This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json) Hash identifier: FE14OWTQcDOoiiesfvHYOduXjlVxCN0ANiCkz3hIciw= Subject key identifier: BD:BF:36:4F:4F:A3:30:44:B6:B7:EF:92:DC:7F:0D:4C:F2:08:1C:2D Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8 Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8 Certificate serial: 019B766D70F7CAF6221084F63B34E1081F85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft Manifest number: 1225 Signing time: Wed 31 Dec 2025 22:00:42 +0000 Manifest this update: Wed 31 Dec 2025 22:00:42 +0000 Manifest next update: Thu 01 Jan 2026 22:00:42 +0000 Files and hashes: 1: CJqITen207ZODHzo1XtCMdI_VBo.roa (hash: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=) 2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: gaJLWQPeX3jkC1kdpxuSWyECr4Lz/fiJRN6ExEGKfQs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 22:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:6d:70:f7:ca:f6:22:10:84:f6:3b:34:e1:08:1f:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8 Validity Not Before: Dec 31 22:00:42 2025 GMT Not After : Jan 1 22:00:42 2026 GMT Subject: CN=bdbf364f4fa33044b6b7ef92dc7f0d4cf2081c2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:da:4d:67:b9:d9:dc:8e:e0:08:3d:62:36:c3: df:0b:fd:6c:35:82:40:f9:7f:da:c5:e0:a5:0b:d9: 52:97:90:f8:76:b2:39:15:33:c7:a2:ce:30:8a:72: b8:2c:40:33:57:4e:db:f5:d7:38:1c:37:7b:91:84: 80:ef:03:d3:e3:3d:a4:7d:1f:1f:82:32:8d:09:ad: 05:49:34:01:20:2c:03:9e:8d:8a:fb:1f:d0:28:1e: 8a:54:46:08:8c:dd:07:8e:70:e3:1c:d6:51:3f:b4: 85:eb:73:5a:b1:06:32:e8:9a:8e:51:49:6b:66:ca: c8:61:5f:bd:7a:9f:e0:ed:eb:1e:81:53:b0:0a:f1: 30:00:50:c5:b4:f9:58:aa:a0:47:11:5e:ca:4f:70: 76:eb:8e:50:ad:21:5b:ad:e3:3d:97:fb:e2:32:00: f7:7f:62:7e:de:97:28:13:06:46:ce:9d:98:7a:b0: 11:fe:62:8d:3e:5d:af:f9:91:36:74:90:7e:e2:08: 95:06:1a:2c:e5:55:55:79:5f:6f:4e:61:ae:33:c1: ed:65:25:a2:ed:70:71:de:c2:52:fd:a1:b7:ae:85: da:1a:ea:64:dc:0c:41:1f:c5:15:f7:29:cd:14:1b: da:f1:c9:55:85:f5:ac:8e:45:86:68:25:5d:dc:65: d9:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:BF:36:4F:4F:A3:30:44:B6:B7:EF:92:DC:7F:0D:4C:F2:08:1C:2D X509v3 Authority Key Identifier: keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:18:41:b7:01:35:29:66:6a:cc:74:a3:4d:64:f0:09:b7:dc: ff:b7:44:6d:12:b2:07:c8:19:b3:7d:7e:07:38:64:8b:55:95: a1:db:81:50:c9:db:37:84:ac:15:7f:36:8f:d1:d8:fa:49:f9: 67:56:11:a4:30:2e:b5:ee:bd:67:ce:e5:1a:cd:dc:40:ff:70: ea:25:03:dd:09:3b:4d:0a:b8:ff:7d:38:b7:44:b0:4b:da:67: 1e:30:2d:44:69:d4:ef:94:25:54:c9:f1:04:8f:4a:ca:ce:b8: 24:fb:5a:88:c4:6d:05:f5:d0:cc:10:7c:66:ab:29:8f:25:b2: cc:90:4f:83:08:38:bb:ef:90:f1:75:34:1e:24:98:9d:31:2f: e7:c0:33:d7:fd:53:9e:be:9c:7c:ce:93:7c:26:0b:f3:94:7a: 15:0e:c7:ed:f7:79:3b:e3:e2:99:fb:30:bc:85:c0:ff:9d:cb: ac:02:46:73:f3:ab:34:1e:ef:a1:e4:c0:1c:1f:b5:7e:f1:17: bc:03:fe:2b:2f:0b:4b:91:86:b4:c6:ad:43:7f:46:60:b8:27: 95:65:b8:79:a8:81:04:03:0f:1f:51:49:bf:bb:44:df:0a:3a: 7c:27:c5:d5:f1:f3:49:a0:04:31:9d:76:30:4a:1c:9f:91:b9: 7f:d9:d5:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2bXD3yvYiEIT2OzThCB+FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh YmNiYTgwHhcNMjUxMjMxMjIwMDQyWhcNMjYwMTAxMjIwMDQyWjAzMTEwLwYDVQQD EyhiZGJmMzY0ZjRmYTMzMDQ0YjZiN2VmOTJkYzdmMGQ0Y2YyMDgxYzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNpNZ7nZ3I7gCD1iNsPfC/1sNYJA +X/axeClC9lSl5D4drI5FTPHos4winK4LEAzV07b9dc4HDd7kYSA7wPT4z2kfR8f gjKNCa0FSTQBICwDno2K+x/QKB6KVEYIjN0HjnDjHNZRP7SF63NasQYy6JqOUUlr ZsrIYV+9ep/g7esegVOwCvEwAFDFtPlYqqBHEV7KT3B2645QrSFbreM9l/viMgD3 f2J+3pcoEwZGzp2YerAR/mKNPl2v+ZE2dJB+4giVBhos5VVVeV9vTmGuM8HtZSWi 7XBx3sJS/aG3roXaGupk3AxBH8UV9ynNFBva8clVhfWsjkWGaCVd3GXZtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL2/Nk9PozBEtrfvktx/DUzyCBwtMB8GA1UdIwQY MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhhhBtwE1 KWZqzHSjTWTwCbfc/7dEbRKyB8gZs31+Bzhki1WVoduBUMnbN4SsFX82j9HY+kn5 Z1YRpDAute69Z87lGs3cQP9w6iUD3Qk7TQq4/304t0SwS9pnHjAtRGnU75QlVMnx BI9Kys64JPtaiMRtBfXQzBB8ZqspjyWyzJBPgwg4u++Q8XU0HiSYnTEv58Az1/1T nr6cfM6TfCYL85R6FQ7H7fd5O+PimfswvIXA/53LrAJGc/OrNB7voeTAHB+1fvEX vAP+Ky8LS5GGtMatQ39GYLgnlWW4eaiBBAMPH1FJv7tE3wo6fCfF1fHzSaAEMZ12 MEocn5G5f9nVtg== -----END CERTIFICATE-----Generated at Thu Jan 1 02:50:31 2026 by rpki-client