtMGY4NC00YTg5LThhMTYt YjA0YjRkMDQzZjlmLzEvaEpJQ0U4c2pDXzVSRWh6bC0wM3M0b0FZdnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9hOGEwOWMtMGY4NC00YTg5LThhMTYtYjA0YjRkMDQzZjlm LzEvaEpJQ0U4c2pDXzVSRWh6bC0wM3M0b0FZdnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjuqVwcj W7GXp856G6MubPtj5UzTx6pEebmat0jjttUmtFx/V53EMP8baAijprFejrpM23vS yPnS8TZWn6WqL4fXr6r13ZmP9HMa8UxNbgvjOflxZ9HtVv3FpuxPSPotanBjLXs/ xegGcJFa1wJprYtB161+pMK7wSggWz2QSN12LC2IC0WIf44VJr1jekWFcREONv+w EUnrLX6p7IVeEVOdA7exkAvivuaopPA5oG6mhbeXymBezZP094nD/pei1Hn5X41z EaxZ5jUEf/gTiVfT9+l2aaxdkk0yxMgHnNCnqjodTnZNFTin2Ah29KAbNDVpWaqE R2xRhGQBp6vCgA== -----END CERTIFICATE-----Generated at Thu Dec 25 09:15:58 2025 by rpki-client