This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json) Hash identifier: QPdoIxWhy3E6XW5iDyTXajSBzV2RAqDp8v9DlMbsXmY= Subject key identifier: DD:7C:B0:8C:0A:DA:E1:4C:49:82:4A:25:7E:08:E2:B4:57:F3:98:EE Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922 Certificate serial: 019B44A5E10C72366ADC5C24E653BCA51BD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft Manifest number: 1338 Signing time: Mon 22 Dec 2025 06:01:20 +0000 Manifest this update: Mon 22 Dec 2025 06:01:20 +0000 Manifest next update: Tue 23 Dec 2025 06:01:20 +0000 Files and hashes: 1: EgrdXaLN-vc8C2zZS8RN3DywvDo.roa (hash: hzm54PDUPW3onP/qtSLZRsQOvKv3wuQ4riGx7IRQcQA=) 2: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: 4Ld4AHfkSNYgV3NxpbviN20vOm1TehHA/tetRLNxGYI=) 3: rAaiXMvO9i5snovqluPbyo_QCN0.roa (hash: pt3vDzVbNzSpy4PSZ8+XX3gpZBn6uEG/ZRILx9TbDQc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:e1:0c:72:36:6a:dc:5c:24:e6:53:bc:a5:1b:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922 Validity Not Before: Dec 22 06:01:20 2025 GMT Not After : Dec 23 06:01:20 2025 GMT Subject: CN=dd7cb08c0adae14c49824a257e08e2b457f398ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a3:35:e2:71:6a:00:33:f1:6c:10:e1:ce:be: 06:2a:7f:cf:e6:a8:2e:8a:66:c2:1d:16:12:1a:68: be:cb:88:01:ef:18:b7:4a:94:6c:8c:de:8f:ec:8f: c5:81:0f:f4:c4:2d:72:61:22:87:6c:c2:b8:33:08: ea:f9:90:30:3a:e2:37:9d:52:f3:68:05:94:c0:ee: 4c:06:4b:ef:55:be:f4:eb:53:18:f2:94:69:7a:b5: f7:c5:47:94:04:16:ac:c7:d9:a3:9d:f5:55:9f:33: c0:20:7d:c8:38:12:3f:49:c6:bf:fe:d7:6b:ae:49: a3:14:55:e8:45:50:ab:fc:6b:34:19:47:06:e2:0e: 01:68:20:a5:75:bf:eb:97:cb:65:65:46:cc:f2:1a: e2:3d:1c:4c:25:a6:30:48:32:c5:a1:1d:52:c7:16: 19:35:f7:9e:b3:e3:b7:d5:01:70:f3:2e:fd:28:8a: 61:59:08:45:45:d8:34:9b:8f:d5:c2:a1:19:2a:c9: 52:ab:13:52:d0:30:21:2f:64:31:60:3c:4b:a5:10: 0e:a6:7e:53:ea:6b:ee:e0:4e:ca:45:9b:e5:42:a9: 29:b0:19:b6:29:9d:a6:75:d9:dc:79:c5:d9:f3:0e: 41:25:f1:16:2e:5b:c7:9a:0c:5b:e5:13:ef:ca:92: f9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:7C:B0:8C:0A:DA:E1:4C:49:82:4A:25:7E:08:E2:B4:57:F3:98:EE X509v3 Authority Key Identifier: keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:c2:8b:5b:7b:70:c2:9d:ad:bd:b5:3f:09:3b:f6:50:d1:07: b9:1a:b9:cd:de:a5:8c:33:a2:5b:57:e4:0b:c0:63:72:8e:3b: c8:cc:2e:e8:e8:d3:5c:f1:fb:d7:98:9c:36:5b:e5:6e:73:c7: 1f:4e:a6:db:b3:8c:7c:46:9e:f5:c9:9f:0d:2f:d3:88:ce:3b: 38:82:24:08:d9:31:0f:30:c9:13:b5:3d:75:08:5d:72:b2:80: 65:57:e5:fb:90:64:92:f6:5a:95:f3:7c:7e:d4:d2:c2:9b:a7: 11:2a:69:af:d8:a5:d5:39:94:f6:21:48:8c:7e:b5:02:20:34: 09:6a:42:f0:00:c0:a7:9d:5a:ac:5c:02:d8:a6:6e:f9:ce:0c: a8:9c:06:55:e5:90:e5:91:a1:d8:b4:bd:22:e9:2f:29:cd:b8: 4e:cd:32:7d:3d:d0:56:6c:f4:82:87:63:f1:22:f9:61:d6:57: 4c:a5:77:c3:df:b4:49:f3:52:fe:5b:bd:78:0f:58:df:2a:c9: 45:ce:d6:f1:7a:48:f4:e6:bd:7b:c7:04:03:22:21:6c:a8:4c: 46:47:4e:6d:e5:c4:ab:b3:29:cd:09:c3:ac:a2:9b:e5:a9:72: 4f:79:fd:87:a3:72:96:ca:bb:ab:7c:04:9a:9f:f7:c1:fe:d7: d1:25:b0:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpeEMcjZq3Fwk5lO8pRvQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm NmU5MjIwHhcNMjUxMjIyMDYwMTIwWhcNMjUxMjIzMDYwMTIwWjAzMTEwLwYDVQQD EyhkZDdjYjA4YzBhZGFlMTRjNDk4MjRhMjU3ZTA4ZTJiNDU3ZjM5OGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16M14nFqADPxbBDhzr4GKn/P5qgu imbCHRYSGmi+y4gB7xi3SpRsjN6P7I/FgQ/0xC1yYSKHbMK4Mwjq+ZAwOuI3nVLz aAWUwO5MBkvvVb7061MY8pRperX3xUeUBBasx9mjnfVVnzPAIH3IOBI/Sca//tdr rkmjFFXoRVCr/Gs0GUcG4g4BaCCldb/rl8tlZUbM8hriPRxMJaYwSDLFoR1SxxYZ Nfees+O31QFw8y79KIphWQhFRdg0m4/VwqEZKslSqxNS0DAhL2QxYDxLpRAOpn5T 6mvu4E7KRZvlQqkpsBm2KZ2mddncecXZ8w5BJfEWLlvHmgxb5RPvypL5xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN18sIwK2uFMSYJKJX4I4rRX85juMB8GA1UdIwQY MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcKLW3tw wp2tvbU/CTv2UNEHuRq5zd6ljDOiW1fkC8Bjco47yMwu6OjTXPH715icNlvlbnPH H06m27OMfEae9cmfDS/TiM47OIIkCNkxDzDJE7U9dQhdcrKAZVfl+5BkkvZalfN8 ftTSwpunESppr9il1TmU9iFIjH61AiA0CWpC8ADAp51arFwC2KZu+c4MqJwGVeWQ 5ZGh2LS9IukvKc24Ts0yfT3QVmz0godj8SL5YdZXTKV3w9+0SfNS/lu9eA9Y3yrJ Rc7W8XpI9Oa9e8cEAyIhbKhMRkdObeXEq7MpzQnDrKKb5alyT3n9h6Nylsq7q3wE mp/3wf7X0SWwYw== -----END CERTIFICATE-----Generated at Mon Dec 22 11:30:17 2025 by rpki-client