This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json) Hash identifier: w/LP12i8CoIxYYGasy8W4QSNpMRQD0C1BrN5wBzbj8g= Subject key identifier: E7:42:E4:99:FA:E6:65:E6:39:24:37:9A:E7:A9:3F:6F:FE:61:E4:57 Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34 Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34 Certificate serial: 019B435C0C76BD2C1B0A60002A9F6DCFB2A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft Manifest number: 128C Signing time: Mon 22 Dec 2025 00:01:04 +0000 Manifest this update: Mon 22 Dec 2025 00:01:04 +0000 Manifest next update: Tue 23 Dec 2025 00:01:04 +0000 Files and hashes: 1: ZjB1G19DDx_6Q5oScLG5jMaC8XA.roa (hash: 7/c0oLP47xBtzbpIYR3dJCRfL58YizRnGJk+IU5Vsgc=) 2: bckQXnbwfKXBuJ2fgXGJ6V-6Qfk.roa (hash: v7e6EIu7w13jemXrMUjQBx6+ZKi093MMCQO7o8uB3rY=) 3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: GlXnzhocTRNpXMD+8hH+ZCUctSOYQi41bzkYW2R8meI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5c:0c:76:bd:2c:1b:0a:60:00:2a:9f:6d:cf:b2:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34 Validity Not Before: Dec 22 00:01:04 2025 GMT Not After : Dec 23 00:01:04 2025 GMT Subject: CN=e742e499fae665e63924379ae7a93f6ffe61e457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:d2:34:65:22:90:b7:49:3b:00:ad:66:64:25: ea:aa:1c:55:ea:e3:88:6b:84:6d:13:1f:e2:e1:ae: 14:f6:69:70:54:3c:d8:2c:9c:07:b5:34:08:38:21: fe:48:f4:88:d1:64:9f:c0:2d:07:f6:65:6d:25:68: 7b:b0:ff:c6:47:6e:8a:1f:06:9a:b0:5a:ac:11:ae: c1:0e:bb:d4:95:94:27:62:24:0f:9a:68:cb:8d:53: 63:ed:d4:c6:7d:85:7c:e8:a1:75:11:43:0a:c5:a4: a4:e5:89:aa:1d:68:a6:1f:ec:c3:30:f3:6e:c8:b3: 96:38:e3:66:44:a2:08:84:82:5e:7c:95:58:54:cd: 2b:6f:1b:cc:1b:01:21:59:01:d5:a3:d9:18:65:3f: 03:5c:c7:4b:95:22:b0:bc:7b:66:3c:01:c9:cd:38: 22:8d:89:a1:e7:a1:6d:23:cb:53:6a:bf:ed:2d:12: 36:46:30:a6:9a:2c:cd:76:7a:ae:67:0f:cc:18:2e: 00:84:8d:b7:c1:dd:ae:4d:3d:e3:d3:a1:4c:ab:ee: fd:19:f4:5b:59:c0:14:a8:8c:42:01:66:25:b7:c4: 2a:a0:cf:43:f3:cb:fc:ab:0a:32:5a:8f:db:60:8e: f7:c4:16:92:46:50:a6:fc:2d:c7:3b:1a:18:14:7a: 47:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:42:E4:99:FA:E6:65:E6:39:24:37:9A:E7:A9:3F:6F:FE:61:E4:57 X509v3 Authority Key Identifier: keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:36:03:34:6c:6a:ce:71:20:47:5b:47:49:04:85:bf:46:72: e0:52:3c:2f:72:68:85:94:15:2b:59:33:05:85:f9:1a:35:0f: c6:c7:a8:da:71:23:f1:23:f0:36:95:e6:49:81:b0:4a:0d:69: e3:58:d3:d8:fa:c3:d0:66:2f:98:22:57:36:50:2c:f5:a9:f1: 04:e6:bc:38:dc:96:e4:40:e3:1e:eb:1d:7d:da:aa:0a:3e:e6: 92:f7:07:59:b8:2a:0b:ad:a8:1d:10:c1:e9:81:80:7b:ff:c7: 9a:18:a9:8b:6b:3d:95:50:3e:f1:31:60:47:e2:e4:a3:9e:e3: 06:26:f2:60:d2:ba:87:9c:d7:58:86:e5:80:fc:dd:75:42:53: 2e:aa:48:01:57:96:b9:3e:07:bf:4b:7b:14:9e:ae:fb:42:1f: ee:60:2c:03:4b:5e:89:e4:93:88:0f:43:81:68:83:15:7c:aa: 18:8e:9a:a6:e5:1c:41:01:8d:f2:fd:8f:97:e4:03:23:08:7b: 54:c1:d8:f0:0e:f2:31:dd:c2:0e:52:d9:e8:00:b1:68:74:a4: c3:f3:a9:77:c4:74:71:99:d2:41:a1:39:35:13:90:01:25:4f: 10:51:dd:a1:f3:51:be:0f:80:98:d2:66:40:58:8c:62:29:81: 58:1c:13:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDXAx2vSwbCmAAKp9tz7KgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj NzZhMzQwHhcNMjUxMjIyMDAwMTA0WhcNMjUxMjIzMDAwMTA0WjAzMTEwLwYDVQQD EyhlNzQyZTQ5OWZhZTY2NWU2MzkyNDM3OWFlN2E5M2Y2ZmZlNjFlNDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tI0ZSKQt0k7AK1mZCXqqhxV6uOI a4RtEx/i4a4U9mlwVDzYLJwHtTQIOCH+SPSI0WSfwC0H9mVtJWh7sP/GR26KHwaa sFqsEa7BDrvUlZQnYiQPmmjLjVNj7dTGfYV86KF1EUMKxaSk5YmqHWimH+zDMPNu yLOWOONmRKIIhIJefJVYVM0rbxvMGwEhWQHVo9kYZT8DXMdLlSKwvHtmPAHJzTgi jYmh56FtI8tTar/tLRI2RjCmmizNdnquZw/MGC4AhI23wd2uTT3j06FMq+79GfRb WcAUqIxCAWYlt8QqoM9D88v8qwoyWo/bYI73xBaSRlCm/C3HOxoYFHpH3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOdC5Jn65mXmOSQ3muepP2/+YeRXMB8GA1UdIwQY MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5 LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtjYDNGxq znEgR1tHSQSFv0Zy4FI8L3JohZQVK1kzBYX5GjUPxseo2nEj8SPwNpXmSYGwSg1p 41jT2PrD0GYvmCJXNlAs9anxBOa8ONyW5EDjHusdfdqqCj7mkvcHWbgqC62oHRDB 6YGAe//Hmhipi2s9lVA+8TFgR+Lko57jBibyYNK6h5zXWIblgPzddUJTLqpIAVeW uT4Hv0t7FJ6u+0If7mAsA0teieSTiA9DgWiDFXyqGI6apuUcQQGN8v2Pl+QDIwh7 VMHY8A7yMd3CDlLZ6ACxaHSkw/Opd8R0cZnSQaE5NROQASVPEFHdofNRvg+AmNJm QFiMYimBWBwTig== -----END CERTIFICATE-----Generated at Mon Dec 22 06:34:21 2025 by rpki-client