This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft File: hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json) Hash identifier: Cq/nxYhyYuTdArS7/R3HDXlHxfTEHAkdx+tb0lRSUFk= Subject key identifier: AA:47:CB:84:DA:ED:4A:03:B2:F5:96:92:3B:9E:DF:C3:43:01:48:33 Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8 Certificate issuer: /CN=8449c609325c3a6602047260c9d300135095b8b8 Certificate serial: 019B353216ED8C96CD3522037F0AACBD7844 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft Manifest number: 0755 Signing time: Fri 19 Dec 2025 06:00:33 +0000 Manifest this update: Fri 19 Dec 2025 06:00:33 +0000 Manifest next update: Sat 20 Dec 2025 06:00:33 +0000 Files and hashes: 1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: tBdntgX5MbQmksYZSmQ9LQjRUS2/VAwxZxkf/vQNIdA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:16:ed:8c:96:cd:35:22:03:7f:0a:ac:bd:78:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8 Validity Not Before: Dec 19 06:00:33 2025 GMT Not After : Dec 20 06:00:33 2025 GMT Subject: CN=aa47cb84daed4a03b2f596923b9edfc343014833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a7:3c:55:cf:aa:6c:da:dc:cf:55:aa:f5:30: 3d:4d:b4:76:13:d2:a3:f1:a7:04:4d:e1:3d:49:e4: 61:4d:d1:17:ad:21:42:ce:b2:45:f0:bd:eb:31:0f: ff:86:92:c0:00:c2:43:65:70:30:bf:00:c0:bf:b6: 8d:9b:19:00:65:b9:8e:76:c4:88:64:ac:e3:c0:7e: d9:57:c5:44:59:37:48:87:ad:ab:bb:d4:b0:17:cd: a1:ba:e6:23:d4:20:b2:01:78:0f:36:28:42:cd:f2: 93:42:9e:08:27:8e:5c:03:5b:0f:bb:21:40:8b:22: c9:30:e0:85:a5:a2:62:aa:af:36:04:94:fd:b6:b4: 1d:74:8f:8c:66:f7:b7:51:eb:e1:c4:a9:89:c4:27: 30:19:83:98:20:35:06:eb:db:d1:20:d5:a0:4c:5a: d4:29:97:bb:ba:b7:d6:63:5b:57:4d:f2:70:c7:b6: 8c:b0:c2:db:be:65:b3:60:d4:21:ed:fb:d9:c7:e3: 92:3e:de:ef:e3:e4:9f:4d:dc:e1:4a:fe:cf:2c:9f: ff:1b:01:a6:fa:08:7c:dd:b8:77:3e:5f:b7:40:53: 48:37:bc:61:d2:c9:60:cf:cb:c9:78:a9:b0:68:1c: 69:e8:bc:b6:b7:5e:3f:8d:95:2d:02:1a:86:23:e4: ee:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:47:CB:84:DA:ED:4A:03:B2:F5:96:92:3B:9E:DF:C3:43:01:48:33 X509v3 Authority Key Identifier: keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:4b:54:16:4b:fc:61:86:da:f2:ea:0c:62:4e:d8:b3:e1:86: 32:fa:b6:11:00:95:4f:e5:bc:65:17:50:b7:ee:56:e1:98:41: d6:82:8c:6c:21:76:b8:42:64:45:70:f7:66:8c:c8:17:e8:62: 98:14:27:19:4a:fd:0d:c0:7c:b7:55:76:af:47:05:f4:50:a9: bd:f0:cf:8a:a1:5c:a8:93:15:b1:c2:40:7a:a7:ee:6f:ad:ea: 8d:40:97:cc:32:f3:df:90:06:96:0f:af:38:e5:d1:3c:30:5a: 7b:47:1f:2c:02:92:ac:bc:53:f5:53:61:af:cd:b8:60:69:c1: 26:08:86:02:15:f0:2c:85:16:6e:15:dd:ed:3f:02:7c:39:99: 38:83:d0:07:14:1b:84:47:7a:05:22:58:77:02:00:d4:a1:10: a4:a4:f5:3b:19:78:bb:d4:e1:95:21:3f:3a:10:04:3b:70:96: 63:d5:d0:4b:4d:ca:26:7f:ba:b6:dd:ae:95:f8:bb:51:a4:2f: e5:89:fa:46:85:9e:e8:41:1e:4f:c3:97:a8:2f:e8:f4:5a:50: da:d6:e3:d1:38:8e:11:e9:29:02:32:b4:40:95:fc:16:8b:46: 56:c7:02:4a:0c:e7:25:dd:40:9c:5c:e0:75:d1:29:cd:47:ad: 0b:7a:82:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1MhbtjJbNNSIDfwqsvXhEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5 NWI4YjgwHhcNMjUxMjE5MDYwMDMzWhcNMjUxMjIwMDYwMDMzWjAzMTEwLwYDVQQD EyhhYTQ3Y2I4NGRhZWQ0YTAzYjJmNTk2OTIzYjllZGZjMzQzMDE0ODMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKc8Vc+qbNrcz1Wq9TA9TbR2E9Kj 8acETeE9SeRhTdEXrSFCzrJF8L3rMQ//hpLAAMJDZXAwvwDAv7aNmxkAZbmOdsSI ZKzjwH7ZV8VEWTdIh62ru9SwF82huuYj1CCyAXgPNihCzfKTQp4IJ45cA1sPuyFA iyLJMOCFpaJiqq82BJT9trQddI+MZve3UevhxKmJxCcwGYOYIDUG69vRINWgTFrU KZe7urfWY1tXTfJwx7aMsMLbvmWzYNQh7fvZx+OSPt7v4+SfTdzhSv7PLJ//GwGm +gh83bh3Pl+3QFNIN7xh0slgz8vJeKmwaBxp6Ly2t14/jZUtAhqGI+TuJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKpHy4Ta7UoDsvWWkjue38NDAUgzMB8GA1UdIwQY MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4 LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE0tUFkv8 YYba8uoMYk7Ys+GGMvq2EQCVT+W8ZRdQt+5W4ZhB1oKMbCF2uEJkRXD3ZozIF+hi mBQnGUr9DcB8t1V2r0cF9FCpvfDPiqFcqJMVscJAeqfub63qjUCXzDLz35AGlg+v OOXRPDBae0cfLAKSrLxT9VNhr824YGnBJgiGAhXwLIUWbhXd7T8CfDmZOIPQBxQb hEd6BSJYdwIA1KEQpKT1Oxl4u9ThlSE/OhAEO3CWY9XQS03KJn+6tt2ulfi7UaQv 5Yn6RoWe6EEeT8OXqC/o9FpQ2tbj0TiOEekpAjK0QJX8FotGVscCSgznJd1AnFzg ddEpzUetC3qCFQ== -----END CERTIFICATE-----Generated at Fri Dec 19 08:22:24 2025 by rpki-client