This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft File: hTodtQq3cdy1KTZ92VGmfKzEhSc.mft (raw, json) Hash identifier: q1+mcsTSSNhExgaBoTNb/jNdQYY8ce+/EihmP8U6LV0= Subject key identifier: EB:41:81:27:E1:08:F8:4B:70:59:4C:03:BD:31:23:26:8D:2B:CE:2E Authority key identifier: 85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27 Certificate issuer: /CN=853a1db50ab771dcb529367dd951a67cacc48527 Certificate serial: 019B3D22D709BEE94FD4C42D5E7FC81C35F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 19:00:51 +0000 Manifest this update: Sat 20 Dec 2025 19:00:51 +0000 Manifest next update: Sun 21 Dec 2025 19:00:51 +0000 Files and hashes: 1: KFxs769oKYSlN9E-IJj7uVI5-Jk.roa (hash: oeJ8lNpcZ8slOJ+v6lew9m45/w6Rj6vHO1zS6reB6dA=) 2: hTodtQq3cdy1KTZ92VGmfKzEhSc.crl (hash: Y2fWNODzOpOTVqo0ygAMfj8LEPvnAql7u87Gc9NrTSE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:d7:09:be:e9:4f:d4:c4:2d:5e:7f:c8:1c:35:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=853a1db50ab771dcb529367dd951a67cacc48527 Validity Not Before: Dec 20 19:00:51 2025 GMT Not After : Dec 21 19:00:51 2025 GMT Subject: CN=eb418127e108f84b70594c03bd3123268d2bce2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:32:9c:e7:8e:82:cf:06:db:a2:d0:df:60:51: 92:fd:e2:09:39:39:26:cd:a9:97:57:18:dd:74:75: 8d:fd:a2:8a:65:9e:13:b6:d9:d3:4f:38:12:06:9f: 0f:c2:91:68:57:be:a0:25:3e:7c:64:9b:cc:31:7c: 7d:5e:a4:ab:5a:89:05:be:e1:b8:55:f8:46:bd:1f: 51:11:63:7b:55:fa:e8:f3:ce:d7:b2:8c:22:ff:41: c8:a5:71:79:62:19:c5:ea:5d:cf:d4:7f:47:be:7e: 70:25:49:c0:f3:2d:76:49:d1:59:c8:a5:d1:44:af: 6e:28:84:5a:94:4d:55:e8:ee:da:9c:97:03:c7:84: ac:29:a4:d1:62:4a:a3:7b:a7:96:c4:f7:8c:f9:11: 23:8a:f5:34:2e:68:b4:64:50:d2:2a:16:41:2a:4e: ea:99:0e:ec:99:73:a1:62:bb:40:5e:e2:44:22:45: 12:4e:b1:c0:b2:a0:e4:f9:ff:1e:8d:13:f6:5c:eb: 1a:fd:70:f5:33:39:c1:98:31:7d:b8:bf:f3:3b:91: b7:0b:cf:91:09:91:d9:db:67:81:85:c3:8f:75:a7: 4d:fd:96:b3:32:33:35:b3:af:97:be:a9:f6:ed:0b: 71:98:14:67:cc:ff:25:67:cf:89:18:20:84:4b:ab: fc:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:41:81:27:E1:08:F8:4B:70:59:4C:03:BD:31:23:26:8D:2B:CE:2E X509v3 Authority Key Identifier: keyid:85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:64:e0:a1:a3:9c:47:7a:73:7e:c7:f7:dc:1b:7d:9c:73:e4: d7:02:e1:b3:df:b8:d8:09:f0:48:a2:13:ab:c0:cb:9f:50:e2: 85:1a:cc:d2:94:ab:09:26:6a:d5:a5:ff:ef:81:30:6b:ab:fe: 70:99:5b:46:8b:04:4a:bd:73:1d:12:49:f8:47:24:3e:44:c3: e2:fd:ba:5f:0f:6c:77:2a:da:06:6d:bb:37:8f:59:c1:82:a4: 73:6e:ff:f2:06:3d:22:d1:dc:45:ef:16:37:18:7a:c0:3b:29: 8d:3a:97:4c:8c:3c:15:a2:00:e7:3d:4e:78:73:07:97:ec:38: 59:02:38:1e:64:3f:b8:50:9f:18:60:bf:00:c0:e6:2f:d9:43: 26:b6:39:4b:1c:45:f2:bf:14:8c:bf:0f:aa:b1:74:1a:34:0d: be:0e:d6:b5:38:dc:d8:81:04:d9:3d:1a:f4:80:40:37:71:74: 53:2d:65:6f:5a:e7:9d:38:86:4b:3f:d0:36:79:bc:35:e0:99: 67:d6:e3:8a:23:d7:02:45:e3:95:d0:ab:60:b4:a5:f7:82:82: d7:e8:9f:65:3b:75:a8:12:e3:d2:03:66:84:28:3c:29:0c:db: e1:46:e5:2d:40:28:af:89:fa:8d:b3:1c:e8:df:7c:d9:5b:9a: 54:d5:97:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9ItcJvulP1MQtXn/IHDX0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1M2ExZGI1MGFiNzcxZGNiNTI5MzY3ZGQ5NTFhNjdjYWNj NDg1MjcwHhcNMjUxMjIwMTkwMDUxWhcNMjUxMjIxMTkwMDUxWjAzMTEwLwYDVQQD EyhlYjQxODEyN2UxMDhmODRiNzA1OTRjMDNiZDMxMjMyNjhkMmJjZTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDKc546CzwbbotDfYFGS/eIJOTkm zamXVxjddHWN/aKKZZ4TttnTTzgSBp8PwpFoV76gJT58ZJvMMXx9XqSrWokFvuG4 VfhGvR9REWN7Vfro887Xsowi/0HIpXF5YhnF6l3P1H9Hvn5wJUnA8y12SdFZyKXR RK9uKIRalE1V6O7anJcDx4SsKaTRYkqje6eWxPeM+REjivU0Lmi0ZFDSKhZBKk7q mQ7smXOhYrtAXuJEIkUSTrHAsqDk+f8ejRP2XOsa/XD1MznBmDF9uL/zO5G3C8+R CZHZ22eBhcOPdadN/ZazMjM1s6+Xvqn27QtxmBRnzP8lZ8+JGCCES6v8FQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtBgSfhCPhLcFlMA70xIyaNK84uMB8GA1UdIwQY MBaAFIU6HbUKt3HctSk2fdlRpnysxIUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgt NzcyOTVjOWNlODY2LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgtNzcyOTVjOWNlODY2 LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWTgoaOc R3pzfsf33Bt9nHPk1wLhs9+42AnwSKITq8DLn1DihRrM0pSrCSZq1aX/74Ewa6v+ cJlbRosESr1zHRJJ+EckPkTD4v26Xw9sdyraBm27N49ZwYKkc27/8gY9ItHcRe8W Nxh6wDspjTqXTIw8FaIA5z1OeHMHl+w4WQI4HmQ/uFCfGGC/AMDmL9lDJrY5SxxF 8r8UjL8PqrF0GjQNvg7WtTjc2IEE2T0a9IBAN3F0Uy1lb1rnnTiGSz/QNnm8NeCZ Z9bjiiPXAkXjldCrYLSl94KC1+ifZTt1qBLj0gNmhCg8KQzb4UblLUAor4n6jbMc 6N982VuaVNWXXg== -----END CERTIFICATE-----Generated at Sat Dec 20 22:47:22 2025 by rpki-client