This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft File: HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json) Hash identifier: IkULa7/vE5v+pHCZecJ3cv+0eEVJQ2d4TqN0k8eIo8U= Subject key identifier: F8:ED:FF:96:CB:6A:B2:71:D4:5F:9D:05:BB:CD:F6:70:B5:A1:98:2C Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E Certificate issuer: /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Certificate serial: 019B44377F2110858DA7E9C08DB014EC5372 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft Manifest number: 1657 Signing time: Mon 22 Dec 2025 04:00:46 +0000 Manifest this update: Mon 22 Dec 2025 04:00:46 +0000 Manifest next update: Tue 23 Dec 2025 04:00:46 +0000 Files and hashes: 1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: 0/2cxnJ2OfK/szyljQkwtUONpTp8Vk3Qu+t/3J7DPz0=) 2: TRIkg-QwPxodaMNyhJudZJsULfg.roa (hash: ufMh2ZHdT1rvdo6TTuMqjAAVY8O4a0cCsUjxcMvHh8A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:37:7f:21:10:85:8d:a7:e9:c0:8d:b0:14:ec:53:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Validity Not Before: Dec 22 04:00:46 2025 GMT Not After : Dec 23 04:00:46 2025 GMT Subject: CN=f8edff96cb6ab271d45f9d05bbcdf670b5a1982c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:bd:3a:14:25:35:a5:cf:a4:8e:5d:7e:49:bf: ff:91:6d:e8:67:ff:bc:7a:7e:f1:15:89:0e:0e:56: 2a:a0:73:54:88:97:17:c0:f9:1b:0e:42:97:98:10: e3:bd:a6:77:a4:f1:d9:7f:37:43:1a:4b:c0:f0:f7: 4f:53:8b:1a:14:99:e0:aa:2b:81:28:41:26:57:32: 03:c9:dd:4a:ff:55:21:65:6d:c1:d8:c0:8f:1a:0b: 45:ea:15:2e:02:2b:cb:14:e2:af:3b:7f:6d:dd:92: 89:23:9b:62:80:7a:18:ff:24:3e:ae:58:7a:5b:c4: 0f:5a:d8:43:ba:01:3e:b2:17:26:87:87:86:84:78: e8:8e:fb:58:d6:52:d0:8e:c7:a5:22:75:d1:58:5d: 97:e1:f0:b0:a4:9b:95:2a:f5:ba:69:be:f4:63:01: 60:5d:fc:5b:57:8f:50:7f:74:78:d5:19:e6:e8:3e: 47:87:17:6d:f4:3c:69:93:a5:b0:0e:39:de:f9:d2: 5b:f8:8a:2a:9a:b2:15:07:6a:a7:5f:b2:db:98:ee: fd:10:bd:41:ee:6a:e0:42:8c:05:ae:d6:f7:9e:fa: da:b2:1c:2d:7c:d5:f6:1d:f4:3b:86:04:24:f9:c1: f8:ba:b4:46:9e:3e:42:ac:c7:1b:37:cf:f9:33:14: 36:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:ED:FF:96:CB:6A:B2:71:D4:5F:9D:05:BB:CD:F6:70:B5:A1:98:2C X509v3 Authority Key Identifier: keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:b3:ae:50:61:a1:f0:0c:a2:5d:95:c6:32:5f:32:c6:4e:12: fd:e4:91:c4:2b:fa:8b:95:c5:c1:ad:3b:53:0f:9f:c9:f3:cc: a6:8c:d5:f2:f7:40:46:84:ab:33:be:64:66:d4:84:3a:81:17: 13:e1:74:43:67:8d:c5:b0:6a:36:f2:06:d3:c3:c3:9f:29:fd: a3:58:45:95:01:e7:aa:7b:4d:d3:80:a3:42:07:30:88:72:9f: c7:7c:64:4f:a9:64:a5:75:7e:7a:36:f4:7d:7c:44:69:f6:25: 69:64:0e:f7:a1:43:a7:f7:17:7b:bc:c2:e5:b7:8d:7d:f2:f8: 64:79:29:22:81:58:92:f6:e7:fb:d5:d0:98:28:08:e3:41:80: 05:62:f7:7f:d3:d2:3c:0c:ff:b1:7f:34:1b:0c:b9:94:cf:dc: 80:bd:18:13:8f:fd:e0:00:07:5b:3e:61:99:09:87:62:ea:51: b2:ce:12:30:18:c9:e9:fe:69:6d:77:4c:3b:c4:aa:59:a8:c2: 79:23:83:5a:22:1f:10:89:52:05:9a:66:d8:1e:18:aa:6e:27: 9f:a8:ca:43:27:9b:44:80:92:75:15:b4:66:3e:ec:02:b5:a2: 44:70:f5:f3:8b:3b:40:68:16:dd:44:c6:e2:93:45:8d:6f:86: f8:6f:37:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEN38hEIWNp+nAjbAU7FNyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5 MWRiNGUwHhcNMjUxMjIyMDQwMDQ2WhcNMjUxMjIzMDQwMDQ2WjAzMTEwLwYDVQQD EyhmOGVkZmY5NmNiNmFiMjcxZDQ1ZjlkMDViYmNkZjY3MGI1YTE5ODJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn706FCU1pc+kjl1+Sb//kW3oZ/+8 en7xFYkODlYqoHNUiJcXwPkbDkKXmBDjvaZ3pPHZfzdDGkvA8PdPU4saFJngqiuB KEEmVzIDyd1K/1UhZW3B2MCPGgtF6hUuAivLFOKvO39t3ZKJI5tigHoY/yQ+rlh6 W8QPWthDugE+shcmh4eGhHjojvtY1lLQjselInXRWF2X4fCwpJuVKvW6ab70YwFg XfxbV49Qf3R41Rnm6D5Hhxdt9Dxpk6WwDjne+dJb+IoqmrIVB2qnX7LbmO79EL1B 7mrgQowFrtb3nvrashwtfNX2HfQ7hgQk+cH4urRGnj5CrMcbN8/5MxQ2gwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPjt/5bLarJx1F+dBbvN9nC1oZgsMB8GA1UdIwQY MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARbOuUGGh 8AyiXZXGMl8yxk4S/eSRxCv6i5XFwa07Uw+fyfPMpozV8vdARoSrM75kZtSEOoEX E+F0Q2eNxbBqNvIG08PDnyn9o1hFlQHnqntN04CjQgcwiHKfx3xkT6lkpXV+ejb0 fXxEafYlaWQO96FDp/cXe7zC5beNffL4ZHkpIoFYkvbn+9XQmCgI40GABWL3f9PS PAz/sX80Gwy5lM/cgL0YE4/94AAHWz5hmQmHYupRss4SMBjJ6f5pbXdMO8SqWajC eSODWiIfEIlSBZpm2B4Yqm4nn6jKQyebRICSdRW0Zj7sArWiRHD184s7QGgW3UTG 4pNFjW+G+G83wg== -----END CERTIFICATE-----Generated at Mon Dec 22 14:29:44 2025 by rpki-client