This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json) Hash identifier: 9OLrSroQQlFEPYKV+9HuT1d1rpuZiLQLd6c2d0kyOGc= Subject key identifier: 0A:0B:2E:CA:BC:F2:13:D1:62:03:1E:48:AA:2C:A8:E1:01:F4:36:0A Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1 Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1 Certificate serial: 019B3C0FF58E55AD39D54249FAC1F51ED69E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft Manifest number: 024B Signing time: Sat 20 Dec 2025 14:00:37 +0000 Manifest this update: Sat 20 Dec 2025 14:00:37 +0000 Manifest next update: Sun 21 Dec 2025 14:00:37 +0000 Files and hashes: 1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=) 2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: ujTFvxSDX7x4uUz6+l03ab0EwfzjCtBDXy01O6sTASU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:0f:f5:8e:55:ad:39:d5:42:49:fa:c1:f5:1e:d6:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1 Validity Not Before: Dec 20 14:00:37 2025 GMT Not After : Dec 21 14:00:37 2025 GMT Subject: CN=0a0b2ecabcf213d162031e48aa2ca8e101f4360a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:75:75:41:5c:b3:13:8d:1a:5f:de:58:8d:a0: 37:61:c1:46:43:fa:53:0e:2f:0d:e2:43:2a:b3:56: 52:c0:e6:a4:85:02:90:69:59:f1:6b:97:3f:7d:15: f8:b9:18:8d:90:e8:08:e9:6a:a6:93:e4:82:17:3c: b2:31:1e:0a:9a:8d:ec:b7:f2:b7:ea:34:c8:90:73: ae:f5:ab:08:8a:20:b1:da:19:11:dd:65:f7:55:46: bf:de:db:76:60:53:47:55:ee:7f:a7:07:42:cb:a5: 0d:32:2d:6e:2e:58:36:70:f6:55:a0:16:b5:9b:ae: 46:f5:a3:c4:00:0a:82:29:e8:20:8c:dd:8f:38:73: 0e:7e:65:c4:a3:da:cc:a6:fa:73:dc:fe:98:b3:21: ca:e3:da:ca:6b:42:77:58:5f:6a:fd:5b:30:bb:4e: d0:6d:1c:13:6a:1b:d4:c1:ea:6a:2b:53:46:da:75: e5:f3:35:2c:41:2c:c0:9a:5c:70:db:4c:15:32:c5: 59:23:06:ca:b7:9b:65:10:f9:f6:2d:49:42:8d:b2: 5d:12:2a:0c:77:06:71:58:76:18:bd:31:f6:00:ac: 28:62:7b:5f:3b:ca:5a:ca:cd:0b:76:d5:d3:6b:f1: 32:68:d8:fe:0a:b9:d9:60:9f:94:cc:55:6a:e8:24: ef:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:0B:2E:CA:BC:F2:13:D1:62:03:1E:48:AA:2C:A8:E1:01:F4:36:0A X509v3 Authority Key Identifier: keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:c7:d1:d8:fc:10:a7:13:e1:d2:05:09:c7:ba:53:cd:83:b7: 32:8c:e9:6a:c6:d1:44:1b:82:6d:9a:e1:9e:93:23:80:ce:73: ef:5a:ea:76:87:b4:f7:dc:3c:ad:f2:fc:54:08:52:ba:0b:aa: 7c:5a:46:2e:67:1a:2d:7d:f4:80:3e:1c:ba:d1:62:e7:fa:a8: fa:5d:39:56:a7:91:a9:21:d4:57:34:2a:1a:2f:23:b3:37:14: 0f:ab:ce:0a:16:02:0b:61:ef:5d:cf:4a:37:37:e7:f9:f8:e6: 69:83:ed:dc:cb:54:15:77:cb:d9:ba:73:e7:90:76:0b:3c:e4: 70:98:32:bb:f8:1c:06:7c:af:d9:b7:b3:ef:c3:80:59:c6:5d: 8b:4a:e5:ed:39:31:6f:92:4c:b2:0a:d0:de:db:4c:a7:aa:35: e3:38:89:aa:97:52:a8:d5:25:66:00:d4:ae:38:6a:16:f7:be: e6:fe:d4:ac:ac:95:7a:47:cb:13:b2:d6:99:68:da:a5:1d:95: 3b:b8:ce:eb:45:d8:1c:40:02:7f:fc:2d:ad:6d:63:e6:c5:c4: e4:17:12:8d:99:87:4e:22:c8:7f:c2:a1:f0:04:98:14:cc:88: 42:8a:53:57:83:62:78:8d:50:09:79:a5:a9:e4:c1:c6:ce:07: c5:ba:2c:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8D/WOVa051UJJ+sH1HtaeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm NWU5ZDEwHhcNMjUxMjIwMTQwMDM3WhcNMjUxMjIxMTQwMDM3WjAzMTEwLwYDVQQD EygwYTBiMmVjYWJjZjIxM2QxNjIwMzFlNDhhYTJjYThlMTAxZjQzNjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3V1QVyzE40aX95YjaA3YcFGQ/pT Di8N4kMqs1ZSwOakhQKQaVnxa5c/fRX4uRiNkOgI6Wqmk+SCFzyyMR4Kmo3st/K3 6jTIkHOu9asIiiCx2hkR3WX3VUa/3tt2YFNHVe5/pwdCy6UNMi1uLlg2cPZVoBa1 m65G9aPEAAqCKeggjN2POHMOfmXEo9rMpvpz3P6YsyHK49rKa0J3WF9q/Vswu07Q bRwTahvUwepqK1NG2nXl8zUsQSzAmlxw20wVMsVZIwbKt5tlEPn2LUlCjbJdEioM dwZxWHYYvTH2AKwoYntfO8pays0LdtXTa/EyaNj+CrnZYJ+UzFVq6CTvaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAoLLsq88hPRYgMeSKosqOEB9DYKMB8GA1UdIwQY MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4 LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8fR2PwQ pxPh0gUJx7pTzYO3MozpasbRRBuCbZrhnpMjgM5z71rqdoe099w8rfL8VAhSuguq fFpGLmcaLX30gD4cutFi5/qo+l05VqeRqSHUVzQqGi8jszcUD6vOChYCC2HvXc9K Nzfn+fjmaYPt3MtUFXfL2bpz55B2CzzkcJgyu/gcBnyv2bez78OAWcZdi0rl7Tkx b5JMsgrQ3ttMp6o14ziJqpdSqNUlZgDUrjhqFve+5v7UrKyVekfLE7LWmWjapR2V O7jO60XYHEACf/wtrW1j5sXE5BcSjZmHTiLIf8Kh8ASYFMyIQopTV4NieI1QCXml qeTBxs4HxbosfQ== -----END CERTIFICATE-----Generated at Sat Dec 20 15:58:14 2025 by rpki-client