This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft File: h30YEASPQ3IFBuTBgg9v4I_3ym4.mft (raw, json) Hash identifier: qX9oYsRTDQ1KbcO/rvTYkjxc1wQxz6Wd/NJOoCQjeR0= Subject key identifier: 1F:C6:EF:60:EB:A3:9F:81:71:09:90:8E:D4:A4:51:46:91:42:E9:6E Authority key identifier: 87:7D:18:10:04:8F:43:72:05:06:E4:C1:82:0F:6F:E0:8F:F7:CA:6E Certificate issuer: /CN=877d1810048f43720506e4c1820f6fe08ff7ca6e Certificate serial: 019B462761CEE64A827950D1D5C0AAEA98E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft Manifest number: 0D27 Signing time: Mon 22 Dec 2025 13:02:24 +0000 Manifest this update: Mon 22 Dec 2025 13:02:24 +0000 Manifest next update: Tue 23 Dec 2025 13:02:24 +0000 Files and hashes: 1: BUF7f1UtiJtn_Bvl19qd2EwX0QQ.roa (hash: aqc2Xj2T1ZitA4dQvOlzNWa0gg3kBqNbkLQxtT41W0I=) 2: h30YEASPQ3IFBuTBgg9v4I_3ym4.crl (hash: Dt6QbcPsgkUin6T6DcR3TgKEa2g4rW0nzyFNqv/bk44=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.crl rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:27:61:ce:e6:4a:82:79:50:d1:d5:c0:aa:ea:98:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=877d1810048f43720506e4c1820f6fe08ff7ca6e Validity Not Before: Dec 22 13:02:24 2025 GMT Not After : Dec 23 13:02:24 2025 GMT Subject: CN=1fc6ef60eba39f817109908ed4a451469142e96e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:31:97:19:fe:f3:64:48:7e:80:63:d2:3a:24: c0:b6:97:de:ed:68:78:79:09:e6:06:ad:69:09:9a: 66:5e:91:26:e4:8d:92:fa:72:86:44:9a:82:19:29: fa:1f:3b:0c:1e:91:ee:dd:8d:84:de:8b:29:1a:e0: e2:63:2d:8d:68:b1:b0:50:5d:39:53:c3:04:27:42: 9d:6a:17:36:d5:59:61:2f:cc:6a:bb:8d:2e:d8:8c: 94:a7:0a:46:ef:99:b8:5c:16:36:cb:4a:01:85:90: 9f:de:ed:df:98:f1:af:34:3c:86:51:28:ab:0c:73: c6:df:4d:cf:07:24:ac:5a:1b:d5:9f:da:60:78:3a: 0d:db:3d:fe:c7:61:6b:7d:42:f6:20:92:7b:1d:9f: 55:45:49:45:1f:a3:92:ec:36:5f:8e:2a:0a:9a:32: ae:ad:3b:01:50:b7:0c:52:06:b5:7b:e0:f1:6d:64: ca:db:6c:5e:b2:2d:1f:0d:5e:37:8c:c8:53:b8:64: 4d:d2:1c:bb:86:69:52:8f:64:83:12:fc:48:6b:e8: 24:a2:16:27:0a:5c:bf:1d:0b:90:e6:e6:51:4e:ac: a4:d0:8c:81:ef:62:c4:d0:71:44:21:7c:e2:6d:d8: 4e:0f:4d:71:e2:b1:6f:04:5a:b3:ef:65:95:86:88: ac:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:C6:EF:60:EB:A3:9F:81:71:09:90:8E:D4:A4:51:46:91:42:E9:6E X509v3 Authority Key Identifier: keyid:87:7D:18:10:04:8F:43:72:05:06:E4:C1:82:0F:6F:E0:8F:F7:CA:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h30YEASPQ3IFBuTBgg9v4I_3ym4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d3377a-8d38-4235-aa73-7e89b720190d/1/h30YEASPQ3IFBuTBgg9v4I_3ym4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:0d:3f:43:c5:b4:be:b7:30:1a:ed:33:64:85:68:3a:73:b1: