This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft File: HRxS8VUvbqDwZNejt521wc8Wa9A.mft (raw, json) Hash identifier: NmlMFe5P8VmJJcOaVXbD9SYKnszyoybC3e56c3MB5ng= Subject key identifier: 14:45:F7:BB:4B:F0:03:DA:46:24:8C:6F:EF:60:BE:50:E2:7D:DA:DD Authority key identifier: 1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0 Certificate issuer: /CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0 Certificate serial: 019B778034D5BABD380CC21CE33780B8F614 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft Manifest number: 173A Signing time: Thu 01 Jan 2026 03:00:49 +0000 Manifest this update: Thu 01 Jan 2026 03:00:49 +0000 Manifest next update: Fri 02 Jan 2026 03:00:49 +0000 Files and hashes: 1: HRxS8VUvbqDwZNejt521wc8Wa9A.crl (hash: kt2GyM0COUipqmzPCGpaP3cq75g3nVXMPJ3VyLEOKUk=) 2: OqLUCxtgxChqlU1u5DSrV7o7hUE.roa (hash: 137N4QJ5LT3R5FaNUW+c79pvczICoEGACd1IGeCfKGY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 00:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:80:34:d5:ba:bd:38:0c:c2:1c:e3:37:80:b8:f6:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0 Validity Not Before: Jan 1 03:00:49 2026 GMT Not After : Jan 2 03:00:49 2026 GMT Subject: CN=1445f7bb4bf003da46248c6fef60be50e27ddadd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6f:7f:c9:4f:17:fd:9e:d9:ee:d9:47:3d:b3: 91:d3:53:25:9e:b1:df:11:e0:46:2e:b7:06:09:05: 46:85:ad:74:a1:04:da:9c:16:29:ec:95:fa:bd:ce: 36:0d:bd:ae:95:53:f0:bb:c3:b6:09:a6:c1:d4:4c: f5:aa:97:c3:16:fc:88:6d:0f:82:ef:72:df:1c:dc: 21:5a:49:e8:19:af:f7:b7:09:34:88:2d:ef:34:9a: c2:4e:52:eb:15:f1:f6:5c:46:6c:52:4a:14:12:e1: eb:8f:05:9a:78:48:d8:0e:f7:5e:6d:c1:94:9d:bf: 61:c2:57:81:74:5c:04:75:e8:64:67:8a:1a:fa:f2: de:2d:7b:ac:16:96:6b:de:48:20:8b:88:c1:f0:a2: e6:b3:3e:69:bc:bc:35:1d:70:76:e1:fd:01:93:d7: b7:78:42:ce:3d:1e:e9:a4:a0:3d:ad:e3:9c:4e:6c: 88:e0:21:37:6f:e9:d6:96:1c:8f:c3:6d:7d:ea:c9: 25:40:3b:0f:8e:2d:70:dc:d0:fb:60:39:75:58:be: 0d:5f:91:61:56:3a:f5:0d:c7:94:ba:85:0e:0d:f4: d8:cc:5b:79:f6:eb:1c:37:df:70:1e:f8:7a:4f:8a: 6e:32:d3:8b:9a:3f:31:cd:2e:76:ca:73:de:ce:55: fa:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:45:F7:BB:4B:F0:03:DA:46:24:8C:6F:EF:60:BE:50:E2:7D:DA:DD X509v3 Authority Key Identifier: keyid:1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:8e:45:57:02:3b:c0:33:d6:00:c5:45:26:04:24:c8:99:9d: e8:a6:11:16:d1:e3:e0:a2:3a:c2:1a:e1:08:2d:c5:db:a4:da: 68:d8:1b:90:6a:bc:98:5f:b2:c2:8c:fa:8f:97:42:71:72:96: e9:99:54:18:f4:4d:fd:99:ff:a1:ce:4c:52:2d:29:84:12:74: 67:cd:eb:a7:3e:06:94:df:a1:5f:24:7e:42:92:c3:1d:22:de: b6:ef:44:b5:13:5f:dd:00:54:7c:f4:bb:e2:ed:d0:42:84:23: c5:b2:9e:71:21:43:02:72:0e:00:56:72:39:f1:4a:8a:84:85: d5:46:5c:fe:07:52:21:ad:e4:9e:de:44:9a:21:26:79:48:ff: 6c:04:b2:c1:0a:40:07:6e:32:e9:83:d0:c4:3a:d8:93:c3:60: e7:4f:09:42:84:25:55:52:c1:ee:f4:74:ec:16:a9:b4:03:d9: ed:ee:50:9a:b3:ce:d3:b1:85:1e:42:58:f1:32:70:d1:e9:df: 13:a3:86:03:10:b0:96:dc:0f:ac:7f:27:e1:15:90:a5:c5:6e: 71:a9:7d:60:35:d9:7d:1b:36:6f:d3:00:07:9a:eb:7c:8b:ea: 6b:60:c8:41:59:5a:3d:6c:2b:17:1f:7e:bf:ea:54:59:95:c8: c6:8f:45:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt3gDTVur04DMIc4zeAuPYUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMWM1MmYxNTUyZjZlYTBmMDY0ZDdhM2I3OWRiNWMxY2Yx NjZiZDAwHhcNMjYwMTAxMDMwMDQ5WhcNMjYwMTAyMDMwMDQ5WjAzMTEwLwYDVQQD EygxNDQ1ZjdiYjRiZjAwM2RhNDYyNDhjNmZlZjYwYmU1MGUyN2RkYWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm9/yU8X/Z7Z7tlHPbOR01MlnrHf EeBGLrcGCQVGha10oQTanBYp7JX6vc42Db2ulVPwu8O2CabB1Ez1qpfDFvyIbQ+C 73LfHNwhWknoGa/3twk0iC3vNJrCTlLrFfH2XEZsUkoUEuHrjwWaeEjYDvdebcGU nb9hwleBdFwEdehkZ4oa+vLeLXusFpZr3kggi4jB8KLmsz5pvLw1HXB24f0Bk9e3 eELOPR7ppKA9reOcTmyI4CE3b+nWlhyPw2196sklQDsPji1w3ND7YDl1WL4NX5Fh Vjr1DceUuoUODfTYzFt59uscN99wHvh6T4puMtOLmj8xzS52ynPezlX6gwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBRF97tL8APaRiSMb+9gvlDifdrdMB8GA1UdIwQY MBaAFB0cUvFVL26g8GTXo7edtcHPFmvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjIt MjAxZDVhOWJiOGFhLzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjItMjAxZDVhOWJiOGFh LzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD45FVwI7 wDPWAMVFJgQkyJmd6KYRFtHj4KI6whrhCC3F26TaaNgbkGq8mF+ywoz6j5dCcXKW 6ZlUGPRN/Zn/oc5MUi0phBJ0Z83rpz4GlN+hXyR+QpLDHSLetu9EtRNf3QBUfPS7 4u3QQoQjxbKecSFDAnIOAFZyOfFKioSF1UZc/gdSIa3knt5EmiEmeUj/bASywQpA B24y6YPQxDrYk8Ng508JQoQlVVLB7vR07BaptAPZ7e5QmrPO07GFHkJY8TJw0enf E6OGAxCwltwPrH8n4RWQpcVucal9YDXZfRs2b9MAB5rrfIvqa2DIQVlaPWwrFx9+ v+pUWZXIxo9Flg== -----END CERTIFICATE-----Generated at Thu Jan 1 06:21:33 2026 by rpki-client