This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft File: hto1bCqGENEdNM24pH0rkFGfvTU.mft (raw, json) Hash identifier: 6dor/I6hVU3mWz/t9QKl7lpTX2+SBe/O4Tk3v2a1uPU= Subject key identifier: F2:8B:56:A4:CC:74:DC:E2:17:D1:64:DF:BD:09:AC:22:64:AE:C9:26 Authority key identifier: 86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35 Certificate issuer: /CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35 Certificate serial: 019B3CEC76798D28128A3189DEA2478A3869 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft Manifest number: 148F Signing time: Sat 20 Dec 2025 18:01:28 +0000 Manifest this update: Sat 20 Dec 2025 18:01:28 +0000 Manifest next update: Sun 21 Dec 2025 18:01:28 +0000 Files and hashes: 1: e2SQSmJ5Uij4VeGzNgyMcf8tHqM.roa (hash: /jn7jwBSYHJhjR+sZRgi9zex0zsrMd1Ejp9Gj9O6Ons=) 2: hto1bCqGENEdNM24pH0rkFGfvTU.crl (hash: 3F22QPyfCJ+cN5/nr5OMmYp66bj+qbRAb44UPp9fljI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:76:79:8d:28:12:8a:31:89:de:a2:47:8a:38:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35 Validity Not Before: Dec 20 18:01:28 2025 GMT Not After : Dec 21 18:01:28 2025 GMT Subject: CN=f28b56a4cc74dce217d164dfbd09ac2264aec926 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8b:1a:57:b9:15:89:89:78:2e:09:82:12:9e: 71:fd:0f:56:88:c1:32:4a:c2:b4:4d:3b:80:57:6f: 67:3a:11:7a:a0:22:66:40:71:71:4f:25:df:c9:fa: 3f:de:88:4a:56:4f:ef:6b:e3:54:96:b4:0c:39:eb: a2:61:78:9e:ec:ec:67:50:92:74:a2:4c:64:ef:4e: 3d:2f:42:5c:29:9e:a1:93:3b:07:2a:b7:3c:d1:f6: 3c:45:52:16:60:1b:3a:7d:57:ad:8e:9d:9b:96:7e: b1:23:77:a6:fc:8f:c3:a2:a8:e6:5e:58:ec:e0:c4: 97:82:b7:37:90:1b:54:c6:c6:3d:a7:67:34:89:8c: 73:12:9a:38:98:8c:97:2e:0c:01:c5:06:07:84:51: 0b:b3:7d:55:af:81:24:24:e3:c8:95:7d:59:0a:02: 0b:f8:d1:8c:f6:38:eb:f7:92:88:f9:fe:49:28:48: 2e:6b:2d:cc:93:3e:48:81:71:0f:90:7e:54:ca:54: 58:7a:72:73:5c:f2:5a:b5:41:fd:0d:15:17:3f:65: 46:a7:5b:d1:fc:5b:b7:75:be:61:11:ef:99:fb:6a: e7:f9:4f:7f:49:e6:9f:05:54:2e:b7:8b:c0:11:40: 1c:f7:ff:b6:73:bd:c3:54:61:8d:ed:36:84:06:5e: e7:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:8B:56:A4:CC:74:DC:E2:17:D1:64:DF:BD:09:AC:22:64:AE:C9:26 X509v3 Authority Key Identifier: keyid:86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:da:4f:97:92:69:67:46:3f:a7:57:a1:50:a9:84:01:a3:ff: cc:e1:20:39:10:5e:14:4b:61:a7:28:3d:ba:3f:d4:ed:f1:6c: b3:31:bb:bc:25:c3:5f:45:f0:ce:56:fa:4b:d7:70:8e:f9:25: c3:f0:52:e7:67:c5:57:57:df:61:8e:1b:de:dd:3f:38:35:73: 70:0a:4c:a5:36:6c:09:74:d9:07:7a:34:d6:cf:51:55:a0:89: 3c:3a:9a:5a:17:b0:89:21:8e:12:63:c0:2c:3a:c3:8f:54:38: 34:0a:c1:ed:c2:e9:32:0d:fa:58:fc:1b:b4:b4:b4:cf:9e:eb: 6f:92:1c:2a:59:4a:20:cf:74:42:97:18:9c:7d:b7:ec:65:fa: ca:a1:c7:72:3b:32:63:a3:7f:d4:77:b3:92:3c:1f:08:06:a0: ba:2b:91:b7:41:90:1f:69:6c:5f:5c:6d:b6:45:d9:36:7c:23: 7e:9a:03:a5:70:70:36:5c:40:9b:c2:b5:c8:4f:b0:04:2b:21: c0:4e:ac:6e:f8:ea:2f:57:22:c7:2b:6c:c8:f2:72:3f:03:60: ba:ca:df:56:1e:7d:74:e0:76:6c:ff:fd:a7:1f:79:0f:83:94: cb:4d:19:11:f2:8c:68:6a:8d:f1:58:48:e9:19:57:a7:b5:c5: 4b:7f:95:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87HZ5jSgSijGJ3qJHijhpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZGEzNTZjMmE4NjEwZDExZDM0Y2RiOGE0N2QyYjkwNTE5 ZmJkMzUwHhcNMjUxMjIwMTgwMTI4WhcNMjUxMjIxMTgwMTI4WjAzMTEwLwYDVQQD EyhmMjhiNTZhNGNjNzRkY2UyMTdkMTY0ZGZiZDA5YWMyMjY0YWVjOTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYsaV7kViYl4LgmCEp5x/Q9WiMEy SsK0TTuAV29nOhF6oCJmQHFxTyXfyfo/3ohKVk/va+NUlrQMOeuiYXie7OxnUJJ0 okxk7049L0JcKZ6hkzsHKrc80fY8RVIWYBs6fVetjp2bln6xI3em/I/DoqjmXljs 4MSXgrc3kBtUxsY9p2c0iYxzEpo4mIyXLgwBxQYHhFELs31Vr4EkJOPIlX1ZCgIL +NGM9jjr95KI+f5JKEguay3Mkz5IgXEPkH5UylRYenJzXPJatUH9DRUXP2VGp1vR /Fu3db5hEe+Z+2rn+U9/SeafBVQut4vAEUAc9/+2c73DVGGN7TaEBl7nvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPKLVqTMdNziF9Fk370JrCJkrskmMB8GA1UdIwQY MBaAFIbaNWwqhhDRHTTNuKR9K5BRn701MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzIt OGE5NjYwNGM4MjZkLzEvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzItOGE5NjYwNGM4MjZk LzEvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAotpPl5Jp Z0Y/p1ehUKmEAaP/zOEgORBeFEthpyg9uj/U7fFsszG7vCXDX0Xwzlb6S9dwjvkl w/BS52fFV1ffYY4b3t0/ODVzcApMpTZsCXTZB3o01s9RVaCJPDqaWhewiSGOEmPA LDrDj1Q4NArB7cLpMg36WPwbtLS0z57rb5IcKllKIM90QpcYnH237GX6yqHHcjsy Y6N/1HezkjwfCAaguiuRt0GQH2lsX1xttkXZNnwjfpoDpXBwNlxAm8K1yE+wBCsh wE6sbvjqL1cixytsyPJyPwNgusrfVh59dOB2bP/9px95D4OUy00ZEfKMaGqN8VhI 6RlXp7XFS3+VuQ== -----END CERTIFICATE-----Generated at Sun Dec 21 04:04:11 2025 by rpki-client