e5:a7:66:89:67:9f:b8:d8:5d:69:4b:a4:36:23:2f:2b:4a:47: ee:fa:4c:33:62:e7:73:ad:f2:4c:36:a0:16:45:2e:c7:f4:0c: b5:9d:bd:4c:ca:31:b1:c0:c8:2f:76:1c:7a:45:a8:3c:73:1a: 0b:e1:b2:e0:30:70:91:ea:c2:32:e0:8e:59:8a:17:03:17:fe: a1:87:dd:bd:0e:59:56:c5:31:c3:e0:18:b3:42:37:f2:10:2b: 5b:06:5f:28:9b:a6:57:df:62:27:86:c9:94:c4:02:7c:6c:9f: 27:e1:1e:50:71:97:1a:07:2a:ad:ed:e5:e8:13:6d:61:b3:3e: 79:44:0e:88:bb:e9:94:f0:d9:df:ef:67:89:90:f4:6f:8f:1e: 0a:cf:46:29:d7:06:b6:04:94:03:8c:45:b2:cf:3d:19:0f:da: 1f:ea:3d:61:87:0c:2a:8e:83:9d:26:66:3a:1a:7d:c0:4e:e5: 27:9e:20:00:40:66:f5:9b:46:b2:fa:9f:83:df:7c:fe:56:06: 3e:c1:c7:60:29:c5:ac:20:b3:aa:ab:38:bc:ae:20:83:0d:f8: 58:8b:c9:cb:26:aa:8d:22:26:7b:ff:30:3e:21:f2:ec:c8:e8: d0:40:dd:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJ2HO5kqCeVDR1cCq6pjhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3N2QxODEwMDQ4ZjQzNzIwNTA2ZTRjMTgyMGY2ZmUwOGZm N2NhNmUwHhcNMjUxMjIyMTMwMjI0WhcNMjUxMjIzMTMwMjI0WjAzMTEwLwYDVQQD EygxZmM2ZWY2MGViYTM5ZjgxNzEwOTkwOGVkNGE0NTE0NjkxNDJlOTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDGXGf7zZEh+gGPSOiTAtpfe7Wh4 eQnmBq1pCZpmXpEm5I2S+nKGRJqCGSn6HzsMHpHu3Y2E3ospGuDiYy2NaLGwUF05 U8MEJ0Kdahc21VlhL8xqu40u2IyUpwpG75m4XBY2y0oBhZCf3u3fmPGvNDyGUSir DHPG303PBySsWhvVn9pgeDoN2z3+x2FrfUL2IJJ7HZ9VRUlFH6OS7DZfjioKmjKu rTsBULcMUga1e+DxbWTK22xesi0fDV43jMhTuGRN0hy7hmlSj2SDEvxIa+gkohYn Cly/HQuQ5uZRTqyk0IyB72LE0HFEIXzibdhOD01x4rFvBFqz72WVhoismwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB/G72Dro5+BcQmQjtSkUUaRQuluMB8GA1UdIwQY MBaAFId9GBAEj0NyBQbkwYIPb+CP98puMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kMzM3N2EtOGQzOC00MjM1LWFhNzMt N2U4OWI3MjAxOTBkLzEvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9kMzM3N2EtOGQzOC00MjM1LWFhNzMtN2U4OWI3MjAxOTBk LzEvaDMwWUVBU1BRM0lGQnVUQmdnOXY0SV8zeW00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnA0/Q8W0 vrcwGu0zZIVoOnOx5admiWefuNhdaUukNiMvK0pH7vpMM2Lnc63yTDagFkUux/QM tZ29TMoxscDIL3YcekWoPHMaC+Gy4DBwkerCMuCOWYoXAxf+oYfdvQ5ZVsUxw+AY s0I38hArWwZfKJumV99iJ4bJlMQCfGyfJ+EeUHGXGgcqre3l6BNtYbM+eUQOiLvp lPDZ3+9niZD0b48eCs9GKdcGtgSUA4xFss89GQ/aH+o9YYcMKo6DnSZmOhp9wE7l J54gAEBm9ZtGsvqfg998/lYGPsHHYCnFrCCzqqs4vK4ggw34WIvJyyaqjSIme/8w PiHy7Mjo0EDdlA== -----END CERTIFICATE-----Generated at Mon Dec 22 15:39:39 2025 by rpki-client