This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft File: HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json) Hash identifier: v/vM3LlfLXEON1W8SA9byT1i0VMO2+kf4A+lGHwQ45M= Subject key identifier: 2D:11:CB:BE:BE:C2:69:00:5E:BA:65:54:34:91:33:21:A2:E3:F3:25 Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E Certificate issuer: /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Certificate serial: 019B4FCDF7FF7F5246499654762D1BA9DBCD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft Manifest number: 165D Signing time: Wed 24 Dec 2025 10:00:56 +0000 Manifest this update: Wed 24 Dec 2025 10:00:56 +0000 Manifest next update: Thu 25 Dec 2025 10:00:56 +0000 Files and hashes: 1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: KjuJnWsFTq8EZGlxQyEBz2MBOLSJB92XkwCFl5IAYaQ=) 2: TRIkg-QwPxodaMNyhJudZJsULfg.roa (hash: ufMh2ZHdT1rvdo6TTuMqjAAVY8O4a0cCsUjxcMvHh8A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:cd:f7:ff:7f:52:46:49:96:54:76:2d:1b:a9:db:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Validity Not Before: Dec 24 10:00:56 2025 GMT Not After : Dec 25 10:00:56 2025 GMT Subject: CN=2d11cbbebec269005eba655434913321a2e3f325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:97:f2:fd:c9:c1:61:b9:62:cb:19:d0:fb:2c: 90:93:0b:c7:f2:49:7b:74:31:ae:d5:6e:a0:05:22: 36:b1:98:5e:e6:6c:b1:fe:64:ac:3f:82:fa:a5:a1: 84:77:41:d8:c7:b0:37:dd:0d:39:48:7e:b4:82:e5: 93:a0:7d:df:af:22:cd:c5:59:96:2e:b4:0f:da:d1: e3:e7:4c:b1:c6:16:84:b1:d3:f8:ed:cf:1c:9c:eb: fc:db:54:29:14:33:9c:1f:81:df:89:e6:cc:84:8f: e6:96:c6:50:0d:50:fb:94:d1:40:c1:d0:33:bc:26: 81:a3:46:46:ab:09:a1:8b:5f:af:b4:29:66:c8:92: 00:6d:db:86:23:e6:9c:68:5e:a0:b1:af:21:cc:28: 45:1d:03:94:03:38:cb:2b:38:87:4b:20:1e:61:70: 49:32:65:38:0c:27:70:2e:82:69:7f:ec:47:33:17: f2:43:00:14:48:3c:7b:cf:6a:c4:3a:06:52:65:fa: 19:8b:d9:f5:d5:bb:af:db:f7:73:10:a5:bc:f9:d9: ed:95:e2:33:bc:55:93:56:9f:ed:03:48:37:5c:5b: b9:57:1a:07:7a:fa:5e:1e:cc:ce:6e:05:98:58:eb: fd:d1:8d:8b:7a:a5:7f:94:69:20:38:7e:cc:54:2d: 82:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:11:CB:BE:BE:C2:69:00:5E:BA:65:54:34:91:33:21:A2:E3:F3:25 X509v3 Authority Key Identifier: keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:36:d6:fd:25:ea:6c:aa:92:e3:43:1d:d3:d5:73:01:2c:de: 7f:b9:71:f5:1a:e2:ed:b4:98:1c:2b:c1:25:ed:4c:8c:42:93: 7a:bc:92:2b:d7:bf:b4:7b:03:13:14:1f:a0:b5:14:52:57:dd: cc:2c:c9:6e:80:a3:91:59:bc:be:a4:be:3c:68:55:7f:5c:cd: 07:01:fd:9f:84:f7:d7:a1:d8:86:cf:dc:6a:68:2c:91:c4:88: 10:4e:d8:75:f9:56:e7:8f:40:53:44:59:cd:ea:89:1a:f0:b0: 18:fb:d3:d1:f0:a0:dd:3b:49:9c:34:ee:22:7e:57:b8:b8:0c: e6:ab:3c:b3:81:22:a7:60:72:a5:6b:57:68:13:6e:3b:36:da: 54:e8:39:c7:28:d5:ea:5d:6d:17:a6:4b:fa:66:ce:79:95:c7: b1:44:53:19:94:ee:00:ba:ef:13:53:9d:6b:24:cb:44:93:6b: a9:02:c5:26:f8:84:78:b9:57:63:7b:8f:7a:7b:c1:17:1f:39: 4f:15:13:2a:1c:6d:27:2a:24:11:94:d8:65:9c:43:c1:c1:ee: 97:c5:30:05:9d:8d:dc:dc:5b:2d:f3:f5:9f:0f:c8:fd:6c:79: 33:9b:3f:1e:4b:1c:3f:d3:de:2d:6c:14:fd:f9:00:1c:a9:83: 8d:00:8d:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzff/f1JGSZZUdi0bqdvNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5 MWRiNGUwHhcNMjUxMjI0MTAwMDU2WhcNMjUxMjI1MTAwMDU2WjAzMTEwLwYDVQQD EygyZDExY2JiZWJlYzI2OTAwNWViYTY1NTQzNDkxMzMyMWEyZTNmMzI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZfy/cnBYbliyxnQ+yyQkwvH8kl7 dDGu1W6gBSI2sZhe5myx/mSsP4L6paGEd0HYx7A33Q05SH60guWToH3fryLNxVmW LrQP2tHj50yxxhaEsdP47c8cnOv821QpFDOcH4HfiebMhI/mlsZQDVD7lNFAwdAz vCaBo0ZGqwmhi1+vtClmyJIAbduGI+acaF6gsa8hzChFHQOUAzjLKziHSyAeYXBJ MmU4DCdwLoJpf+xHMxfyQwAUSDx7z2rEOgZSZfoZi9n11buv2/dzEKW8+dntleIz vFWTVp/tA0g3XFu5VxoHevpeHszObgWYWOv90Y2LeqV/lGkgOH7MVC2CRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC0Ry76+wmkAXrplVDSRMyGi4/MlMB8GA1UdIwQY MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDbW/SXq bKqS40Md09VzASzef7lx9Rri7bSYHCvBJe1MjEKTerySK9e/tHsDExQfoLUUUlfd zCzJboCjkVm8vqS+PGhVf1zNBwH9n4T316HYhs/camgskcSIEE7YdflW549AU0RZ zeqJGvCwGPvT0fCg3TtJnDTuIn5XuLgM5qs8s4Eip2BypWtXaBNuOzbaVOg5xyjV 6l1tF6ZL+mbOeZXHsURTGZTuALrvE1OdayTLRJNrqQLFJviEeLlXY3uPenvBFx85 TxUTKhxtJyokEZTYZZxDwcHul8UwBZ2N3NxbLfP1nw/I/Wx5M5s/HkscP9PeLWwU /fkAHKmDjQCNPA== -----END CERTIFICATE-----Generated at Wed Dec 24 14:53:10 2025 by rpki-client