This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json) Hash identifier: wizOD9JpqYYFb39uW+VjvToMYcZv92DgOGmcZtcZDY0= Subject key identifier: 3A:AB:EF:D5:0C:90:21:10:07:38:85:00:D2:31:17:2F:7A:94:55:4B Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00 Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00 Certificate serial: 019B96D455F7354D355142C4506FE8C912ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft Manifest number: 1252 Signing time: Wed 07 Jan 2026 05:00:56 +0000 Manifest this update: Wed 07 Jan 2026 05:00:56 +0000 Manifest next update: Thu 08 Jan 2026 05:00:56 +0000 Files and hashes: 1: MRe9Jn2vQUNBgH-RANmr0FhgGxI.roa (hash: rNl8kN+vuqRjmFOphk7qL6AzwoKLgjg4geeKr4yHMYs=) 2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: eOhERzYw32GrRPnYguNiBKX0hAzIKxJsLCcDsY1cOZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 05:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:96:d4:55:f7:35:4d:35:51:42:c4:50:6f:e8:c9:12:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00 Validity Not Before: Jan 7 05:00:56 2026 GMT Not After : Jan 8 05:00:56 2026 GMT Subject: CN=3aabefd50c90211007388500d231172f7a94554b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f3:28:c2:72:e0:ce:1b:e6:24:f9:1b:93:ce: ea:35:1f:94:74:90:02:c6:a9:76:a2:dc:48:8f:05: 22:46:09:e3:dc:7c:13:a0:72:f9:d0:09:67:52:07: a6:33:4d:04:8e:be:02:f7:8f:67:0f:bd:87:21:8b: 92:94:ce:ec:a9:20:62:3c:0c:1e:2d:78:08:2b:ab: 82:68:c7:f0:cb:52:ff:90:1a:aa:f3:c3:b1:21:a0: e5:1e:79:85:1b:20:2e:a2:89:ea:7b:70:c2:d5:05: 9f:d4:27:85:64:4d:6d:9c:07:a3:f4:a6:f9:69:80: 2b:1a:9e:96:25:06:16:2b:bf:fa:ae:48:c0:9c:6f: b0:55:22:4a:4f:8d:08:c7:bf:b9:18:2e:f5:c5:94: 21:cf:1d:e6:30:3e:5a:79:a8:06:f9:a2:47:7f:62: 33:5f:20:e0:21:c0:a0:bb:b1:85:c2:a5:89:07:56: b1:f5:bc:03:08:e1:b0:bc:3a:b5:94:9b:ef:ee:26: 81:17:9b:ec:9c:07:82:6c:a2:e3:96:22:36:4b:d6: 88:57:5d:ed:3e:ef:ea:e3:9f:05:7e:c4:2a:5b:bd: fd:00:3a:5b:ea:17:c2:48:b3:24:07:d6:4f:9e:88: c2:71:96:64:8d:9b:23:eb:7d:18:81:2a:e0:1b:f5: 8f:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:AB:EF:D5:0C:90:21:10:07:38:85:00:D2:31:17:2F:7A:94:55:4B X509v3 Authority Key Identifier: keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:6f:08:dd:4f:45:c9:4d:68:7b:3d:5c:f2:c6:fc:dd:71:5a: 79:33:3c:ea:d4:5b:b4:a5:02:1e:d2:67:a8:db:c0:4b:0b:ac: bd:eb:68:0d:af:64:3b:49:50:97:66:d7:c5:5a:dd:71:11:60: 0a:43:6a:44:5d:05:8e:b9:07:79:17:f1:00:8d:42:69:07:68: dd:fb:8c:48:d7:e8:d3:4a:d7:51:6e:ef:a4:c5:2f:9e:aa:b7: 42:ac:fd:bf:63:51:48:51:34:14:0a:44:47:cd:a6:7d:ab:ac: d7:b7:76:5b:5e:ff:42:f5:e8:4f:f4:97:81:bc:d6:a6:07:e1: 4c:99:14:d5:5d:fa:40:5c:15:ae:12:73:95:97:49:42:6d:eb: b1:ed:f3:72:a6:4f:76:d2:60:00:7b:83:43:31:b0:22:9f:09: a2:8f:1e:b3:16:de:17:19:fe:36:5f:cb:b8:a7:6a:d7:62:51: 06:73:4b:83:b5:d8:f2:cb:58:1d:1d:93:27:4e:c1:d4:ac:9d: 8d:90:60:a8:e3:0c:ee:54:4c:3c:16:be:8e:91:9c:01:f3:c0: 6a:55:44:25:f0:bd:2c:9a:0d:d2:aa:e9:d7:24:80:0c:cc:7e: 66:b4:e6:78:a2:3f:ec:02:bb:67:0c:56:f1:72:bd:ad:65:95: 04:7f:27:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuW1FX3NU01UULEUG/oyRLtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw M2FkMDAwHhcNMjYwMTA3MDUwMDU2WhcNMjYwMTA4MDUwMDU2WjAzMTEwLwYDVQQD EygzYWFiZWZkNTBjOTAyMTEwMDczODg1MDBkMjMxMTcyZjdhOTQ1NTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvMownLgzhvmJPkbk87qNR+UdJAC xql2otxIjwUiRgnj3HwToHL50AlnUgemM00Ejr4C949nD72HIYuSlM7sqSBiPAwe LXgIK6uCaMfwy1L/kBqq88OxIaDlHnmFGyAuoonqe3DC1QWf1CeFZE1tnAej9Kb5 aYArGp6WJQYWK7/6rkjAnG+wVSJKT40Ix7+5GC71xZQhzx3mMD5aeagG+aJHf2Iz XyDgIcCgu7GFwqWJB1ax9bwDCOGwvDq1lJvv7iaBF5vsnAeCbKLjliI2S9aIV13t Pu/q458FfsQqW739ADpb6hfCSLMkB9ZPnojCcZZkjZsj630YgSrgG/WPjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqr79UMkCEQBziFANIxFy96lFVLMB8GA1UdIwQY MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABW8I3U9F yU1oez1c8sb83XFaeTM86tRbtKUCHtJnqNvASwusvetoDa9kO0lQl2bXxVrdcRFg CkNqRF0FjrkHeRfxAI1CaQdo3fuMSNfo00rXUW7vpMUvnqq3Qqz9v2NRSFE0FApE R82mfaus17d2W17/QvXoT/SXgbzWpgfhTJkU1V36QFwVrhJzlZdJQm3rse3zcqZP dtJgAHuDQzGwIp8Joo8esxbeFxn+Nl/LuKdq12JRBnNLg7XY8stYHR2TJ07B1Kyd jZBgqOMM7lRMPBa+jpGcAfPAalVEJfC9LJoN0qrp1ySADMx+ZrTmeKI/7AK7ZwxW 8XK9rWWVBH8nsQ== -----END CERTIFICATE-----Generated at Wed Jan 7 10:24:53 2026 by rpki-client