This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json) Hash identifier: Oj0kopue5Zy7JREX/LybR4uEagIJB4/GUjBLvhfmDm4= Subject key identifier: 36:50:E4:17:6E:26:1C:62:8E:35:75:DE:CD:DF:5D:6F:D9:93:48:04 Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922 Certificate serial: 019B3CEC694BCB0A8BC4B29FE2C0F9D83D3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft Manifest number: 1334 Signing time: Sat 20 Dec 2025 18:01:24 +0000 Manifest this update: Sat 20 Dec 2025 18:01:24 +0000 Manifest next update: Sun 21 Dec 2025 18:01:24 +0000 Files and hashes: 1: EgrdXaLN-vc8C2zZS8RN3DywvDo.roa (hash: hzm54PDUPW3onP/qtSLZRsQOvKv3wuQ4riGx7IRQcQA=) 2: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: X71P5jVMHOaz1+hkG9Gn21jEiTdtCsnbCZUO2ZYAQwg=) 3: rAaiXMvO9i5snovqluPbyo_QCN0.roa (hash: pt3vDzVbNzSpy4PSZ8+XX3gpZBn6uEG/ZRILx9TbDQc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:69:4b:cb:0a:8b:c4:b2:9f:e2:c0:f9:d8:3d:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922 Validity Not Before: Dec 20 18:01:24 2025 GMT Not After : Dec 21 18:01:24 2025 GMT Subject: CN=3650e4176e261c628e3575decddf5d6fd9934804 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:cc:57:bd:77:cd:7f:cf:1c:4f:d2:b6:cb:9b: e8:cd:13:32:de:c3:62:4e:c9:90:18:75:55:05:4a: eb:6d:79:50:72:ab:bd:01:0b:64:97:09:96:f7:71: 0a:82:0b:17:75:d7:8a:19:86:91:04:ab:91:01:79: 65:26:ed:42:3d:cf:3b:5a:8f:a6:5d:e7:d2:2e:b0: dd:b6:e1:51:b8:77:75:0f:71:8e:f7:8c:c3:39:93: d6:6a:91:9b:8f:bf:43:f5:57:f1:e8:2b:b5:cb:a4: 99:92:59:99:e0:73:e0:27:4a:13:af:42:2d:c0:e8: ec:4c:81:e2:5e:8c:76:d7:7e:b6:11:8d:e6:90:01: b2:01:a6:e2:9f:81:3d:1b:da:ef:aa:84:12:3d:f3: 62:49:a8:87:51:f6:bf:cf:d9:cc:cb:a8:fe:77:d1: 27:7a:ee:dd:ed:d0:fc:5b:c9:79:3b:66:d2:0c:e3: 79:b9:81:3a:3d:fe:0d:91:44:f6:0d:8e:55:f2:3b: 7d:a4:a6:3d:77:57:db:06:26:80:d0:a1:de:3d:ed: 3e:d5:3d:14:26:f2:14:85:2c:b1:4f:dd:36:46:18: 31:f2:5e:66:86:34:9c:dd:f1:0c:f0:05:0a:0b:26: f7:df:f9:a3:59:d5:c9:31:59:08:a0:26:96:50:43: ce:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:50:E4:17:6E:26:1C:62:8E:35:75:DE:CD:DF:5D:6F:D9:93:48:04 X509v3 Authority Key Identifier: keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:52:c0:a6:93:75:c0:39:c6:62:08:21:d7:4d:f2:23:94:66: 4c:6b:d6:ad:6f:f4:45:23:52:f8:b9:09:53:0b:47:2c:7d:96: 55:88:91:b8:c9:a8:5e:dd:43:c8:ba:c9:78:e6:28:ed:cd:a9: 10:6d:99:cc:7e:f1:f3:e7:8e:6d:a3:ba:28:9c:16:a0:41:bd: 0c:65:55:74:5b:15:e5:c0:36:02:d5:31:3a:83:7f:f3:c5:5f: fd:cb:1b:4a:48:11:69:df:a3:e7:7d:90:eb:8b:ea:21:e4:7d: c2:4b:a5:f8:c1:c8:88:fd:5c:16:9f:32:81:f0:3c:0e:41:27: 6f:81:01:22:34:be:2b:d3:68:3f:d4:66:cb:ec:4b:4d:63:27: bf:39:31:62:62:4c:ec:e0:8e:fa:e5:c4:c4:4c:dd:14:0d:2a: ac:29:74:ad:6e:c8:17:e8:f8:9f:f0:d2:c8:31:e6:26:e5:66: 6d:58:15:e7:d6:9c:fa:91:d9:0c:a8:1c:00:3f:1b:91:d8:80: 15:5d:c3:fb:5f:d7:e6:d2:80:f2:5a:ef:c3:38:06:88:a1:27: 68:a3:49:b6:58:9e:e7:e2:9f:c6:f2:7c:45:ea:d6:1c:dc:ce: 4a:9c:54:73:c1:42:e7:e6:07:4d:42:ac:15:81:8c:96:6b:5c: d9:b9:1f:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87GlLywqLxLKf4sD52D08MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm NmU5MjIwHhcNMjUxMjIwMTgwMTI0WhcNMjUxMjIxMTgwMTI0WjAzMTEwLwYDVQQD EygzNjUwZTQxNzZlMjYxYzYyOGUzNTc1ZGVjZGRmNWQ2ZmQ5OTM0ODA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycxXvXfNf88cT9K2y5vozRMy3sNi TsmQGHVVBUrrbXlQcqu9AQtklwmW93EKggsXddeKGYaRBKuRAXllJu1CPc87Wo+m XefSLrDdtuFRuHd1D3GO94zDOZPWapGbj79D9Vfx6Cu1y6SZklmZ4HPgJ0oTr0It wOjsTIHiXox21362EY3mkAGyAabin4E9G9rvqoQSPfNiSaiHUfa/z9nMy6j+d9En eu7d7dD8W8l5O2bSDON5uYE6Pf4NkUT2DY5V8jt9pKY9d1fbBiaA0KHePe0+1T0U JvIUhSyxT902Rhgx8l5mhjSc3fEM8AUKCyb33/mjWdXJMVkIoCaWUEPOlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZQ5BduJhxijjV13s3fXW/Zk0gEMB8GA1UdIwQY MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARlLAppN1 wDnGYggh103yI5RmTGvWrW/0RSNS+LkJUwtHLH2WVYiRuMmoXt1DyLrJeOYo7c2p EG2ZzH7x8+eObaO6KJwWoEG9DGVVdFsV5cA2AtUxOoN/88Vf/csbSkgRad+j532Q 64vqIeR9wkul+MHIiP1cFp8ygfA8DkEnb4EBIjS+K9NoP9Rmy+xLTWMnvzkxYmJM 7OCO+uXExEzdFA0qrCl0rW7IF+j4n/DSyDHmJuVmbVgV59ac+pHZDKgcAD8bkdiA FV3D+1/X5tKA8lrvwzgGiKEnaKNJtlie5+KfxvJ8RerWHNzOSpxUc8FC5+YHTUKs FYGMlmtc2bkfRQ== -----END CERTIFICATE-----Generated at Sat Dec 20 21:17:26 2025 by rpki-client