This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft File: 7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json) Hash identifier: EsiHskSqsJTCcTvHtaToQCGLRcfjp+s5lhfGnevD75g= Subject key identifier: 9D:88:19:CF:EE:A2:56:35:83:74:91:CD:DE:A1:E9:26:BC:18:A0:4D Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20 Certificate issuer: /CN=ec70c5d867de200f01486b1a880a94b8495d7220 Certificate serial: 019B443834ED93CA8859C28B4937A4479080 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft Manifest number: 104E Signing time: Mon 22 Dec 2025 04:01:32 +0000 Manifest this update: Mon 22 Dec 2025 04:01:32 +0000 Manifest next update: Tue 23 Dec 2025 04:01:32 +0000 Files and hashes: 1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: 1WoQFCc5DTNhNR/xY6m2f/6l/Ql73vjV66SNMfbf4zM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:34:ed:93:ca:88:59:c2:8b:49:37:a4:47:90:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220 Validity Not Before: Dec 22 04:01:32 2025 GMT Not After : Dec 23 04:01:32 2025 GMT Subject: CN=9d8819cfeea25635837491cddea1e926bc18a04d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:43:f3:6e:40:7f:16:d6:15:e5:b0:3d:86:2d: ac:d6:d4:2f:a9:06:0c:63:2e:92:00:f3:66:2a:9c: 7f:02:9e:02:c8:3a:f8:c3:65:31:48:f9:ec:8e:57: 0a:87:60:1a:45:48:d4:e7:4a:09:06:39:a8:e4:31: fe:cf:f4:4b:ba:9f:c7:c0:45:3f:61:9e:3c:01:ed: 30:98:a7:63:bf:96:b0:6b:eb:80:37:f1:51:c3:3c: 7e:ee:e6:84:08:87:28:bc:c8:15:66:7e:3c:85:c9: 1c:73:33:f5:ca:e9:04:dc:fa:c3:e1:5e:64:f1:18: 11:5e:c6:2c:8f:a9:ed:bd:29:d7:c6:73:5c:94:db: ec:56:84:5c:98:ec:61:dd:49:0b:1a:00:59:b4:ef: 61:3c:9c:e4:77:76:a0:ca:d7:f1:e8:e9:0c:36:1e: 1e:ff:36:66:8c:01:d7:91:d8:82:66:f7:18:04:3f: 7c:51:3a:34:aa:df:eb:73:31:84:ca:50:09:4f:76: 5a:30:80:2e:4d:be:4e:41:68:9f:f7:ad:e4:ec:ec: bf:f5:6b:8f:96:e9:64:72:bb:83:cb:5d:b8:ac:c7: 5e:bf:16:99:dd:47:57:e1:7f:cc:9b:dd:ed:a7:22: e0:1e:3c:2d:9f:f9:92:35:85:4c:a2:ea:12:c8:da: e0:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:88:19:CF:EE:A2:56:35:83:74:91:CD:DE:A1:E9:26:BC:18:A0:4D X509v3 Authority Key Identifier: keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:b7:5c:04:3c:de:01:e8:8c:a8:5c:49:1d:3f:52:c1:1f:84: c5:0e:3c:7d:2e:22:8e:c4:66:d3:9c:b0:b7:22:8b:5e:2f:84: d9:ec:94:fe:76:e9:ff:c9:b1:74:ce:8a:f3:4c:b1:27:c9:0f: 4e:f9:69:e3:43:69:51:ed:a1:36:3a:0c:b0:21:f2:60:4f:d7: 8f:38:fa:bd:ca:5f:3b:4c:e5:20:e7:e9:14:6f:d1:61:26:36: 6f:e2:9b:77:ba:68:e3:18:d1:a7:e0:5d:ba:d1:9f:dd:b1:31: d8:11:ce:4d:bc:37:2f:b5:00:df:0d:be:e4:21:44:29:6e:9c: eb:f8:e2:12:c2:c0:38:5f:a7:7a:7c:0c:a9:f1:ff:1b:5f:c8: 0e:b5:4d:3a:fc:ca:7b:c3:e0:a8:ed:aa:1b:14:4c:b6:73:d2: 34:b4:35:9a:00:9b:d3:da:99:af:95:52:c9:80:6f:df:18:37: 78:a5:54:a5:c7:f3:66:b2:1c:46:8e:b0:f5:25:be:a6:c7:8b: 1f:ae:f8:fd:c1:a1:c5:50:32:16:2f:a1:ad:e7:9a:2b:34:ff: b2:e8:94:ba:6f:73:b5:8b:ad:f7:f2:6c:62:15:6f:ee:13:60: 90:b4:2b:a5:54:cc:7d:04:7a:d4:90:a1:ee:4a:8c:0a:62:5f: c0:58:9c:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEODTtk8qIWcKLSTekR5CAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1 ZDcyMjAwHhcNMjUxMjIyMDQwMTMyWhcNMjUxMjIzMDQwMTMyWjAzMTEwLwYDVQQD Eyg5ZDg4MTljZmVlYTI1NjM1ODM3NDkxY2RkZWExZTkyNmJjMThhMDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0PzbkB/FtYV5bA9hi2s1tQvqQYM Yy6SAPNmKpx/Ap4CyDr4w2UxSPnsjlcKh2AaRUjU50oJBjmo5DH+z/RLup/HwEU/ YZ48Ae0wmKdjv5awa+uAN/FRwzx+7uaECIcovMgVZn48hckcczP1yukE3PrD4V5k 8RgRXsYsj6ntvSnXxnNclNvsVoRcmOxh3UkLGgBZtO9hPJzkd3agytfx6OkMNh4e /zZmjAHXkdiCZvcYBD98UTo0qt/rczGEylAJT3ZaMIAuTb5OQWif963k7Oy/9WuP lulkcruDy124rMdevxaZ3UdX4X/Mm93tpyLgHjwtn/mSNYVMouoSyNrgOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ2IGc/uolY1g3SRzd6h6Sa8GKBNMB8GA1UdIwQY MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2 LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrdcBDze AeiMqFxJHT9SwR+ExQ48fS4ijsRm05ywtyKLXi+E2eyU/nbp/8mxdM6K80yxJ8kP Tvlp40NpUe2hNjoMsCHyYE/Xjzj6vcpfO0zlIOfpFG/RYSY2b+Kbd7po4xjRp+Bd utGf3bEx2BHOTbw3L7UA3w2+5CFEKW6c6/jiEsLAOF+nenwMqfH/G1/IDrVNOvzK e8PgqO2qGxRMtnPSNLQ1mgCb09qZr5VSyYBv3xg3eKVUpcfzZrIcRo6w9SW+pseL H674/cGhxVAyFi+hreeaKzT/suiUum9ztYut9/JsYhVv7hNgkLQrpVTMfQR61JCh 7kqMCmJfwFicGg== -----END CERTIFICATE-----Generated at Mon Dec 22 10:39:27 2025 by rpki-client