This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json) Hash identifier: F9uKOvljh6YvzFChuso5Ze/eLYUo4VyMozi/Ze9xYSg= Subject key identifier: 50:25:A9:9E:95:B7:21:92:36:04:CD:4F:7E:53:37:35:95:9B:1E:D2 Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27 Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927 Certificate serial: 019B39EAA7E76B332D83A783766B2BE20EFD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft Manifest number: 1717 Signing time: Sat 20 Dec 2025 04:00:38 +0000 Manifest this update: Sat 20 Dec 2025 04:00:38 +0000 Manifest next update: Sun 21 Dec 2025 04:00:38 +0000 Files and hashes: 1: 5MK1ewnt7LozxEmddZiWa3omfKc.roa (hash: 7+tCKj1f1iwSFAN/o1/yY8fVwb73KSasEYzwGjDKXO0=) 2: DeHazeP3A9wAumTO_Rmx5RqWaqs.roa (hash: 0hOPuiiQ+UKk5lNFYgiHmEshvjQhpp/6FLqfnT4DM3I=) 3: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: yzwbJkLKCs+D0Ah/83ir08b82ixzvV64NvYAJXyZDFs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 04:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:ea:a7:e7:6b:33:2d:83:a7:83:76:6b:2b:e2:0e:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927 Validity Not Before: Dec 20 04:00:38 2025 GMT Not After : Dec 21 04:00:38 2025 GMT Subject: CN=5025a99e95b721923604cd4f7e533735959b1ed2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:f9:57:4e:ca:98:af:8e:27:3a:6a:4e:ee:2c: d3:1d:52:9f:16:e6:d1:b2:dd:0e:95:66:43:01:68: a7:3c:d8:ba:ac:53:30:b4:64:08:f8:7c:16:d8:bc: 73:94:2f:52:b4:59:69:92:e2:54:f4:f0:3d:49:0a: 2c:ed:18:29:04:a8:e8:cc:ab:fa:12:51:dc:cb:b4: b9:48:a5:a0:ea:ea:82:d3:e2:82:0a:d5:df:37:8d: c1:61:28:da:8b:00:c3:10:2b:db:34:55:72:b3:05: 64:fd:29:0c:49:bd:ec:c9:6c:21:a0:22:c9:7d:0a: cb:e6:34:f3:a9:50:af:46:6b:9d:63:a8:3b:d9:f3: 98:dd:4c:2b:f8:cb:59:0d:9f:50:b8:53:89:07:ef: 49:bc:7d:f5:5a:56:05:02:97:6c:86:fb:e6:e1:c5: 93:85:4d:55:69:5d:16:71:a2:88:c3:d5:a1:16:7c: 6e:d1:08:42:74:08:4c:a1:c7:5e:94:43:11:b0:95: 7c:57:0d:ee:6d:66:7a:5e:6f:d5:f4:14:84:40:a6: 72:69:38:dc:90:b4:f1:a2:5f:9f:5d:a7:f3:a1:03: 39:3d:be:66:26:32:fe:7b:16:da:e8:95:77:f4:09: dd:11:23:88:e4:b5:4f:26:32:50:ac:70:2c:e7:de: 52:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:25:A9:9E:95:B7:21:92:36:04:CD:4F:7E:53:37:35:95:9B:1E:D2 X509v3 Authority Key Identifier: keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:65:5c:6a:8e:c0:8a:c5:54:b5:6e:ad:0b:46:a2:bc:d2:97: d7:78:83:72:f1:15:d6:bc:1b:c4:d6:bd:e8:6b:47:21:e2:3e: 1b:80:5c:ef:2b:31:8b:f5:6e:c8:40:6f:4c:e5:2e:96:ad:b0: b0:75:59:7e:f0:b2:d6:c7:ea:db:a4:e9:05:08:ba:80:c1:f2: 71:5f:b6:d5:be:29:33:d0:97:e7:71:d4:50:1b:97:24:f9:57: ae:ad:8d:c7:e4:54:f7:37:6f:4a:19:2c:54:4b:a0:09:ee:90: 4a:62:db:91:1a:c9:04:65:ee:00:92:de:f3:5a:a8:05:b8:9a: dd:2e:d9:04:0e:49:4d:dc:dd:f2:9d:68:cc:3d:f1:ca:52:e5: 7c:66:11:4e:71:a7:80:9c:b9:ca:f1:ac:b6:90:45:50:15:a9: fe:ef:ca:13:ad:f5:e5:73:01:30:46:f8:bf:4d:48:1e:e9:b2: 34:4b:e7:ba:14:0f:92:0c:de:2c:88:4e:a2:f8:6a:66:91:3d: 3c:79:eb:52:09:f7:1e:9d:df:c1:fe:f8:07:27:4a:85:25:65: 57:dc:b0:23:fb:5a:de:ee:c3:93:44:1f:09:a8:00:c8:43:1e: 1a:63:f1:39:d7:a0:11:a0:25:c1:de:e6:41:a7:51:02:19:90: c2:3c:b5:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56qfnazMtg6eDdmsr4g79MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj ODQ5MjcwHhcNMjUxMjIwMDQwMDM4WhcNMjUxMjIxMDQwMDM4WjAzMTEwLwYDVQQD Eyg1MDI1YTk5ZTk1YjcyMTkyMzYwNGNkNGY3ZTUzMzczNTk1OWIxZWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+flXTsqYr44nOmpO7izTHVKfFubR st0OlWZDAWinPNi6rFMwtGQI+HwW2LxzlC9StFlpkuJU9PA9SQos7RgpBKjozKv6 ElHcy7S5SKWg6uqC0+KCCtXfN43BYSjaiwDDECvbNFVyswVk/SkMSb3syWwhoCLJ fQrL5jTzqVCvRmudY6g72fOY3Uwr+MtZDZ9QuFOJB+9JvH31WlYFApdshvvm4cWT hU1VaV0WcaKIw9WhFnxu0QhCdAhMocdelEMRsJV8Vw3ubWZ6Xm/V9BSEQKZyaTjc kLTxol+fXafzoQM5Pb5mJjL+exba6JV39AndESOI5LVPJjJQrHAs595SMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFAlqZ6VtyGSNgTNT35TNzWVmx7SMB8GA1UdIwQY MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmVcao7A isVUtW6tC0aivNKX13iDcvEV1rwbxNa96GtHIeI+G4Bc7ysxi/VuyEBvTOUulq2w sHVZfvCy1sfq26TpBQi6gMHycV+21b4pM9CX53HUUBuXJPlXrq2Nx+RU9zdvShks VEugCe6QSmLbkRrJBGXuAJLe81qoBbia3S7ZBA5JTdzd8p1ozD3xylLlfGYRTnGn gJy5yvGstpBFUBWp/u/KE6315XMBMEb4v01IHumyNEvnuhQPkgzeLIhOovhqZpE9 PHnrUgn3Hp3fwf74BydKhSVlV9ywI/ta3u7Dk0QfCagAyEMeGmPxOdegEaAlwd7m QadRAhmQwjy1rg== -----END CERTIFICATE-----Generated at Sat Dec 20 13:39:57 2025 by rpki-client