This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.mft File: hps2AP1zjmmNEv7yDhBuapTjtnQ.mft (raw, json) Hash identifier: 4Y7nroxCDgeWHjPTB2emmTzQlFtt77buUIOTx7nGxgc= Subject key identifier: C2:EB:FE:9B:81:68:04:A9:BB:00:F3:97:DA:56:A3:18:CD:E4:78:6D Authority key identifier: 86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74 Certificate issuer: /CN=869b3600fd738e698d12fef20e106e6a94e3b674 Certificate serial: 019B4280242B9E954E2B8C309F8CDF6B25FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.mft Manifest number: 0C7C Signing time: Sun 21 Dec 2025 20:00:52 +0000 Manifest this update: Sun 21 Dec 2025 20:00:52 +0000 Manifest next update: Mon 22 Dec 2025 20:00:52 +0000 Files and hashes: 1: hps2AP1zjmmNEv7yDhBuapTjtnQ.crl (hash: JXO66NSOtJM4yBc4FsuTCe6DLUapPvh71SGA32mpWwQ=) 2: wWq59skVXk0ZG4IFLK9dggmPZBc.roa (hash: G7C47jomjQ8yRWntSox+zS/AjFvrINeu+2AEHacLP1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 20:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:80:24:2b:9e:95:4e:2b:8c:30:9f:8c:df:6b:25:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=869b3600fd738e698d12fef20e106e6a94e3b674 Validity Not Before: Dec 21 20:00:52 2025 GMT Not After : Dec 22 20:00:52 2025 GMT Subject: CN=c2ebfe9b816804a9bb00f397da56a318cde4786d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:33:f5:37:ea:f6:8e:c3:32:e3:5f:fb:bb:ee: 99:16:39:ae:6d:b9:6b:4d:d4:32:51:fd:d2:71:df: 72:63:43:05:91:7f:4f:fe:98:6b:b2:77:9b:0b:23: a9:2b:dc:20:84:00:d1:6d:1d:16:55:93:bc:69:f2: 7e:cd:32:f7:ea:fe:e6:f2:b8:ca:7f:4d:ab:31:e4: b8:52:43:0d:15:29:9a:c3:a0:95:4b:53:c3:23:6a: 7a:9b:6e:42:d1:ee:c8:4a:f8:db:2d:1f:81:00:20: be:80:95:8c:9c:80:be:f7:2a:2f:96:8b:57:b8:de: d5:9a:c8:ba:ba:5b:97:2f:64:f5:f2:70:1c:b5:cf: 84:0e:87:2b:14:cd:2e:df:41:fb:d3:0e:9b:d1:f1: 0f:f6:7f:66:2e:55:3a:19:bb:61:ad:94:b0:fd:b7: ac:59:0c:cb:b6:b8:01:eb:9e:d5:54:f4:39:4e:4e: f1:a9:16:1c:8d:ae:4e:04:19:d4:18:d8:d6:3e:5b: b6:4a:46:46:42:f0:d1:7e:10:80:ba:45:be:c7:f9: d9:6d:9b:28:07:f0:c8:28:9f:1d:3f:75:d2:7a:df: fb:c5:7c:23:a8:31:81:e1:9b:9b:f4:c4:4c:15:c8: d2:d2:47:f3:d3:d7:da:d3:eb:cb:72:2e:07:80:fb: be:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:EB:FE:9B:81:68:04:A9:BB:00:F3:97:DA:56:A3:18:CD:E4:78:6D X509v3 Authority Key Identifier: keyid:86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:40:08:f1:0a:17:18:4d:f1:47:1e:25:8d:b6:3e:85:d1:f3: 4e:fa:4a:a2:fe:1c:79:19:f7:15:94:78:b2:a3:fc:be:71:2e: 56:f0:16:9f:88:cf:7a:cc:42:8c:52:2f:32:a1:e7:d1:0b:3d: 5f:da:8a:53:0f:dc:40:97:77:b4:b6:21:1e:5c:a4:37:31:e9: 25:2a:bf:59:b7:8b:4a:65:44:a5:cb:62:72:eb:a8:18:31:53: d3:55:22:22:64:a5:a3:7e:c7:17:fc:57:35:ea:cd:b8:fc:9f: 51:17:88:fe:7d:a4:e3:e2:5d:65:ae:7d:21:a6:f8:c6:95:c1: 4d:0a:ff:99:93:2e:39:fa:c9:29:77:95:55:a4:64:b3:dc:b6: a7:e4:bc:57:91:17:a5:dd:15:8b:36:d9:5f:15:0e:ca:cf:15: f9:51:ad:43:90:c7:17:ab:24:05:e7:29:2d:71:c3:dc:8d:03: 63:e4:cb:a9:cf:24:c4:73:d5:69:1a:5f:94:43:45:98:32:3c: 00:24:01:b7:df:45:23:89:9d:2f:f2:0c:6a:46:34:cf:04:de: cd:db:ab:5e:49:af:de:6c:8c:35:45:08:e8:98:b5:1b:63:e0: a4:46:b8:1c:ce:f5:7e:fe:db:52:56:3f:d2:85:40:59:85:95: 57:2a:5f:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCgCQrnpVOK4wwn4zfayX6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OWIzNjAwZmQ3MzhlNjk4ZDEyZmVmMjBlMTA2ZTZhOTRl M2I2NzQwHhcNMjUxMjIxMjAwMDUyWhcNMjUxMjIyMjAwMDUyWjAzMTEwLwYDVQQD EyhjMmViZmU5YjgxNjgwNGE5YmIwMGYzOTdkYTU2YTMxOGNkZTQ3ODZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDP1N+r2jsMy41/7u+6ZFjmubblr TdQyUf3Scd9yY0MFkX9P/phrsnebCyOpK9wghADRbR0WVZO8afJ+zTL36v7m8rjK f02rMeS4UkMNFSmaw6CVS1PDI2p6m25C0e7ISvjbLR+BACC+gJWMnIC+9yovlotX uN7Vmsi6uluXL2T18nActc+EDocrFM0u30H70w6b0fEP9n9mLlU6GbthrZSw/bes WQzLtrgB657VVPQ5Tk7xqRYcja5OBBnUGNjWPlu2SkZGQvDRfhCAukW+x/nZbZso B/DIKJ8dP3XSet/7xXwjqDGB4Zub9MRMFcjS0kfz09fa0+vLci4HgPu+ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMLr/puBaASpuwDzl9pWoxjN5HhtMB8GA1UdIwQY MBaAFIabNgD9c45pjRL+8g4QbmqU47Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUt NDI0M2U4OGJkNzZjLzEvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUtNDI0M2U4OGJkNzZj LzEvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc0AI8QoX GE3xRx4ljbY+hdHzTvpKov4ceRn3FZR4sqP8vnEuVvAWn4jPesxCjFIvMqHn0Qs9 X9qKUw/cQJd3tLYhHlykNzHpJSq/WbeLSmVEpcticuuoGDFT01UiImSlo37HF/xX NerNuPyfUReI/n2k4+JdZa59Iab4xpXBTQr/mZMuOfrJKXeVVaRks9y2p+S8V5EX pd0VizbZXxUOys8V+VGtQ5DHF6skBecpLXHD3I0DY+TLqc8kxHPVaRpflENFmDI8 ACQBt99FI4mdL/IMakY0zwTezdurXkmv3myMNUUI6Ji1G2PgpEa4HM71fv7bUlY/ 0oVAWYWVVypfgg== -----END CERTIFICATE-----Generated at Mon Dec 22 04:19:29 2025 by rpki-client